[SECURITY] Fedora 44 Update: nginx-mod-js-challenge-0^20230517.gitda6852d-8.fc44

Simple JavaScript proof-of-work based access for Nginx with virtually no over head...

[SECURITY] Fedora 44 Update: nginx-mod-js-challenge-0^20230517.gitda6852d-7.fc44

Simple JavaScript proof-of-work based access for Nginx with virtually no over head...

cap-exploit-poc

cap-exploit-poc This repository contai...

SDN-SYN PoW: Intent-Aware Adaptive SDN Defense with PoW against Multi-Domain SYN Floods

The stability of Internet services is persistently challenged by the escalating scale of volumetric TCP SYN floods, as conventional defenses like SYN Cookies fail by exacerbating bandwidth depletion under modern attacks. This paper introduces SDN-SYN PoW, a novel defense architecture that...

NGCaptcha: A CAPTCHA Bridging the past and the Future

CAPTCHAs are widely employed for distinguishing humans from automated bots online. However, current vision based CAPTCHAs face escalating security risks: traditional attacks continue to bypass many deployed CAPTCHA schemes, and recent breakthroughs in AI, particularly large scale vision models,...

GO-2025-4239 ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay in github.com/altcha-org/altcha-lib-go

ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay in github.com/altcha-org/altcha-lib-go...

CVE-2025-68113 ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay

ALTCHA is privacy-first software for captcha and bot protection. A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to...

CVE-2025-68113

CVE-2025-68113 (ALTCHA) describes a cryptographic semantic binding flaw in ALTCHA libraries where the HMAC does not unambiguously bind challenge parameters to the nonce, enabling potential replay of previously solved challenges depending on server-side handling. Affected components include ALTCHA...

ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay

Impact A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to reinterpret a valid proof-of-work submission with a modifi...

ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay

A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to reinterpret a valid proof-of-work submission with a modified...

CVE-2025-65849

A cryptanalytic break in Altcha Proof-of-Work obfuscation mode version 0.8.0 and later allows for remote visitors to recover the Proof-of-Work nonce in constant time via mathematical deduction. NOTE: this is disputed by the Supplier because the product's objective is "to discourage automated...

EUVD-2025-201806

A cryptanalytic break in Altcha Proof-of-Work obfuscation mode version 0.8.0 and later allows for remote visitors to recover the Proof-of-Work nonce in constant time via mathematical deduction...

Altcha Proof-of-Work obfuscation mode cryptanalytic break

A cryptanalytic break in Altcha Proof-of-Work obfuscation mode version 0.8.0 and later allows for remote visitors to recover the Proof-of-Work nonce in constant time via mathematical deduction...

Inadequate Encryption Strength

Overview altcha is a Privacy-first CAPTCHA widget, compliant with global regulations GDPR/HIPAA/CCPA/LGDP/DPDPA/PIPL and WCAG accessible. No tracking, self-verifying. Affected versions of this package are vulnerable to Inadequate Encryption Strength in the Proof of Work obfuscation scheme. An...

CVE-2025-65849

A cryptanalytic break in Altcha Proof-of-Work obfuscation mode version 0.8.0 and later allows for remote visitors to recover the Proof-of-Work nonce in constant time via mathematical deduction. NOTE: this is disputed by the Supplier because the product's objective is "to discourage automated...

CVE-2025-65849

CVE-2025-65849 concerns Altcha Proof-of-Work obfuscation mode (version 0.8.0 and later). The Red Hat and NVD entries describe a cryptanalytic break that allows remote attackers to recover the Proof-of-Work nonce in constant time via mathematical deduction. The supplier disputes the claim of a cry...

CVE-2025-65849

A cryptanalytic break in Altcha Proof-of-Work obfuscation mode version 0.8.0 and later allows for remote visitors to recover the Proof-of-Work nonce in constant time via mathematical deduction. NOTE: this is disputed by the Supplier because the product's objective is "to discourage automated...

PT-2025-49588

A cryptanalytic break in Altcha Proof-of-Work obfuscation mode version 0.8.0 and later allows for remote visitors to recover the Proof-of-Work nonce in constant time via mathematical deduction...

CVE-2025-65849

A cryptanalytic break in Altcha Proof-of-Work obfuscation mode version 0.8.0 and later allows for remote visitors to recover the Proof-of-Work nonce in constant time via mathematical deduction. NOTE: this is disputed by the Supplier because the product's objective is "to discourage automated...

EUVD-2025-3683

Malicious code in bioql PyPI...