http – Seite 2 – Wolfinisoftware.de

security

Tracing HTTP Requests with Go’s net/HTTP/httptrace

28.05.2026

Comments

security

IBM-Software wie HTTP Server ist für DoS- und Schadcode-Attacken anfälligAlertheise Security

28.05.2026

IBM-Software wie HTTP Server ist für DoS- und Schadcode-Attacken anfälligAlertheise Security Quelle: Heise Security Ticker

Mehr lesen →

security

Slumber a TUI HTTP Client

22.05.2026

Comments

Mehr lesen →

security

SANS Stormcast Friday, May 22nd, 2026: Selective HTTP Proxying; More GitHub Repo Trouble; MSFT Defender Patches;

22.05.2026

Selective HTTP Proxying in Linux https://isc.sans.edu/diary/Selective%20HTTP%20Proxying%20in%20Linux/33002 Megalodon: Mass GitHub Repo Backdooring via CI Workflows https://safedep.io/megalodon-mass-github-repo-backdooring-ci-workflows/ MSFT Patches Recent Windows Defender Flaws CVE-2026-41091, CVE-2026-45498, CVE-2026-45584 https://x.com/fabian_bader/status/2057198207243804881 Cisco Secure Workload Unauthorized API Access Vulnerability CVE-2026-20223 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy

Mehr lesen →

pinball

Selective HTTP Proxying in Linux, (Thu, May 21st)

21.05.2026

Recently, Rob wrote about a tool, Proxifier, that can intercept requests from specific processes. Proxifier is available for Windows, macOS, and Android. But I have not seen a generic Linux option yet. The advantage of a tool like Proxifier is the ability to target specific software. For debugging, reverse engineering, and similar tasks, selecting a […]

Mehr lesen →

security

Using HTTP/2 Cleartext for a server in Go 1.24

19.05.2026

Comments

Mehr lesen →

security

Apache HTTP Server: Hochriskante Lücken ermöglichen Einschleusen von SchadcodeAlertheise Security

06.05.2026

Apache HTTP Server: Hochriskante Lücken ermöglichen Einschleusen von SchadcodeAlertheise Security Quelle: Heise Security Ticker

Mehr lesen →

soc

CVE-2026-23918: Apache HTTP Server HTTP/2 Double Free With Possible RCE

06.05.2026

CVE-2026-23918: Apache HTTP Server HTTP/2 Double Free With Possible RCE CVE-2026-23918 is a vulnerability in Apache HTTP Server (httpd) that affects its HTTP/2 implementation and can lead to a double free during an HTTP/2 stream “early reset” condition. Apache describes the impact as “Double Free and possible RCE,” meaning the worst case is remote code […]

Mehr lesen →

soc

CVE-2026-23918: Critical Apache HTTP/2 Flaw Can Trigger DoS and Possible RCE

06.05.2026

Apache has patched CVE-2026-23918, a critical flaw in Apache HTTP Server’s HTTP/2 handling that Apache describes as a “double free and possible RCE.” The issue affects Apache HTTP Server 2.4.66 and was fixed in 2.4.67, released on May 4, 2026. The CVE-2026-23918 vulnerability matters because it can be abused remotely and without authentication. Public reporting […]

Mehr lesen →

security

SANS Stormcast Wednesday, April 29th, 2026: Odd Vercel Header Usage; GitHub Vuln Patches; MSFT RDP Notification Bug

29.04.2026

HTTP Requests with X-Vercel-Set-Bypass-Cookie Header https://isc.sans.edu/diary/HTTP%20Requests%20with%20X-Vercel-Set-Bypass-Cookie%20Header/32930 GitHub Vulnerability CVE-2026-3854 https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854 Microsoft RDP Notification Bug https://support.microsoft.com/en-us/topic/april-14-2026-kb5083768-os-build-28000-1836-839e4a25-d979-4158-b70c-182333045883

Mehr lesen →

Tag: http