24 matches found
ROS-20260629-73-0010
The vulnerability in ImageMagick is related to the lack of memory release after the effective lifespan of the component. Exploiting this vulnerability can allow an attacker to cause a service failure...
ROS-20260617-73-0026
The vulnerability in ImageMagick is related to the lack of memory release after the effective lifespan of the component. Exploiting this vulnerability can allow an attacker to cause a service failure...
ROS-20260616-73-0038
The vulnerability in ImageMagick 7 is related to the lack of memory release after the effective lifespan of the component. Exploiting this vulnerability can allow an attacker to cause a service failure...
Topical Shifts in the Dark Web: A Longitudinal Analysis of Content from the Cybercrime Ecosystem
The dark web hosts a dynamic ecosystem of cybercrime forums and marketplaces that adapt to law enforcement pressure, technological change, and economic incentives. Prior research has extracted cyber threat intelligence from these platforms using static snapshots, with limited attention to how...
CVE-2018-1000814
aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan. This attack appear to be exploitable via Recreation of a cookie post-expiry with the same value...
Goodbye, dark Telegram: Blocks are pushing the underground out
Telegram has won over users worldwide, and cybercriminals are no exception. While the average user chooses a messaging app based on convenience, user experience and stability and perhaps, cool stickers, cybercriminals evaluate platforms through a different lens. When it comes to anonymity, privac...
Open Source, Open Threats? Investigating Security Challenges in Open-Source Software
Open-source software OSS has become increasingly more popular across different domains. However, this rapid development and widespread adoption come with a security cost. The growing complexity and openness of OSS ecosystems have led to increased exposure to vulnerabilities and attack surfaces...
CVE-2024-7998
In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan...
CVE-2025-22072
CVE-2025-22072 describes a Linux kernel flaw in the spufs subsystem related to gang directory lifetimes. The root cause involved improper handling of gang directories: on close, dentry pinning was broken and rmdir on close was removed, causing leaks when a gang context remained alive after the ga...
The vulnerability of the Linux operating system’s x86 kernel component, which allows a hacker to trigger a service failure
The vulnerability of the Linux operating system’s x86 kernel component is related to the lack of memory release after the effective lifespan of the component. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2024-7998
In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan...
CVE-2024-7998
In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan...
CVE-2024-7998
CVE-2024-7998 affects Octopus Server where OIDC cookies used the wrong expiration time, potentially enabling longer-lived cookies. The CVSS 3.1 vector reports a Low base score (2.6) with NETWORK attack vector, HIGH complexity, and user interaction required. The available documents state the vulne...
CVE-2024-7998
In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan...
PT-2024-38745 · Unknown · Octopus Server
Name of the Vulnerable Software and Affected Versions: Octopus Server affected versions not specified Description: The issue is related to OIDC cookies using the wrong expiration time, potentially resulting in them using the maximum lifespan. Recommendations: At the moment, there is no informatio...
DHCP configurations for PVS
Citrix recommends DHCP configuration which ensures that a PVS target device receives the same IP address for all DHCP requests during its booted lifespan. The end result should be a target device using the same IP address it received at boot time, for the entirety of its booted lifespan. DHCP...
The vulnerability of the Generic-array module in Rust, related to type handling errors, allows attackers to cause service failures.
The vulnerability of the Generic-array module in Rust is related to the increased lifespan of the arr! macro. Exploiting this vulnerability allows a remote attacker to cause service failures...
Friday Squid Blogging: Diplomoceras Maximum
Diplomoceras maximum is an ancient squid-like creature. It lived about 68 million years ago, looked kind of like a giant paperclip, and may have had a lifespan of 200 years. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my...
Maximum Lifespan of SSL/TLS Certificates is 398 Days Starting Today
Starting today, the lifespan of new TLS certificates will be limited to 398 days, a little over a year, from the previous maximum certificate lifetime of 27 months 825 days. In a move that's meant to boost security, Apple, Google, and Mozilla are set to reject publicly rooted digital certificates...
The vulnerability of the pvrdma_realize function in the PVRDMA virtual network adapter allows a hacker to induce a service failure.
The vulnerability of the pvrdmarealize function in the PVRDMA virtual network adapter emulator for hardware emulation software QEMU is related to deficiencies in resource release after the expiration of its useful lifespan. Exploiting this vulnerability can allow an attacker to cause a service...