CVE-2021-25419

Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link...

CVE-2021-25419

Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link...

Code injection

Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link...

CVE-2021-25419

CVE-2021-25419 affects Samsung Internet prior to version 14.0.1.62, due to non-compliance with a secure coding scheme. The vulnerability could allow an attacker to display a fake URL in the address bar via a phishing URL link, enabling limited user impact as described in the connected documents. ...

CVE-2021-25419

Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link...

Shifting the focus from reactive to proactive, with human-led secure coding

The same 10 software vulnerabilities have caused more security breaches in the last 20+ years than any others. And yet, many businesses still opt for post-breach, post-event remediation, muddling through the human and business ramifications of it all. But now, a new research study points to a new...

Moderate: Red Hat Security Advisory: brotli security update

An update for brotli is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RLSA-2021:1702 Moderate: brotli security update

Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It...

brotli security update

An update is available for brotli. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Brotli is a generic-purpose lossless compression algorithm that compresses dat...

AMD RESPONSE TO “I see dead µops: leaking secrets via Intel/AMD micro-op caches” RESEARCH PAPER

Bulletin ID: AMD-SB-1006 Summary AMD has reviewed the research paper and believes existing mitigations were not being bypassed and no new mitigations are required. AMD recommends its existing side-channel mitigation guidance and standard secure coding practices be followed. CVE Details None...

UBUNTU-CVE-2021-28899

Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Streaming Media before 2021.3.16...

Object injection via local phar file

This is a security release. SECURITY Fixes CVE-2020-36326, a regression of CVE-2018-19296 object injection introduced in 6.1.8, see SECURITY.md for details Reject more file paths that look like URLs, matching RFC3986 spec, blocking URLS using schemes such as ssh2 Ensure method signature consisten...

UBUNTU-CVE-2021-30022

There is a integer overflow in mediatools/avparsers.c in the gfavcreadppsbsinternal in GPAC from 0.5.2 to 1.0.1. ppsid may be a negative number, so it will not return. However, avc-pps only has 255 unit, so there is an overflow, which results a crash...

OSV-2021-594 Global-buffer-overflow in read_coding_unit

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32791 Crash type: Global-buffer-overflow READ 1 Crash state: readcodingunit readcodingquadtree readcodingquadtree...

How to Successfully Pursue a Career in Malware Analysis

Are you looking to becoming a malware analyst? Then continue reading to discover how to gain the training you need and start a career in malware analysis career. Did you know that new malware is released every seven seconds? As more and more systems become reliant on the internet, the proliferati...

Microsoft HEVC Video 安全漏洞

Microsoft HEVC Video Extensions is a video extension application from Microsoft USA. The application enables computers and devices to read High Efficiency Video Coding or HEVC video. A security vulnerability exists in HEVC Video Extensions. The following products and versions are affected: HEVC...

Microsoft HEVC Video 扩展程序安全漏洞

Microsoft HEVC Video Extensions is a video extension application from Microsoft USA. The application enables computers and devices to read High Efficiency Video Coding or HEVC video. A security vulnerability exists in HEVC Video Extensions. The following products and versions are affected: HEVC...

Microsoft HEVC Video Extensions 扩展程序安全漏洞

Microsoft HEVC Video Extensions is a video extension application from Microsoft USA. The application enables computers and devices to read High Efficiency Video Coding or HEVC videos. A remote code execution vulnerability exists in Microsoft HEVC Video Extensions. An attacker could exploit this...

Improper access control

In Dataiku DSS before 8.0.6, insufficient access control in the Jupyter notebooks integration allows users who have coding permissions to read and overwrite notebooks in projects that they are not authorized to access...

Directory Traversal Vulnerability in Video Coding Equipment Access Gateway of Hangzhou Hikvision System Technology Co.

Hangzhou Hikvision System Technology Co., Ltd. is a provider of security products and industry solutions. Ltd. video coding equipment access gateway directory traversal vulnerability, an attacker can use the vulnerability to traverse the device all directories and files to obtain sensitive...