blake-streams (=0.1.0), fuel-p2p (>=0.4.0 <=0.5.0) +8 more potentially affected by CVE-2026-34219 via libp2p-gossipsub (>=0.29.0 <=0.35.0)

libp2p-gossipsub CARGO version =0.29.0, =0.4.0, =0.20.0, =0.36.0, =0.16.0, =0.1.0, =0.1.1, =0.2.0, =0.39.1, =0.39.3 Source cves: CVE-2026-34219 Source advisory: OSV:GHSA-XQMP-FXGV-XVQ5...

Frigate 安全漏洞

Frigate is a complete native NVR designed by Blake Blackshear for home assistants with AI object detection capabilities. Version 0.17.0 of Frigate contains a security vulnerability caused by improper access control, which may lead to the exposure of sensitive configuration information...

blake-streams (=0.1.0), fuel-p2p (>=0.4.0 <=0.5.0) +8 more potentially affected by CVE-2026-33040 via libp2p-gossipsub (>=0.29.0 <=0.35.0)

libp2p-gossipsub CARGO version =0.29.0, =0.4.0, =0.20.0, =0.36.0, =0.16.0, =0.1.0, =0.1.1, =0.2.0, =0.39.1, =0.39.3 Source cves: CVE-2026-33040 Source advisory: OSV:GHSA-GC42-3JG7-RXR2...

Frigate Security Breach

Frigate is a complete local NVR designed for home assistants with AI object detection by Blake Blackshear Personal Developer. A security vulnerability exists in Frigate versions prior to 0.13.2 that stems from the possibility that when uploading a file or retrieving a filename, a user may...

Simple E-Learning System Cross-Site Scripting Vulnerability (CNVD-2023-11440)

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. Simple E-Learning System is vulnerable to a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameter Bio in the file...

Simple E-Learning System SQL Injection Vulnerability (CNVD-2023-11437)

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. simple E-Learning System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the parameter phoneNumber of the file /claireblake. statements. An...

Simple E-Learning System SQL注入漏洞

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. simple E-Learning System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the parameter phoneNumber of the file /claireblake. statements. An...

Simple E-Learning System 跨站脚本漏洞

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. Simple E-Learning System is vulnerable to a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameter Bio in the file...

Simple e-Learning System 跨站脚本漏洞

Simple e-Learning System is a simple e-learning system from Carlo Montero's personal developer. version 1.0 of Simple e-Learning System is vulnerable to a cross-site scripting vulnerability that stems from the lack of a Bio parameter in the file /vcs/claireblake to filter the user-supplied data a...

Cryptologists Crack Zodiac Killer's 340 Cipher

A remote team of three hobbyist cryptologists have solved one of the Zodiac Killer’s cipher after a half century. And while the name of the elusive serial killer remains hidden, the breakthrough represents a triumph for cryptology and the basic building blocks of cybersecurity — access control an...

libvirt security update

5.0.0-9.el7 - qemu: remove cpuhostmask and cpuguestmask from virCaps structure Wim ten Have Orabug: 29956508 5.0.0-8.el7 - api: disallow virDomainSaveImageGetXMLDesc on read-only connections Jan Tomko Orabug: 29955742 CVE-2019-10161 - domain: Define explicit flags for saved image xml Eric Blake...

Hashcat v4.0 - World's Fastest and Most Advanced Password Recovery Utility

hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable...

Updated mercurial packages fix security vulnerability

This update fixes possible arbitrary code execution when converting Git repos. Mercurial prior to 3.8 allowed arbitrary code execution when using the convert extension on Git repos with hostile names. This could affect automated code conversion services that allow arbitrary repository names. This...

mercurial: arbitrary code execution

Mercurial prior to 3.8 allowed arbitrary code execution when using the convert extension on Git repos with hostile names. This could affect automated code conversion services that allow arbitrary repository names. This is a further side-effect of Git CVE-2015-7545. Reported and fixed by Blake...

RHEL 7 : mercurial (RHSA-2016:0706)

An update for mercurial is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: Red Hat Security Advisory: mercurial security update

An update for mercurial is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

DSA-3435-1 git - security update

Bulletin has no description...

Bitcoin Core Developers Quit Bitcoin Project to Launch a New Digital Currency

Some of Bitcoin’s Core developers have left the Bitcoin project and started building their separate cryptocurrency called DECRED. Decred aims to prevent the issues Bitcoin is currently facing regarding project governance and development funding. CEO of 'Company 0', Mr. Jacob Yocom-Piatt, who has...

Ubuntu 14.04 LTS : Git vulnerability (USN-2835-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2835-1 advisory. Blake Burkhart discovered that the Git git-remote-ext helper incorrectly handled recursive clones of git repositories. A remote attacker could possibly use this...

DVD-X-Player-5.5-Pro-SEH

DVD X Player 5.5 Pro Bypass ASLR by using non-aslr enabled module SEH Overwrite Egghunter is not needed as there is at least 2000 bytes for shellcode import sys print "====================================" print "DVD X Player 5.5 Pro Buffer Overflow" print " SEH Overwrite - Bypass ASLR " print "...