An Empirical Security Evaluation of LLM-Generated Cryptographic Rust Code

Developers and organizations are using Large Language Models LLMs to generate security-critical code more frequently than ever, including cryptographic solutions for their products. This study presents an empirical evaluation of cryptographic security in 240 Rust code samples for two crypto...

EUVD-2023-2669

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-26334

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - swftools v0.9.2 was discovered to contain a segmentation violation via the function compileSWFActionCode at swftools/lib/action/actioncompiler.c. CVE-2024-26334...

Security Bulletin: IBM Software Support mobile app is vulnerable to multiple vulnerabilities due to 3rd party software

Summary This release includes information about multiple vulnerabilities, improving the overall security and stability of the application. The types of vulnerabilities resolved include: Axios Vulnerability: Addressed an issue that could potentially cause SSRF and credential leakage server and...

Exploit for Improper Ownership Management in Debian Debian_Linux

Install compilation environment bash sudo apt install -y gcc...

PT-2024-21357 · Swftools · Swftools

Name of the Vulnerable Software and Affected Versions: swftools version 0.9.2 Description: The issue is related to a segmentation violation in the compileSWFActionCode function located at swftools/lib/action/actioncompiler.c. This function is part of the swftools library, which is used for...

Amazon Linux 2 : thunderbird (ALAS-2023-2051)

The version of thunderbird installed on the remote host is prior to 102.11.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2051 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to...

CVE-2023-32211

A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...

CVE-2023-32211

A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...

CVE-2023-32211

A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...

CVE-2023-32211

CVE-2023-32211 describes a type checking bug in Mozilla Firefox and Thunderbird that could lead to invalid code being compiled. The connected documents confirm the flaw affects Firefox versions prior to 113, Firefox ESR prior to 102.11, and Thunderbird prior to 102.11. Multiple security advisorie...

Rocky Linux 8 : firefox (RLSA-2023:3220)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:3220 advisory. - In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and...

AlmaLinux 9 : firefox (ALSA-2023:3143)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3143 advisory. - In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofin...

Rocky Linux 8 : thunderbird (RLSA-2023:3221)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:3221 advisory. - In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 : Thunderbird vulnerabilities (USN-6075-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6075-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website ...

Debian DSA-5403-1 : thunderbird - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5403 advisory. Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For the stable distribution...

Debian dla-3417 : firefox-esr - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3417 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3417-1 [email protected]...

Out-of-bounds

LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e...

CVE-2023-0795

LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e...

CVE-2023-0800

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127...