An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking (CSWSH) vulnerability that allows attackers to make WebSocket connections to a server by using a victim’s credentials, because the Origin header is not restricted.
View Full Alert
The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS. View Full Alert
KeyIdentity LinOTP before 126.96.36.199 has Incorrect Access Control (issue 1 of 2). View Full Alert