[SECURITY] Fedora 40 Update: cutter-re-2.3.4-6.fc40

Cutter is a Qt and C++ GUI for Rizin. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. Cutter is created by reverse engineers for reverse engineers...

[SECURITY] Fedora 40 Update: iaito-5.9.9-2.fc40

iaito is a Qt and C++ GUI for radare2. It is the continuation of Cutter before the fork to keep radare2 as backend. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. The iaito is created by reverse engineers for reverse...

[SECURITY] Fedora 41 Update: iaito-5.9.9-2.fc41

iaito is a Qt and C++ GUI for radare2. It is the continuation of Cutter before the fork to keep radare2 as backend. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. The iaito is created by reverse engineers for reverse...

CVE-2024-38537 Inclusion of Untrusted polyfill.io Code Vulnerability in fides.js

Fides is an open-source privacy engineering platform. fides.js, a client-side script used to interact with the consent management features of Fides, used the polyfill.io domain in a very limited edge case, when it detected a legacy browser such as IE11 that did not support the fetch standard...

CVE-2023-37481

Fides is an open-source privacy engineering platform for managing data privacy requests and privacy regulations. The Fides webserver is vulnerable to a type of Denial of Service DoS attack. Attackers can exploit this vulnerability to upload zip files containing malicious SVG bombs similar to a...

CVE-2023-37480 Fides Webserver Vulnerable to Zip Bomb File Uploads

Fides is an open-source privacy engineering platform for managing data privacy requests and privacy regulations. The Fides webserver is vulnerable to a type of Denial of Service DoS attack. Attackers can exploit a weakness in the connector template upload feature to upload a malicious zip bomb...

CVE-2023-37481

The CVE-2023-37481 entry concerns the Fides webserver. A DoS can be triggered by uploading a zip containing malicious SVG bombs (billion‑laugh style) via the admin UI, exhausting resources on the new connector page. Affected versions are 2.11.0–2.15.1; exploitation is limited to users with elevat...

Fedora: Security Advisory for cutter-re (FEDORA-2020-aa51efe207)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Financial Apps are Ripe for Exploit via Reverse Engineering

A white hat hacker reverse engineered 30 mobile financial applications and found sensitive data buried in the underlying code of nearly all apps examined. With this information a hacker could, for example, recover application programming interface API keys and use them to attack the vendor’s...

CVE-2018-7538

A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform before 9.18 allows attackers to execute arbitrary SQL commands...

Sql injection

A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform before 9.18 allows attackers to execute arbitrary SQL commands...

CVE-2018-7538

A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform before 9.18 allows attackers to execute arbitrary SQL commands...

SQL Injection Vulnerability in Engineering Quality Supervision Station Comprehensive Information Service Platform of Zhuhai Xinhua Tong Software Co.

Engineering Quality Supervision Station comprehensive information service platform is mainly construction project quality and safety supervision and other related series of software products. The product exists SQL injection vulnerability, the vulnerability URL is:...