CVE-2024-23105

A Use Of Less Trusted Source CWE-348 vulnerability in Fortinet FortiPortal version 7.0.0 through 7.0.6 and version 7.2.0 through 7.2.1 allows an unauthenticated attack to bypass IP protection through crafted HTTP or HTTPS packets...

Chrome starts the countdown to the end of tracking cookies

Google has announced that it will start rolling its Chrome web browsers new Tracking Protection feature from January of 2024. Tracking Protection is part of Google’s Privacy Sandbox initiative to phase out third-party cookies. The Tracking Protection feature aims to disable third-party cookies...

Google Chrome to Mask User IP Addresses to Protect Privacy

By Waqas The feature is called IP Protection, and it's important to note that it is not a VPN. A VPN encrypts all of a user's traffic, while IP Protection only masks their IP address. This is a post from HackRead.com Read the original post: Google Chrome to Mask User IP Addresses to Protect Priva...

Google Chrome wants to hide your IP address

Google is working out some kinks in the project formerly known as Gnatcatcher, which will now be known under the more descriptive name “IP Protection.” Which means that Chrome is reintroducing a proposal to hide users IP addresses, to make cross-site tracking more difficult. An Internet Protocol ...

The vulnerability of the iControl REST API for BIG-IP application protection interfaces allows a attacker to execute arbitrary commands, disable arbitrary services, and create or delete arbitrary files.

The vulnerability of the iControl REST API for BIG-IP application protection interfaces is related to incorrect session duration settings. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely, disable arbitrary services, and create or delete arbitrary file...

The vulnerability of the iControl REST API for BIG-IP application protection interfaces allows a attacker to execute arbitrary commands, modify or delete files.

The vulnerability of the iControl REST API for BIG-IP application protection interfaces is related to the lack of authentication checks for a critical function. Exploiting this vulnerability allows an attacker to execute arbitrary commands, modify or delete files remotely...

Code42 Incydr Series: Protect IP with Code42 Incydr

Stealing a jumbo-jet airplane sounds like a ridiculous movie, but it’s actually just one example of IP theft. It’s happening to tech giants like Twitter and Google, and consumer brands like Hershey. But it’s also happening to organizations built around security — like McAfee and even the CIA. In...

Improper access control

On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls FAC a software IP protection method for execute-only access can be defeated by leveraging a load instruction inside the execute-only region to expose the protected code into a CPU register...

Code injection

On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated with a debug probe via the Instruction Tightly Coupled Memory ITCM bus...

CVE-2019-14239

On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls FAC a software IP protection method for execute-only access can be defeated by leveraging a load instruction inside the execute-only region to expose the protected code into a CPU register...

CVE-2019-14238

On STMicroelectronics STM32F7 devices, the Proprietary Code Read Out Protection (PCROP) can be defeated by a debug probe through the ITCM bus, exposing the software IP protection mechanism. Affected component: PCROP in STM32F7. Root cause: PCROP can be bypassed via a debug interface to the ITCM p...

CVE-2019-14237

On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls FAC a software IP protection method for execute-only access can be defeated by observing CPU registers and the effect of code/instruction execution...

Design/Logic Flaw

On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls FAC a software IP protection method for execute-only access can be defeated by observing CPU registers and the effect of code/instruction execution...

CVE-2019-14237

The CVE concerns NXP Kinetis KV1x, KV3x, and K8x devices where Flash Access Controls (FAC) execute-only protection can be defeated by observing CPU registers and the effects of code execution. The impact is the circumvention of execute-only protection as described; no specific remediation or patc...

Design/Logic Flaw

cPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled SEC-224...

CVE-2017-13095

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of a license-deny response to a license grant. The methods are flawed and, in the most egregious cases, enable...

Weblate: Rate Limit Bypass on login Page

Hi, Your web authentication endpoint, https://demo.weblate.org/accounts/login/ POST, currently protects against credentials brute-force attacks only by requests rate-limiting based on IP. It was found that if an attacker sends login requests faster than every 4 seconds from the same IP address, i...

FreeBSD : mediawiki -- multiple vulnerabilities (6241b5df-42a1-11e5-93ad-002590263bf5)

MediaWiki reports : Internal review discovered that Special:DeletedContributions did not properly protect the IP of autoblocked users. This fix makes the functionality of Special:DeletedContributions consistent with Special:Contributions and Special:BlockList. Internal review discovered that...

mediawiki -- multiple vulnerabilities

MediaWiki reports: Internal review discovered that Special:DeletedContributions did not properly protect the IP of autoblocked users. This fix makes the functionality of Special:DeletedContributions consistent with Special:Contributions and Special:BlockList. Internal review discovered that...

xpoll-upload.txt

X-Poll Directory Traversal Vulnerability&Arbitrary File Upload By: e.wiZz! Site: madspot.org Info: Zeljko Komsic please kill your self and other 2 plz. In the wild: -------------------------- X-Poll Version 2.0 allows you to create polls with unlimited options which have their own start and expir...