EUVD-2023-53098

Malicious code in bioql PyPI...

PeerTube 安全漏洞

PeerTube is a decentralized video sharing service platform open-sourced by Chocobozzz. It is used to create video projects. PeerTube suffers from a security vulnerability that stems from an infinite loop that could cause the server to stop responding...

PeerTube 安全漏洞

PeerTube is a decentralized video sharing service platform open-sourced by Chocobozzz. It is used to create video projects. PeerTube suffers from a security vulnerability that stems from improper handling of Zip bombs, which can lead to running out of disk space...

PeerTube 安全漏洞

PeerTube is a decentralized video sharing service platform open-sourced by Chocobozzz. It is used to create video projects. PeerTube suffers from a security vulnerability that stems from a lack of permission validation, which could lead to the addition of playlists to other users' channels via th...

PeerTube 安全漏洞

PeerTube is a decentralized video sharing service platform open-sourced by Chocobozzz. It is used to create video projects. PeerTube suffers from a security vulnerability that stems from an uncaught exception that could cause the server to crash...

CVE-2024-25636 Lack of media type verification of Activity Streams objects allows impersonation and takeover of remote accounts

Misskey is an open source, decentralized social media platform with ActivityPub support. Prior to version 2024.2.0, when fetching remote Activity Streams objects, Misskey doesn't check that the response from the remote server has a Content-Type header value of the Activity Streams media type, whi...

CVE-2024-25636 Lack of media type verification of Activity Streams objects allows impersonation and takeover of remote accounts

Misskey is an open source, decentralized social media platform with ActivityPub support. Prior to version 2024.2.0, when fetching remote Activity Streams objects, Misskey doesn't check that the response from the remote server has a Content-Type header value of the Activity Streams media type, whi...

Improper Input Validation

Vega is a decentralized trading platform that allows pseudo-anonymous trading of derivatives on a blockchain. Prior to version 0.71.6, a vulnerability exists that allows a malicious validator to trick the Vega network into re-processing past Ethereum events from Vega’s Ethereum bridge. For exampl...

Input validation

Misskey is an open source, decentralized social media platform. Due to insufficient validation of the redirect URL during miauth authentication in Misskey, arbitrary JavaScript can be executed when a user allows the link. All versions below 13.3.1 including 12.x are affected. This has been fixed ...

RigoBlock Dragos 安全漏洞

RigoBlock Dragos is a decentralized token management platform from Swiss company RigoBlock. RigoBlock Dragos suffers from a security vulnerability that stems from the lack of a unique owner modifier for setmultiallowances in rigblock Dragos until 2022-02-17...

TRON Cryptocurrency Founder Buys BitTorrent, µTorrent for $140 Million

BitTorrent, the company which owns the popular file-sharing client uTorrent, has quietly been sold for $140 million in cash to Justin Sun, the founder of blockchain-focused startup TRON. TRON is a decentralized entertainment and content-sharing platform that uses blockchain and distributed storag...