CVE-2025-13476

Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection DPI systems to trivially identify and block proxy traffic, undermining censorship circumvention...

UBUNTU-CVE-2025-15569

A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the function getsystemdpi of the file platform/x11/winmain.c. This manipulation causes uncontrolled search path. The attack requires local access. The attack is considered to have high complexity. The...

CVE-2025-15569

A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the function getsystemdpi of the file platform/x11/winmain.c. This manipulation causes uncontrolled search path. The attack requires local access. The attack is considered to have high complexity. The...

CVE-2025-15569 Artifex MuPDF win_main.c get_system_dpi uncontrolled search path

A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the function getsystemdpi of the file platform/x11/winmain.c. This manipulation causes uncontrolled search path. The attack requires local access. The attack is considered to have high complexity. The...

CVE-2025-15569

Summary of CVE-2025-15569 (Artifex MuPDF) : A vulnerability affecting MuPDF builds up to 1.26.1 on Windows, caused by the get_system_dpi function in platform/x11/win_main.c, which enables uncontrolled search path manipulation. Exploitation requires local access and is described as high complexity...

artifex mupdf 代码问题漏洞

Artifex MUPDF is a rich-text editor developed by individual developers. Unlike standard text editors, programmers can download free rich-text editors and embed them on their own websites or programs of course, paid versions offer more powerful features. This makes it convenient for users to edit...

New Mic-E-Mouse Attack Shows Computer Mice Can Capture Conversations

Security researchers at UC Irvine reveal the 'Mic-E-Mouse' attack, showing how high-DPI optical sensors in modern mice can detect desk vibrations and reconstruct user speech with high accuracy. Learn how this side-channel vulnerability affects your privacy...

EUVD-2017-3028

Malware in sbrugna...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: CVE-2024-44192: Fixed unexpected process crash due to processing maliciously crafted web content bsc1239863 CVE-2024-54467: Fixed data exilfration cross-origin due to a cookie management issue via a malicious website bsc1239864 Other fixes: ...

Mouse & Keyboard might show Delay/Stops Working when using High DPI Mouse in Citrix sessions

Users using high DPI mouse and connect to a Citrix published desktop or applications both mouse and keyboard stops working. Sometimes mouse is working 4-5 seconds before it stops working. Users see a delay in Display update i.e. when moving Windows as the delay of up to 5-10 seconds after stoppin...

CVE-2023-2376

A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been classified as critical. Affected is an unknown function of the component Web Management Interface. The manipulation of the argument dpi leads to command injection. It is possible to launch the attack remotely. Th...

Ubiquiti EdgeRouter 命令注入漏洞

The Ubiquiti EdgeRouter is a router from Ubiquiti, Inc. A command injection vulnerability exists in Ubiquiti EdgeRouter X version 2.0.9-hotfix.6 and prior versions, which stems from the fact that incorrect manipulation of the parameter dpi can lead to command injection...

GSD-2023-1001473 drm/mediatek: Modify dpi power on/off sequence.

drm/mediatek: Modify dpi power on/off sequence. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1001170 drm/mediatek: Modify dpi power on/off sequence.

drm/mediatek: Modify dpi power on/off sequence. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

identity.mercator-dpi.wekeo-dev.cloudferro.com Cross Site Scripting vulnerability OBB-3150437

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Hackers Begin Weaponizing TCP Middlebox Reflection for Amplified DDoS Attacks

Distributed denial-of-service DDoS attacks leveraging a new amplification technique called TCP Middlebox Reflection have been detected for the first time in the wild, six months after the novel attack mechanism was presented in theory. "The attack … abuses vulnerable firewalls and content filteri...

identity.apps.mercator.dpi.wekeo.eu Cross Site Scripting vulnerability OBB-2270923

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Mitigate OT security threats with these best practices

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Chris Sistrunk, Technical Manager in...

Smart DNS for the New Network Edge: Emerging Requirements for DNS Encryption

This blog post -- the fourth in a series -- will discuss how smart DNS resolvers can enhance ongoing ISP and MNO network transformation efforts, such as the transition to 5G, better integration of Wi-Fi, and new network designs that optimize the edge to improve service delivery and network...

CVE-2020-3385

A vulnerability in the deep packet inspection DPI engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected system. The vulnerability is due to insufficient handling of malformed packets. An attacker could...