CVE CyberSecurity Database News - Latest cybersecurity news and CVE details

Red Hat Single Sign-On 7.6 for RHEL 9

Dec 21, 2023 Exploit OAuth Red Hat Red Hat Single Sign-On 7.6 for RHEL 9

CVE-2023-2585: A Deep Dive into Keycloak's Device Authorization Grant Vulnerability and How to Exploit It

CVE-2023-2585 is a significant security vulnerability recently discovered in Keycloak, a widely-used open-source identity and access management (IAM) solution. Keycloak's device authorization grant

CVE-2023-3223 – OutOfMemoryError Vulnerability in Undertow Servlets with @MultipartConfig Annotation, Allowing Remote DoS Attack

Sep 27, 2023 Exploit Java Red Hat Red Hat Single Sign-On 7.6 for RHEL 9

CVE-2023-3223 – OutOfMemoryError Vulnerability in Undertow Servlets with @MultipartConfig Annotation, Allowing Remote DoS Attack

A new vulnerability (CVE-2023-3223) has been discovered in Undertow, the lightweight Java-based web server and servlet container. Specifically, this flaw affects servlets annotated with @MultipartConfig,