EUVD-2019-6194

Malware in sbrugna...

EUVD-2020-28203

Malware in sbrugna...

Exposure Of Sensitive Information To An Unauthorized Actor

libzpehyr.so is vulnerable to Exposure Of Sensitive Information To An Unauthorized Actor. The vulnerability is due to improper handling of encryption procedure status codes, which allows a custom-made remote controller to incorrectly indicate success even when encryption requests are rejected...

ROS-20240916-03

A vulnerability in the Node.js software platform is related to insufficient data authentication. Exploitation of the vulnerability could allow an attacker acting remotely to disable the validation of the integrity A vulnerability in the APIgenerateKeys function of the Node.js software platform is...

ROS-20240730-10

Mbed TLS software vulnerability is related to errors in encryption processing in DTLS connections DTLS when using a null cipher or RC4 cipher. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

What you didn’t know about OWASP Top-10 2017? Part 1/3

I hope everybody have already read the latest OWASP Top-10 list . Let me share some useful insights about it. First of all, OWASP Top-10 is NOT a vulnerability classification system. Rather it is a list of the most critical security risks for web application. What’s the difference? For example, t...

New IETF Group to Tackle TLS Implementation in Applications

The NSA surveillance scandal has created ripples all across the Internet, and the latest one is a new effort from the IETF to change the way that encryption is used in a variety of critical application protocols, including HTTP and SMTP. The new TLS application working group was formed to help...