114 matches found
Metasploit 2025 Annual Wrap-Up
Hard to believe it's that time again, and that Metasploit Framework will see the dawn of another Annual Wrap-Up and a New Year. All of the metrics and modules you see here would in large part not be possible without the dedicated community members who care about the Framework and its mission on a...
awesome-burp-extensions
This is a curated list of Burp Extensions, a collection of user-submitted plugins for the Burp Suite web application security testing tool. The repository is maintained under a CC0 1.0 Universal license, allowing for the permanent relinquishment of copyright and related rights to the works...
tutor-contrib-panorama (>=12.1.0 <=12.2.0) potentially affected by CVE-2025-65681 via tutor (=12.2.0)
tutor PYPI version =12.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tutor and may be impacted: - tutor-contrib-panorama =12.1.0, =12.2.0 Source cves: CVE-2025-65681 Source advisory: OSV:PYSEC-2025-219...
Codeshare 安全漏洞
Codeshare is an open source code contribution tool from Codeshare. A security vulnerability exists in Codeshare version v1.0.0 that stems from a risk of information disclosure...
EUVD-2020-2545
Malware in sbrugna...
EUVD-2020-15156
Malware in sbrugna...
EUVD-2013-1474
Malware in sbrugna...
EUVD-2025-18683
Malicious code in bioql PyPI...
EUVD-2025-15902
Malicious code in bioql PyPI...
security-research
Security Research This project hosts security advisories and...
GHSA-7MCQ-F592-PF7V Slice Ring Buffer and Slice Deque contains four unique double-free vulnerabilities triggered through safe APIs
The crate slice-ring-buffer was developed as a fork of slice-deque to continue maintenance and provide security patches, since the latter has been officially unmaintained RUSTSEC-2020-0158. While slice-ring-buffer has addressed some previously reported memory safety issues inherited from its fork...
SecureFed: a Two-Phase Framework for Detecting Malicious Clients in Federated Learning
Federated Learning FL protects data privacy while providing a decentralized method for training models. However, because of the distributed schema, it is susceptible to adversarial clients that could alter results or sabotage model performance. This study presents SecureFed, a two-phase FL...
EarthOL: a Proof-Of-Human-Contribution Consensus Protocol -- Addressing Fundamental Challenges in Decentralized Value Assessment with Enhanced Verification and Security Mechanisms
This paper introduces EarthOL, a novel consensus protocol that attempts to replace computational waste in blockchain systems with verifiable human contributions within bounded domains. While recognizing the fundamental impossibility of universal value assessment, we propose a domain-restricted...
Stable Channel Update for Desktop
The Stable channel has been updated to 136.0.7103.113/.114 for Windows, Mac and 136.0.7103.113 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept...
Maryam - Open-source Intelligence(OSINT) Framework
OWASP Maryam is a modular open-source framework based on OSINT and data gathering. It is designed to provide a robust environment to harvest data from open sources and search engines quickly and thoroughly. Installation Supported OS Linux FreeBSD Darwin OSX $ pip install maryam Alternatively, you...
FLSSM: a Federated Learning Storage Security Model with Homomorphic Encryption
Federated learning based on homomorphic encryption has received widespread attention due to its high security and enhanced protection of user data privacy. However, the characteristics of encrypted computation lead to three challenging problems: "computation-efficiency", "attack-tracing" and...
Securing Video Contribution Feeds with Akamai’s Distributed Cloud & CDN
...
CVE-2024-13290 OhDear Integration - Moderately critical - Access bypass - SA-CONTRIB-2024-056
Incorrect Authorization vulnerability in Drupal OhDear Integration allows Forceful Browsing.This issue affects OhDear Integration: from 0.0.0 before 2.0.4...
Hello DCO, Goodbye CLA: Simplifying Contributions to Spring
The Spring team will be rolling out a simplified contribution process that replaces the requirement to sign a Contributor License Agreement CLA with a Developer Certificate of Origin DCO. The process will start this week with Spring Framework, Spring Security, & Spring Boot and then roll out to t...
CVE-2024-8913 The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.11 - Authenticated (Contributor+) Sensitive Information Exposure via content_template
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.6.11 via the render function in modules/widgets/tpaccordion.php. This makes it possibl...