EUVD-2022-7622

Malicious code in bioql PyPI...

Kintsugi: Decentralized E2EE Key Recovery

Kintsugi is a protocol for key recovery, allowing a user to regain access to end-to-end encrypted data after they have lost their device, but still have their potentially low-entropy password. Existing E2EE key recovery methods, such as those deployed by Signal and WhatsApp, centralize trust by...

The vulnerability of the asynchronous network library Tornado, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the asynchronous network library Tornado is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

[SECURITY] Fedora 41 Update: libsoup3-3.6.4-1.fc41

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

CVE-2022-41881

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except...

Design/Logic Flaw

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except...