CVE-2022-25368

Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history stored in the CPU BHB to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which...

GLSA-202211-05 : Mozilla Thunderbird: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202211-05 Mozilla Thunderbird: Multiple Vulnerabilities - Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests migh...

CVE-2022-31177 Possible to infer sensitive information through query strings in Flask-AppBuilder

Flask-AppBuilder is an application development framework built on top of Flask python framework. In versions prior to 4.1.3 an authenticated Admin user could query other users by their salted and hashed passwords strings. These filters could be made by using partial hashed password strings. The...

CVE-2022-25368

Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history stored in the CPU BHB to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which...