Lucene search
K

72 matches found

Packet Storm News
Packet Storm News
added 2025/07/21 12:0 a.m.3 views

Scaling Decentralized Learning with FLock

Fine-tuning the large language models LLMs are prevented by the deficiency of centralized control and the massive computing and communication overhead on the decentralized schemes. While the typical standard federated learning FL supports data privacy, the central server requirement creates a...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/17 12:0 a.m.6 views

PolyGuard: Massive Multi-Domain Safety Policy-Grounded Guardrail Dataset

Whitepaper called PolyGuard: Massive Multi-Domain Safety Policy-Grounded Guardrail Dataset...

7AI score
Exploits0
CNNVD
CNNVD
added 2025/02/06 12:0 a.m.7 views

Check Point Multi-Domain Security Management 安全漏洞

Check Point Multi-Domain Security Management is a centralized management solution from Check Point Israel for large-scale distributed environments with many discrete network segments. A security vulnerability exists in Check Point Multi-Domain Security Management, which stems from the possibility...

7.5CVSS6.7AI score0.00386EPSS
Exploits0References2
OSV
OSV
added 2024/11/22 6:9 a.m.3 views

MAL-2024-10889 Malicious code in webpack-support-multi-domain-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df28dfaede54bce66eb7320e580118358e8db8869c014298d0a7abb4a0e43497 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Fedora
Fedora
added 2024/06/02 3:39 a.m.11 views

[SECURITY] Fedora 39 Update: rust-scx_rusty-0.5.4-2.fc39

A multi-domain, BPF / user space hybrid scheduler used within schedext, which is a Linux kernel feature which enables implementing kernel thread schedulers in BPF and dynamically loading them. https://github.com/sched-ext/scx/tree/main...

7.2AI score
Exploits0
Rockylinux
Rockylinux
added 2024/03/12 3:42 p.m.43 views

sssd bug fix update

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The System Security Services Daemon SSSD service provides a set of daemons to...

7.8AI score
Exploits0
Amazon
Amazon
added 2023/09/25 12:0 a.m.4 views

Medium: nginx

Issue Overview: ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can...

7.4CVSS7.1AI score0.02037EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.163 views

Amazon Linux 2023 : vsftpd (ALAS2023-2023-019)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-019 advisory. ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates...

7.4CVSS7.4AI score0.02037EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.41 views

K26738102: BIG-IP APM SSO vulnerability CVE-2016-3687

Security Advisory Description Insufficient validation of the SSOORIGURI parameter occurs when using multi-domain single sign-on SSO. CVE-2016-3687 Impact An attacker may be able to tamper with the URL used to redirect the user in a multi-domain SSO environment by using BIG-IP APM. Systems that do...

5.3CVSS5.6AI score0.01209EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2023/02/17 4:26 p.m.51 views

K000132639: ALPACA: TLS vulnerability CVE-2021-3618

Security Advisory Description ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP...

7.4CVSS7.8AI score0.02037EPSS
Exploits0
Veracode
Veracode
added 2022/04/16 7:23 p.m.64 views

Access Restriction Bypass

nginx is vulnerable to access restriction bypass. The vulnerability exists because TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates which allows an attacker to gain access to the system and perform unauthorized actions...

7.4CVSS6.9AI score0.02037EPSS
Exploits0References9Affected Software5
Microsoft CVE
Microsoft CVE
added 2022/04/05 7:0 a.m.4 views

ALPACA is an application layer protocol content confusion attack exploiting TLS servers implementing different protocols but using compatible certificates such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

...

7.4CVSS7.5AI score0.02037EPSS
Exploits0
NVD
NVD
added 2022/03/23 8:15 p.m.44 views

CVE-2021-3618

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic fr...

7.4CVSS0.02037EPSS
Exploits0References3
OSV
OSV
added 2022/03/23 8:15 p.m.7 views

AZL-9220 CVE-2021-3618 affecting package sendmail 8.15.2-46

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic fr...

7.4CVSS7.1AI score0.02037EPSS
Exploits0References1
OSV
OSV
added 2022/03/23 8:15 p.m.4 views

AZL-9190 CVE-2021-3618 affecting package vsftpd for versions less than 3.0.5-1

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic fr...

7.4CVSS6.6AI score0.02037EPSS
Exploits0References1
OSV
OSV
added 2022/03/23 8:15 p.m.3 views

UBUNTU-CVE-2021-3618

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic fr...

7.4CVSS7.1AI score0.02037EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2022/03/23 12:0 a.m.216 views

CVE-2021-3618

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic fr...

7.4CVSS7.8AI score0.02037EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2022/03/23 12:0 a.m.1069 views

CVE-2021-3618

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic fr...

7.4CVSS7.8AI score0.02037EPSS
Exploits0
Redos
Redos
added 2022/02/01 12:0 a.m.57 views

ROS-20220125-08

The Sendmail mail transfer agent vulnerability is related to a logical error in the TLS implementation when working with different protocols but using compatible certificates such as multi-domain or wildcard certificates. wildcard certificates. Exploitation of the vulnerability could allow an...

7.4CVSS7.4AI score0.02037EPSS
Exploits0
Redos
Redos
added 2022/02/01 12:0 a.m.39 views

ROS-20220125-02

Nginx web server vulnerability is related to a logical error in TLS implementation when working with different protocols but using compatible certificates, such as multi-domain or wildcard certificates. certificates. Exploitation of the vulnerability could allow an attacker acting remotely to...

7.4CVSS7.4AI score0.02037EPSS
Exploits0
Rows per page
Query Builder