CVE-2024-9681 HSTS subdomain overwrites parent cache entry

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

CVE-2024-9681 HSTS subdomain overwrites parent cache entry

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

CVE-2024-9681

The CVE describes a vulnerability in curl where, when HSTS is used, a subdomain’s Strict-Transport-Security expiry can bleed into the parent domain, causing http://[example] to be redirected to HTTPS for an incorrect time window. This can cause HTTP requests to example.com to be unexpectedly serv...

CVE-2024-9681

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

UBUNTU-CVE-2024-9681

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA

The Federal Bureau of Investigation FBI has issued a warning that cybercriminals are taking over email accounts via stolen session cookies, allowing them to bypass the multi-factor authentication MFA a user has set up. Here's how it works. Most of us don’t think twice about checking the “Remember...

CVE-2024-48463

Bruno before 1.29.1 uses Electron shell.openExternal without validation of http or https for opening windows within the Markdown docs viewer...

SUSE CVE-2024-51774

qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors...

CVE-2024-51774

qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors...

CVE-2024-51774

qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors...

CVE-2024-51774

qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors...

CVE-2024-51774

Summary: CVE-2024-51774 affects qBittorrent prior to 5.0.1, which proceeds to use https URLs even after certificate validation errors. This creates a potential exposure to MITM-style manipulation affecting confidentiality, integrity, and availability (per CVSS 3.1: HIGH). Root cause (as stated): ...

CVE-2024-51774

qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors...

CVE-2024-51774

qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors...

CVE-2024-51774

qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors...

Opera Browser Fixes Big Security Hole That Could Have Exposed Your Information

A now-patched security flaw in the Opera web browser could have enabled a malicious extension to gain unauthorized, full access to private APIs. The attack, codenamed CrossBarking , could have made it possible to conduct actions such as capturing screenshots, modifying browser settings, and accou...

Hikvision network camera security enhancement to prevent cleartext transmission of Dynamic DNS credentials

Overview Multiple network cameras provided by Hangzhou Hikvision Digital Technology Co., Ltd. support two Dynamic DNS services, DynDNS and NO-IP.The user can select which to use on the GUI configuration page. Both the services provide their APIs accessible via HTTP and HTTPS, but old firmware...

JVN#11779839: Hikvision network camera security enhancement to prevent cleartext transmission of Dynamic DNS credentials

Multiple network cameras provided by Hangzhou Hikvision Digital Technology Co., Ltd. support two Dynamic DNS services, DynDNS and NO-IP. The user can select which to use on the GUI configuration page. Both the services provide their APIs accessible via HTTP and HTTPS, but old firmware versions of...

CVE-2024-45802 Squid Denial of Service

Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted...

CVE-2024-20408

A vulnerability in the Dynamic Access Policies DAP feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker...