Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Linux Linux_Kernel

🇮🇱 BringThemHome NeverAgainIsNow 🇮🇱 We demand the...

Liberapay: Avatar URL is exposed in patron export for secret donations

The avatar URL was exposed in the patron export for secret donations, which could potentially identify donors who wished to remain anonymous...

CVE-2023-36671

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel even if this traffic is not generated by the VPN client. Thi...

Design/Logic Flaw

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel even if this traffic is not generated by the VPN client. Thi...

CVE-2023-36671

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel even if this traffic is not generated by the VPN client. Thi...

Tor: Snowflake server: Leak of TLS packets from other clients

TLS packets from other clients were leaked to Snowflake clients due to a vulnerability in the Snowflake pluggable transport server. This issue allowed Snowflake clients to receive "ghost" packets at the KCP layer, containing TLS packets unrelated to the current session. The leaked packets include...

ZenMate VPN Browser Extension Deanonymization & Hijacking Vulnerability (3.5 Million Affected Users)

Summary ZenMate, a VPN provider with over 43 million users, offers multiple browser extensions to use their VPN with. As of the time of this writing the browser extensions have a combined total of 3.5 million users. The ZenMate VPN clients for both Chrome & Firefox trust the previously expired...

OnionScan - Onion Services Security Scan

The purpose of this tool is to make you a better onion service provider. You owe it to yourself and your users to ensure that attackers cannot easily exploit and deanonymize. Go Dependencies h12.me/socks - For the Tor SOCKS Proxy connection. github.com/xiam/exif - For EXIF data extraction...

Debian DSA-2331-1 : tor - several vulnerabilities

It has been discovered by 'frostyun' that a design flaw in Tor, an online privacy tool, allows malicious relay servers to learn certain information that they should not be able to learn. Specifically, a relay that a user connects to directly could learn which other relays that user is connected t...

DSA-2331-1 tor - several

Bulletin has no description...