Astra Linux - уязвимость в wireshark

NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service...

CVE-2019-7928

A denial-of-service DoS vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. By abusing insufficient brute-forcing defenses in the token exchange protocol, an unauthenticated attacker could disrupt transactions between the Magento merchant a...

SUSE CVE-2025-32900

In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5...

CVE-2025-32900

In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5...

UBUNTU-CVE-2025-32900

In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5...

KDE Connect 安全漏洞

KDE Connect is a software from the KDE community that connects cell phones and computers. A security vulnerability exists in versions of KDE Connect prior to 2025-04-18, which stems from the use of broadcast UDP for the message exchange protocol and could lead to temporary tampering of device...

CVE-2025-32900

CVE-2025-32900 concerns the KDE Connect information-exchange protocol, where spoofable broadcast UDP traffic can temporarily alter the displayed device information. The issue affects multiple platforms prior to fixed versions: KDE Connect on Android < 1.33.0, KDE Connect on desktop < 25.04,...

EUVD-2020-24499

Malware in sbrugna...

EUVD-2022-4207

Malicious code in bioql PyPI...

Key Exchange Protocol Based on Circulant Matrix Action over Congruence-Simple Semiring

We present a new key exchange protocol based on circulant matrices acting on matrices over a congruence-simple semiring. We describe how to compute matrices with the necessary properties for the implementation of the protocol. Additionally, we provide an analysis of its computational cost and its...

FIDO Alliance Drafts New Protocol to Simplify Passkey Transfers Across Different Platforms

The FIDO Alliance said it's working to make passkeys and other credentials more easier to export across different providers and improve credential provider interoperability, as more than 12 billion online accounts become accessible with the passwordless sign-in method. To that end, the alliance...

Borrower cannot stop loss when fungibility breaks

Lines of code Vulnerability details Impact When the borrower cannot repay with NFT he will be forced to forsake his entire credit. This situation can be deliberately instigated by the lender. Proof of Concept A borrower can only leave his position by returning an NFT buyNftFromMarket or...

SUSE CVE-2016-2370

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an out-of-bounds read. A malicious server or man-in-the-middle attacker can send invalid data to trigger this vulnerability...

CVE-2023-22404

An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon iked of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to cause a Denial of Service DoS. iked will crash and restart, and the tunnel will not come up when a...

Cross site scripting

An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon iked of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to cause a Denial of Service DoS. iked will crash and restart, and the tunnel will not come up when a...

Juniper Networks Junos OS 缓冲区错误漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS that originates from an out-of-bounds write...

Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability

...

Adversaries strike critical Windows IKE flaw in the “Bleed You” campaign

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary An active "Bleed You" campaign is leveraging a critical RCE CVE-2022-34721 vulnerability in Windows Internet Key Exchange IKE Protocol Extensions to assist subsequent malware and ransomware assaults and...

GHSA-HRG3-4Q56-P2Q5 Magento 2 Community Edition DoS vulnerability

A denial-of-service DoS vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. By abusing insufficient brute-forcing defenses in the token exchange protocol, an unauthenticated attacker could disrupt transactions between the Magento merchant a...

The vulnerability of the php_wddx_pop_element function in the PHP programming language allows a hacker to trigger a service failure.

The vulnerability of the phpwddxpopelement function ext/wddx/wddx.c in the PHP programming language is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...