CVE-2024-53128

In the Linux kernel, the following vulnerability has been resolved: sched/taskstack: fix objectisonstack for KASAN tagged pointers When CONFIGKASANSWTAGS and CONFIGKASANSTACK are enabled, the objectisonstack function may produce incorrect results due to the presence of tags in the obj pointer,...

CVE-2018-0243

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 SMB2 and SMB Version 3 SMB3 protocols if malware is detected. The...

Paragon Initiative Enterprises: Incorrect detection of onion URLs

Several places have incorrect code to detect if URL point to .onion domain tor hidden server: The following regexes: 1. ^https://^/:+.onion:?:0-9+ 2. ^https?://^/+.onion which is used in: https://github.com/paragonie/airship/blob/0e9289553cdc538556d362faaee63be6cc534a0c/src/Engine/Hail.phpL223...

Certain characters may be used for domain name spoofing

Opera uses several approaches to prevent spoofing of internationalized domain names IDN with characters that look similar to each other. With untrusted top-level domains, Opera prevents certain combinations of characters from being used in the same part of a domain name as each other, and should...