[SECURITY] Fedora 42 Update: dnsdist-1.9.12-1.fc42

dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...

Why API Security Is No Longer an AppSec Problem – And What Security Leaders Must Do Instead

APIs are one of the most important technologies in digital business ecosystems. And yet, the responsibility for their security often falls to AppSec teams – and that’s a problem. This organizational mismatch creates systemic risk: business teams assume APIs are “secured,” while attackers exploit...

EUVD-2023-32442

Malicious code in bioql PyPI...

CVE-2023-28807 Bypass of ZIA domain fronting detection module through evasion technique

In Zscaler Internet Access ZIA a mismatch between Connect Host and Client Hello's Server Name Indication SNI enables attackers to evade network security controls by hiding their communications within legitimate traffic...

CVE-2023-38505 DietPi-Dashboard Insufficient TLS Handshake Pool

DietPi-Dashboard is a web dashboard for the operating system DietPi. The dashboard only allows for one TLS handshake to be in process at a given moment. Once a TCP connection is established in HTTPS mode, it will assume that it should be waiting for a handshake, and will stay this way indefinitel...

CVE-2019-25076

The TSS Tuple Space Search algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service delays of legitimate traffic via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, ak...

Authentication flaw

The Blackhole for Bad Bots WordPress plugin before 3.3.2 uses headers such as CF-CONNECTING-IP, CLIENT-IP etc to determine the IP address of requests hitting the blackhole URL, which allows them to be spoofed. This could result in blocking arbitrary IP addresses, such as legitimate/good search...

Needl - Take Back Your Privacy. Lose Yourself In The Haystack.

Take back your privacy. Lose yourself in the haystack. Your ISP is most likely tracking your browsing habits and selling them to marketing agencies albeit anonymised. Or worse, making your browsing history available to law enforcement at the hint of a Subpoena. Needl will generate random Internet...

Design/Logic Flaw

The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying 300 seconds with an HTTP 500 error. While the server is hung, print jobs over the network are blocked and the web...

Wikileaks, Dodging DDoS, Bounces Back to Amazon

The Web site of Wikileaks was moving quickly to stay out of the way of large scale denial of service attacks on Sunday and Monday, following the release of a trove of sensitive U.S. diplomatic cables. The controversial site, which has spent months trying to find a home secure from government...