27 matches found
libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library
A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in...
libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library
A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in...
libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library
A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in...
EUVD-2021-30687
Malicious code in bioql PyPI...
SUSE CVE-2025-11021
A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in...
CVE-2025-11021 Libsoup: out-of-bounds read in cookie date handling of libsoup http library
A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in...
libsoup 缓冲区错误漏洞
libsoup is a GNOME HTTP client/server library from the GNOME Project. A buffer error vulnerability exists in libsoup, which stems from an out-of-bounds memory read when handling cookies with specially crafted expiration dates, which could lead to an unexpected disclosure of memory contents...
Effortless certificate management with automated CNAME validation
Imperva customers who properly utilize the managed certificate feature can experience a robust, interruptions-free, and fully automated certificate management process that requires no effort for domain validations and renewals. In todays digital landscape, security is of paramount importance. One...
ADM - Failed to allocate requested capacity for MPX/SDX or VPX to create in SDX
When multiple pool of licenses Bandwidth/instance are purchased at different points in time, the Service agreement SA date and expiration date are different, causing each pool of licenses to be recognized as separate on Citrix ADM, instead of one combined pool of licenses. This sometimes may caus...
Hackers Stole Customers' Payment Card Details From Over 700 Wawa Stores
Have you stopped at any Wawa convenience store and used your payment card to buy gas or snacks in the last nine months? If yes, your credit and debit card details may have been stolen by cybercriminals. Wawa, the Philadelphia-based gas and convenience store chain, disclosed a data breach incident...
Improper Signature Validation
The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security TLS. It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as...
Improper Signature Validation
The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security TLS. It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as...
Preparing for Y2038 (Already?!)
It somehow doesn't seem that long ago, but nineteen years ago during Y2K I spent my New Year's Eve in the Akamai Network Operations center, waiting to respond to anything that might go awry as the clock struck midnight in key time zones such as Greenwich and Boston. As of January 9, 2019, we are...
How to Check Citrix Maintenance Program Expiration Dates
This article provides instructions on how to check the current expiration date of Subscription Advantage, Customer Success Services CSS, Appliance Maintenance, and Hardware Warranty memberships on Citrix product by using the My Account web portal. Background Customers can locate a list of license...
CVE-2016-5284
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org...
CVE-2016-5284
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org...
Mozilla Patching Firefox Certificate Pinning Vulnerability
Mozilla is expected tomorrow to patch a critical vulnerability in Firefox’s automated update process for extensions that should put the wraps on a confusing set of twists surrounding this bug. The flaw also affected the Tor Browser and was patched Friday by the Tor Project. The vulnerability firs...
CVE-2014-8155
GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is 1 not yet valid or 2 no longer valid...
Design/Logic Flaw
GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is 1 not yet valid or 2 no longer valid...
CVE-2014-8155
GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is 1 not yet valid or 2 no longer valid...