7 matches found
EUVD-2022-7146
Malicious code in bioql PyPI...
CVE-2022-3616
Affected software/area: OctoRPKI (github.com/cloudflare/cfrpki) in the octorpki command. Root cause / vulnerability detail: Attackers can construct long chains of Certificate Authorities (CAs) that exhaust the max iterations limit, causing OctoRPKI to crash and fail validation, resulting in a den...
Security Advisory 2021-08-01-1 - XSS via missing input validation of host names displayed (CVE-2021-32019)
DESCRIPTION Missing input validation of host names displayed in OpenWrt LuCI web-interface leads to Cross-site scripting, which can be used to gain full control over the affected system. REQUIREMENTS Users need to visit the LuCI “Connection status” page of the router and activate the host name...
Vulnerable Twitter API Leaves Tens of Thousands of iOS Apps Open to Attacks
Researchers are warning that an old Twitter API still used by popular iOS mobile apps that could be abused as part of a man-in-the-middle attack. It could be used to hijack Twitter accounts and compromise other third-party apps that are linked to the same “login with Twitter” feature. According t...
SQL-Ledger – several vulnerabilities
============================================ ||| Security Advisory AKLINK-SA-2009-001 ||| ||| CVE-2009-3580 CVE candidate ||| ||| CVE-2009-3581 CVE candidate ||| ||| CVE-2009-3582 CVE candidate ||| ||| CVE-2009-3583 CVE candidate ||| ||| CVE-2009-3584 CVE candidate |||...
SQL-Ledger XSS / XSRF / SQL Injection / LFI
============================================ ||| Security Advisory AKLINK-SA-2009-001 ||| ||| CVE-2009-3580 CVE candidate ||| ||| CVE-2009-3581 CVE candidate ||| ||| CVE-2009-3582 CVE candidate ||| ||| CVE-2009-3583 CVE candidate ||| ||| CVE-2009-3584 CVE candidate |||...
Nokia 6131 NFC URI/URL Spoofing and DoS Advisory
Vulnerability Report --- BEGIN ADVISORY --- Manufacturer: Nokia www.nokia.com Device: Nokia 6131 NFC Firmware: V 05.12, 19-09-07, RM-216 Device Type: mobile phone OS: Symbian Series40 Subsystem: Near Field Communication ----------------------------- Executive Summary: URI/URL Spoofing when...