167 matches found
Configure the Default Policies of iptables to DROP Properly
Generally, iptables policies can be configured in allowlist or blocklist mode. You are advised to configure iptables policies in allowlist mode. Connections that do not comply with the rules in the allowlist are prohibited. Therefore, you can configure the DROP or REJECT policy for the INPUT,...
Configure the Remote Log Server
rsyslog can send local logs to a remote log server for unified storage. This facilitates centralized log management, prevents local logs from occupying too much drive space and being tampered with. If remote log storage is not configured, rsyslog logs are stored in local files. As far as the...
Publicly Verifiable Secret Sharing: Generic Constructions and Lattice-Based Instantiations in the Standard Model
Publicly verifiable secret sharing PVSS allows a dealer to share a secret among a set of shareholders so that the secret can be reconstructed later from any set of qualified participants. In addition, any public verifier should be able to check the correctness of the sharing and reconstruction...
Give LLMs a Security Course: Securing Retrieval-Augmented Code Generation Via Knowledge Injection
Retrieval-Augmented Code Generation RACG leverages external knowledge to enhance Large Language Models LLMs in code synthesis, improving the functional correctness of the generated code. However, existing RACG systems largely overlook security, leading to substantial risks. Especially, the...
Exploit for Server-Side Request Forgery in Lnbits
CVE-2025-32013 Security Advisory and PoC for CVE-2025-32013...
Advanced XSS Exploitation - How to Create Keylogger and Get Password
In this paper, the author teaches advanced persistent cross site scripting techniques that can be used to create keyloggers and send the content typed by the client to an external server, where the attacker will have access to messages, passwords, etc. The paper is primarily focusing on a...
2025-25427
It is an offensive tool for Linux. The repository slin99/2025-25...
Linux FUSE Use-After-Free
FUSE in Linux allows use-after reads of write buffers, allowing theft of partial /etc/shadow hashes...
report
...
CVE-2025-1471
CVE-2025-1471 concerns Eclipse OMR: z/OS atoe print functions using a constant-length buffer from versions 0.2.0–0.4.0, enabling a buffer overflow if input exceeds the buffer. Beginning with 0.5.0, conversion buffers are sized and checked to prevent overflow. Connected sources confirm this CVE ac...
CVE-md
CVE-md...
CVE-2023-6602 Ffmpeg: improper handling of input format in tty demuxer of ffmpeg
A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists...
ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension
...
AZL-43312 CVE-2024-39473 affecting package kernel for versions less than 5.15.162.2-1
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension If a process module does not have base config extension then the same format applies to all of it's inputs and the process-baseconfigext i...
CVE-2024-39473
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension If a process module does not have base config extension then the same format applies to all of it's inputs and the process-baseconfigext i...
CVE-2024-39473
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension If a process module does not have base config extension then the same format applies to all of it's inputs and the process-baseconfigext i...
UBUNTU-CVE-2024-39473
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension If a process module does not have base config extension then the same format applies to all of it's inputs and the process-baseconfigext i...
CVE-2024-39473 ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension If a process module does not have base config extension then the same format applies to all of it's inputs and the process-baseconfigext i...
CVE-2024-39473 ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension If a process module does not have base config extension then the same format applies to all of it's inputs and the process-baseconfigext i...
Exploit for Race Condition in Openbsd Openssh
CVE-2024-6387 HASSH Fingerprints HASSH fingerprints for ident...