41 matches found
EUVD-2023-38107
Malicious code in bioql PyPI...
EUVD-2023-38104
Malicious code in bioql PyPI...
EUVD-2023-38105
Malicious code in bioql PyPI...
CVE-2023-33983
The Introduction Client in Briar through 1.5.3 does not implement out-of-band verification for the public keys of introducees. An introducer can launch man-in-the-middle attacks against later private communication between two introduced parties...
CVE-2023-33980
Bramble Synchronisation Protocol BSP in Briar before 1.4.22 allows attackers to cause a denial of service repeated application crashes via a series of long messages to a contact...
CVE-2023-33981
Briar before 1.4.22 allows attackers to spoof other users' messages in a blog, forum, or private group, but each spoofed message would need to be an exact duplicate of a legitimate message displayed alongside the spoofed one...
CVE-2023-33981
Briar before 1.4.22 allows attackers to spoof other users' messages in a blog, forum, or private group, but each spoofed message would need to be an exact duplicate of a legitimate message displayed alongside the spoofed one...
CVE-2023-33983
The Introduction Client in Briar through 1.5.3 does not implement out-of-band verification for the public keys of introducees. An introducer can launch man-in-the-middle attacks against later private communication between two introduced parties...
CVE-2023-33981
Briar before 1.4.22 allows attackers to spoof other users' messages in a blog, forum, or private group, but each spoofed message would need to be an exact duplicate of a legitimate message displayed alongside the spoofed one...
CVE-2023-33983
The Introduction Client in Briar through 1.5.3 does not implement out-of-band verification for the public keys of introducees. An introducer can launch man-in-the-middle attacks against later private communication between two introduced parties...
CVE-2023-33981
Briar before 1.4.22 allows attackers to spoof other users' messages in a blog, forum, or private group, but each spoofed message would need to be an exact duplicate of a legitimate message displayed alongside the spoofed one...
CVE-2023-33982
Bramble Handshake Protocol BHP in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accounts if they later compromise both accounts. NOTE: the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden...
CVE-2023-33983
The Introduction Client in Briar through 1.5.3 does not implement out-of-band verification for the public keys of introducees. An introducer can launch man-in-the-middle attacks against later private communication between two introduced parties...
CVE-2023-33980
Bramble Synchronisation Protocol BSP in Briar before 1.4.22 allows attackers to cause a denial of service repeated application crashes via a series of long messages to a contact...
CVE-2023-33980
Bramble Synchronisation Protocol BSP in Briar before 1.4.22 allows attackers to cause a denial of service repeated application crashes via a series of long messages to a contact...
CVE-2023-33982
Bramble Handshake Protocol BHP in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accounts if they later compromise both accounts. NOTE: the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden...
CVE-2023-33982
Bramble Handshake Protocol BHP in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accounts if they later compromise both accounts. NOTE: the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden...
Code injection
The Introduction Client in Briar through 1.5.3 does not implement out-of-band verification for the public keys of introducees. An introducer can launch man-in-the-middle attacks against later private communication between two introduced parties...
Design/Logic Flaw
Bramble Handshake Protocol BHP in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accounts if they later compromise both accounts. NOTE: the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden...
Code injection
Briar before 1.4.22 allows attackers to spoof other users' messages in a blog, forum, or private group, but each spoofed message would need to be an exact duplicate of a legitimate message displayed alongside the spoofed one...