BIT-NODE-MIN-2023-30590

The generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey. However, the...

BIT-NODE-MIN-2024-21890

The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: --allow-fs-read=/home/node/.ssh/.pub will ignore pub and give access to everything after .ssh/. This misleading documentation affects all users...

CVE-2024-111053

creationtimestamp| type| source ---|---|--- 2024-12-15 14:02:00+00:00| seen| https://mastodon.social/users/bagder/statuses/113657205050547339...

[SECURITY] Fedora 40 Update: python3.10-3.10.16-1.fc40

Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...

CVE-2024-54306

creationtimestamp| type| source ---|---|--- 2024-12-14 01:44:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113648644841373676...

CVE-2024-54265

creationtimestamp| type| source ---|---|--- 2024-12-13 23:44:52+00:00| seen| https://infosec.exchange/users/cve/statuses/113648172458512307...

CVE-2023-41857

creationtimestamp| type| source ---|---|--- 2024-12-13 21:29:42+00:00| seen| https://infosec.exchange/users/cve/statuses/113647641007381288...

[SECURITY] Fedora 40 Update: python3.11-3.11.11-1.fc40

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

CVE-2024-54498

creationtimestamp| type| source ---|---|--- 2024-12-12 00:14:10+00:00| seen| https://infosec.exchange/users/cve/statuses/113636963116312437 2025-01-11 13:30:58+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/11669 2025-01-11 16:05:32+00:00| published-proof-of-concept|...

FreeBSD : chromium -- multiple security fixes (3d5b7860-48ad-48c2-aa36-601b8ab9cc43)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3d5b7860-48ad-48c2-aa36-601b8ab9cc43 advisory. Chrome Releases reports: This update includes 4 security fixes: Tenable has extracted the preceding...

CVE-2024-8116

creationtimestamp| type| source ---|---|--- 2024-12-11 16:30:39+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113635140492482846 2024-12-16 04:35:37+00:00| seen| https://infosec.exchange/users/cve/statuses/113660640409849262 2024-12-16 07:18:27+00:00| seen|...

[SECURITY] Fedora 40 Update: python3.14-3.14.0~a2-2.fc40

Python 3.14 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.14 package provides the "python3.14" executable:...

[SECURITY] Fedora 41 Update: python3.12-3.12.8-2.fc41

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

CVE-2024-50626

creationtimestamp| type| source ---|---|--- 2024-12-09 21:28:10+00:00| seen| https://infosec.exchange/users/cve/statuses/113624985735998812 2024-12-09 23:54:39+00:00| seen| https://t.me/cvedetector/12454...

Malicious code in product-documentation (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-11424 Malicious code in product-documentation (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in docs-ux (npm)

--- -= Per source details. Do not edit below this line.=-...

PT-2024-12246 · WordPress · Fahad Mahmood Wp Docs

Name of the Vulnerable Software and Affected Versions: Fahad Mahmood WP Docs versions 1.9.8 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows the exploitation of incorrectly configured access control security levels. Recommendations: For versions...

CVE-2024-11436

creationtimestamp| type| source ---|---|--- 2024-12-07 01:59:48+00:00| seen| https://infosec.exchange/users/cve/statuses/113609066944566850 2024-12-07 04:10:52+00:00| seen| https://t.me/cvedetector/12310...

CVE-2024-10771

creationtimestamp| type| source ---|---|--- 2024-12-06 12:28:27+00:00| seen| https://infosec.exchange/users/cve/statuses/113605876542214022 2024-12-06 15:37:13+00:00| seen| https://t.me/cvedetector/12211...