UBUNTU-CVE-2022-48579

UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains...

CVE-2022-48579

UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains...

CVE-2023-29409

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...

DEBIAN-CVE-2023-29409

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...

CVE-2023-29409

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...

Code injection

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...

UBUNTU-CVE-2023-29409

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...

CVE-2023-29409 Large RSA keys can cause high CPU usage in crypto/tls

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...

CVE-2023-29409

CVE-2023-29409 affects the Go language runtime/package (golang) across multiple distributions. The issue arises from extremely large RSA keys in certificate chains causing excessive signature verification CPU usage; the fix restricts RSA key sizes in handshakes to 8192 bits. Public advisories ind...

CVE-2023-29409 Large RSA keys can cause high CPU usage in crypto/tls

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...

CVE-2023-29409

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...

CVE-2023-29409

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...

GO-2023-1987 Large RSA keys can cause high CPU usage in crypto/tls

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...

CVE-2023-29409

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...

PT-2023-5588 · Unknown +8 · Crypto/Tls +8

Name of the Vulnerable Software and Affected Versions: crypto/tls affected versions not specified Description: The issue is related to extremely large RSA keys in certificate chains, which can cause a client/server to expend significant CPU time verifying signatures. With the fix, the size of RSA...

STARK#MULE Targets Koreans with U.S. Military-themed Document Lures

An ongoing cyber attack campaign has set its sights on Korean-speaking individuals by employing U.S. Military-themed document lures to trick them into running malware on compromised systems. Cybersecurity firm Securonix is tracking the activity under the name STARKMULE. The scale of the attacks i...

Important: Red Hat Bug Fix Advisory: Red Hat OpenShift Pipelines 1.10.5 release

Red Hat OpenShift Pipelines 1.10.5 General Availability release - A cloud-native Continuous Integration and Delivery solution on OpenShift. Red Hat OpenShift Pipelines is a cloud-native continuous integration and delivery CI/CD solution for building pipelines using Tekton. Tekton is a flexible,...

DEBIAN-CVE-2023-3610

A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFTMSGNEWRULE. The vulnerability requires CAPNETADMIN to be triggered...

CVE-2023-3610

A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFTMSGNEWRULE. The vulnerability requires CAPNETADMIN to be triggered...

The Unrelenting Nature of TOITOIN Malware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The TOITOIN malware campaign, targeting businesses in the LATAM region, employs sophisticated techniques and multi-stage infection chains with numerous malware samples disguised as compressed ZIP archive...