3547 matches found
[SECURITY] Fedora 41 Update: rust-reqsign-core-2.0.1-1.fc41
Signing API requests without effort...
[SECURITY] Fedora 41 Update: rust-reqsign-0.18.1-1.fc41
Signing HTTP requests for AWS, Azure, Google, Huawei, Aliyun, Tencent and Oracle services...
[SECURITY] Fedora 42 Update: rust-reqsign-core-2.0.1-1.fc42
Signing API requests without effort...
AstrBot is vulnerable to RCE with hard-coded JWT signing keys
Summary AstrBot uses a hard-coded JWT signing key, allowing attackers to execute arbitrary commands by installing a malicious plugin. Details AstrBot uses a hard-coded JWT signing key, which allows attackers to bypass the authentication mechanism. Once bypassed, the attacker can install a Python...
HSEC-2025-0002 Double Public Key Signing Function Oracle Attack on Ed25519
Double Public Key Signing Function Oracle Attack on Ed25519 The standard specification of Ed25519 message signing involves providing the algorithm with a message and private key. The function will use the private key to compute the public key and sign the message. Some libraries provide a variant...
Siemens SIMATIC S7-1500 Observable Discrepancy (CVE-2018-0495)
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the gcryeccecdsasign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. T...
[SECURITY] Fedora 43 Update: rust-reqsign-0.18.1-1.fc43
Signing HTTP requests for AWS, Azure, Google, Huawei, Aliyun, Tencent and Oracle services...
[SECURITY] Fedora 43 Update: rust-reqsign-aws-v4-2.0.1-1.fc43
AWS SigV4 signing implementation for reqsign...
[SECURITY] Fedora 43 Update: rust-reqsign-core-2.0.1-1.fc43
Signing API requests without effort...
Apple macOS Sequoia Code Signature Limit Insufficiency Vulnerability
Apple macOS Sequoia is an operating system announced by Apple on June 10, 2024 at the WWDC24 developer conference. Apple macOS Sequoia suffers from an insufficient code signature restriction vulnerability that can be exploited by an attacker to access sensitive user data...
kernel security update
5.14.0-570.62.1.0.1 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
Unclonable Cryptography in Linear Quantum Memory
Quantum cryptography is a rapidly-developing area which leverages quantum information to accomplish classically-impossible tasks. In many of these protocols, quantum states are used as long-term cryptographic keys. Typically, this is to ensure the keys cannot be copied by an adversary, owing to t...
CVE-2025-43468
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data...
CVE-2025-43390
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data...
[SECURITY] Fedora 43 Update: rust-reqsign-core-2.0.0-1.fc43
Signing API requests without effort...
[SECURITY] Fedora 43 Update: rust-reqsign-0.18.0-1.fc43
Signing HTTP requests for AWS, Azure, Google, Huawei, Aliyun, Tencent and Oracle services...
CVE-2025-43468
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An app may be able to access sensitive user data...
CVE-2025-43468
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data...
CVE-2025-43390
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data...
CVE-2025-43390
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data...