Search found 53 matches
- Thu Jun 04, 2026 7:22 pm
- Forum: Apache
- Topic: Apache 2.4.67 Released 2026-05-04
- Replies: 2
- Views: 107
Re: Apache 2.4.67 Released 2026-05-04
What OS are you running?
- Wed Jun 03, 2026 10:32 pm
- Forum: FOSSBilling
- Topic: CVE-2026-43924 - FOSSBilling has an open redirect via administrator-configured redirect targets
- Replies: 0
- Views: 5
CVE-2026-43924 - FOSSBilling has an open redirect via administrator-configured redirect targets
CVE ID: CVE-2026-43924
Published: June 3, 2026
Description: FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the Redirect module does not validate the URL scheme of administrator-configured destination URLs before storing or issuing redirects. This ...
Published: June 3, 2026
Description: FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the Redirect module does not validate the URL scheme of administrator-configured destination URLs before storing or issuing redirects. This ...
- Wed Jun 03, 2026 10:31 pm
- Forum: FOSSBilling
- Topic: CVE-2026-40495 - FOSSBilling version exposed via asset cache buster
- Replies: 0
- Views: 3
CVE-2026-40495 - FOSSBilling version exposed via asset cache buster
CVE ID: CVE-2026-40495
Published: June 3, 2026
Description: FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 leak the exact system version through asset cache buster parameters in HTML output, bypassing the `hide_version_public` security setting ...
Published: June 3, 2026
Description: FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 leak the exact system version through asset cache buster parameters in HTML output, bypassing the `hide_version_public` security setting ...
- Wed Jun 03, 2026 2:30 pm
- Forum: CVE Advisories
- Topic: HTTP/2 Bomb — Remote DoS Exploit Hits nginx, Apache, IIS, Envoy, and Cloudflare Pingora
- Replies: 0
- Views: 14
HTTP/2 Bomb — Remote DoS Exploit Hits nginx, Apache, IIS, Envoy, and Cloudflare Pingora
A newly disclosed remote denial-of-service exploit dubbed “HTTP/2 Bomb” targets the default HTTP/2 configurations of the world’s most widely deployed web servers, nginx, Apache httpd, Microsoft IIS, Envoy, and Cloudflare Pingora, enabling a single attacker on a home internet connection to exhaust ...
- Tue Jun 02, 2026 11:08 pm
- Forum: OWASP CRS Ruleset
- Topic: FYI - OWASP CRS 4.27.0 Released
- Replies: 0
- Views: 17
FYI - OWASP CRS 4.27.0 Released
Just a quick FYI
OWASP CRS 4.27.0 was released on 2026-06-01
OWASP CRS 4.27.0 was released on 2026-06-01
- Mon Jun 01, 2026 2:58 pm
- Forum: CVE Advisories
- Topic: CVE-2026-44962 Plesk XPath Injection Vulnerability
- Replies: 0
- Views: 16
CVE-2026-44962 Plesk XPath Injection Vulnerability
Plesk contains an XPath injection vulnerability in the APS Application Catalog search functionality, where user-supplied input is interpolated into XPath queries without proper sanitization. This allows an authenticated, low-privileged user to execute arbitrary operating system commands on the ...
- Sat May 30, 2026 7:50 am
- Forum: Blesta
- Topic: Blesta 6.0 Beta Released
- Replies: 0
- Views: 28
Blesta 6.0 Beta Released
With much anticipation, Blesta 6.0.0 BETA 1 has been released!
https://www.blesta.com/2026/05/21/blest ... -released/
https://www.blesta.com/2026/05/21/blest ... -released/
- Sat May 30, 2026 7:47 am
- Forum: CVE Advisories
- Topic: CVE-2026-48840 - Exim Uninitialized Stack Memory Disclosure Vulnerability
- Replies: 0
- Views: 21
CVE-2026-48840 - Exim Uninitialized Stack Memory Disclosure Vulnerability
CVE ID: CVE-2026-48840
Published: May 30, 2026
Description: Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS ...
Published: May 30, 2026
Description: Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS ...
- Fri May 29, 2026 5:16 pm
- Forum: CVE Advisories
- Topic: CVE-2026-48770, CVE-2026-48778, CVE-2026-48800 - Notepad++ Vulnerabilities
- Replies: 1
- Views: 28
Re: CVE-2026-48770, CVE-2026-48778, CVE-2026-48800 - Notepad++ Vulnerabilities
Ref. : Notepad++ Patches High-Severity RCE Flaws in Version 8.9.6.1
The developers behind Notepad++ have released version 8.9.6.1 to address multiple security vulnerabilities, including critical flaws that could expose users to remote code execution (RCE) attacks under certain conditions. The ...
The developers behind Notepad++ have released version 8.9.6.1 to address multiple security vulnerabilities, including critical flaws that could expose users to remote code execution (RCE) attacks under certain conditions. The ...
- Fri May 29, 2026 5:14 pm
- Forum: CVE Advisories
- Topic: Google Patches 151 Vulnerabilities in Chrome, Including 22 Critical Ones
- Replies: 0
- Views: 16
Google Patches 151 Vulnerabilities in Chrome, Including 22 Critical Ones
Current version (as of 2026-05-29) of Chrome on Windows is: Version 148.0.7778.217 (Official Build) (64-bit)
Some of the CVE's are:
CVE-2026-9893 CVE-2026-9892 CVE-2026-9891 CVE-2026-9890 CVE-2026-9889 CVE-2026-9888 CVE-2026-9887 CVE-2026-9886 CVE-2026-9885 CVE-2026-9884 CVE-2026-9883 CVE-2026 ...
Some of the CVE's are:
CVE-2026-9893 CVE-2026-9892 CVE-2026-9891 CVE-2026-9890 CVE-2026-9889 CVE-2026-9888 CVE-2026-9887 CVE-2026-9886 CVE-2026-9885 CVE-2026-9884 CVE-2026-9883 CVE-2026 ...