92 matches found
Matrix libolm 安全漏洞
Matrix libolm olm is a cryptographic library from the Matrix Foundation. A security vulnerability exists in Matrix libolm version 3.2.16 and prior versions, which stems from the lack of a validation standard and the presence of Ed25519 signature extensibility...
Elliptic 安全漏洞
Elliptic is a library of fast elliptic curve ciphers in javascript by the individual developer Fedor Indutny. A security vulnerability exists in Elliptic version 6.5.6, which stems from a lack of checking whether the leading bits of r and s are zero, and thus an ECDSA signature extensibility issu...
CVE-2024-41121 Custom workspace allow to overwrite plugin entrypoint executable in Woodpecker
Woodpecker is a simple yet powerful CI/CD engine with great extensibility. The server allow to create any user who can trigger a pipeline run malicious workflows: 1. Those workflows can either lead to a host takeover that runs the agent executing the workflow. 2. Or allow to extract the secrets w...
[SECURITY] Fedora 38 Update: nextcloud-28.0.4-2.fc38
NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...
Important: Red Hat Enhancement Advisory: Red Hat Developer Hub 1.1 release
Red Hat Developer Hub 1.1 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single pa...
[SECURITY] Fedora 40 Update: jdepend-2.10-10.fc40
JDepend traverses a set of Java class and source file directories and generates design quality metrics for each Java package. JDepend allows you to automatically measure the quality of a design in terms of its extensibility, reusability, and maintainability to effectively manage and control packa...
Limited functionality due to Primitive's balance being decreased before it is called
Lines of code Vulnerability details Impact In the current implementation, the balance of a primitive is decreased burned before it is called. This requires the primitive to hold outputAmount of outputToken before a transaction, which severely restricts the functionality it can provide and has no...
[SECURITY] Fedora 37 Update: trafficserver-9.2.3-1.fc37
Traffic Server is a high-performance building block for cloud services. It's more than just a caching proxy server; it also has support for plugins to build large scale web applications. Key features: Caching - Improve your response time, while reducing server load and bandwidth needs by caching...
gnark-crypto Code Issue Vulnerability
gnark-crypto is an open source library from Consensys. Provides elliptic curve and pairing-based cryptography on BN, BLS12, BLS24 and BW6 curves. A code issue vulnerability exists in Consensys gnark-crypto 0.11.2 and earlier versions, which stems from the presence of a deserialization vulnerabili...
Fedora: Security Advisory for trafficserver (FEDORA-2023-2e6bead58b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[adriro-NEW-M-02]: Wallet design prevents EIP-165 extensibility
Lines of code Vulnerability details adriro-NEW-M-02: Wallet design prevents EIP-165 extensibility The current wallet fallback design prevents the extensibility of the EIP-165 functionality. Impact Ambire wallet extensibility is provided by a fallback mechanism. If a fallback handler is defined in...
OFRAK - Unpack, Modify, And Repack Binaries
OFRAK Open Firmware Reverse Analysis Konsole is a binary analysis and modification platform. OFRAK combines the ability to: Identify and Unpack many binary formats Analyze unpacked binaries with field-tested reverse engineering tools Modify and Repack binaries with powerful patching strategies...
CVE-2021-0291
An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. A high rate of...
CVE-2021-0291 Junos OS and Junos OS Evolved: A vulnerability allows a network based unauthenticated attacker which sends a high rate of specific traffic to cause a partial Denial of Service
An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. A high rate of...
What's New in InsightIDR: Q2 2021 in Review
This year, we’re focusing on providing customers with more extensibility and customization in InsightIDR — from adding new event sources to completely refreshing our Dashboard and Reporting experience, we’ve made some strides over the last few months. This post offers a closer look at some of the...
lua-resty-waf
This is a Lua library for building a web application firewall WAF on top of the OpenResty stack. The library is called "lua-resty-waf" and is maintained by Robert Paprocki p0pr0ck5. The library provides a set of APIs for loading and managing rules, as well as for logging and storing data. It also...
[SECURITY] Fedora 32 Update: claws-mail-3.17.7-1.fc32
Claws Mail is an email client and news reader, based on GTK+, featuring quick response, graceful and sophisticated interface, easy configuration, intuitive operation, abundant features, and extensibility...
[SECURITY] Fedora 32 Update: claws-mail-3.17.6-1.fc32
Claws Mail is an email client and news reader, based on GTK+, featuring quick response, graceful and sophisticated interface, easy configuration, intuitive operation, abundant features, and extensibility...
[SECURITY] Fedora 31 Update: claws-mail-3.17.6-1.fc31
Claws Mail is an email client and news reader, based on GTK+, featuring quick response, graceful and sophisticated interface, easy configuration, intuitive operation, abundant features, and extensibility...
PENIOT - Penetration Testing Tool for IoT
PENIOT is a penetration testing tool for Internet of Things IoT devices. It helps you to test/penetrate your devices by targeting their internet connectivity with different types of security attacks. In other words, you can expose your device to both active and passive security attacks. After...