126 matches found
`rpc-check` was removed from crates.io for malicious code
This is part of an ongoing campaign to attempt to typosquat crates in the polymarket-client-sdk ecosystem to exfiltrate user credentials. The malicious crate had 6 versions published from 2026-02-20 onwards and had no evidence of actual usage. There were no crates depending on this crate on...
EUVD-2005-2598
Malware in sbrugna...
EUVD-2017-8193
Malware in sbrugna...
EUVD-2023-24420
Malicious code in bioql PyPI...
EUVD-2024-50350
Malicious code in bioql PyPI...
EUVD-2024-18189
Malicious code in bioql PyPI...
EUVD-2023-24419
Malicious code in bioql PyPI...
NVIDIA App 安全漏洞
NVIDIA App is a client software from NVIDIA Corporation USA. A security vulnerability exists in NVIDIA App that stems from a file that can be modified during the FrameviewSDK installation process, which could result in elevated privileges...
SSH-Passkeys: Leveraging Web Authentication for Passwordless SSH
We propose a method for using Web Authentication APIs for SSH authentication, enabling passwordless remote server login with passkeys. These are credentials that are managed throughout the key lifecycle by an authenticator on behalf of the user and offer strong security guarantees. Passwords rema...
[SECURITY] Fedora 42 Update: tigervnc-1.15.0-6.fc42
Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...
CVE-2024-20474
A vulnerability in Internet Key Exchange version 2 IKEv2 processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service DoS of Cisco Secure Client. This vulnerability is due to an integer underflow condition. An attacker could exploit this...
CVE-2023-20241
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...
[SECURITY] Fedora 42 Update: tigervnc-1.15.0-2.fc42
Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...
Mozilla Thunderbird 安全漏洞
Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation in the United States that is separate from the Mozilla Application Suite. The software supports the IMAP and POP mail protocols as well as the HTML mail format. A security vulnerability exists in Mozilla...
CVE-2024-9044
A XML External Entity XXE vulnerability has been identified in Easy Tax Client Software 2023 1.2 and earlier across multiple platforms, including Windows, Linux, and macOS...
CVE-2024-9044 XML External Entity (XXE) Vulnerability in EasyTax
A XML External Entity XXE vulnerability has been identified in Easy Tax Client Software 2023 1.2 and earlier across multiple platforms, including Windows, Linux, and macOS...
PT-2024-39386 · Unknown · Easy Tax Client
Name of the Vulnerable Software and Affected Versions: Easy Tax Client Software 2023 versions 1.2 and earlier Description: A XML External Entity XXE vulnerability has been identified in Easy Tax Client Software across multiple platforms, including Windows, Linux, and macOS. Recommendations: For...
CVE-2024-20474
CVE-2024-20474 is a Cisco Secure Client (formerly AnyConnect) vulnerability where the IKEv2 processing contains an integer underflow, allowing an unauthenticated remote attacker to crash the client and cause a DoS. A crafted IKEv2 packet can exploit the flaw on affected systems. Affected releases...
CVE-2024-20474
A vulnerability in Internet Key Exchange version 2 IKEv2 processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service DoS of Cisco Secure Client. This vulnerability is due to an integer underflow condition. An attacker could exploit this...
| Citrix Workspace App 24.x SSON fails and ssonsvr.exe not running on client
SSON fails with CWA 2402 and 2405.10 The logon to a session stops at the "other user" screen . It is also noticed that the ssonsvr.exe process is not running on the client...