dotnet: Multiple .NET components susceptible to hash flooding

A flaw was found in dotnet. The System.Security.Cryptography.Cose, System.IO.Packaging and System.Runtime.Caching components may be exposed to hostile input, making them susceptible to hash flooding attacks, resulting in denial of service...

Snapd Flaw Lets Attackers Gain Root Access On Linux Systems

Ubuntu and some other Linux distributions suffer from a severe privilege escalation vulnerability that could allow a local attacker or a malicious program to obtain root privileges and total control over the targeted system. Dubbed "DirtySock" and identified as CVE-2019-7304, the vulnerability wa...

Debian DSA-4242-1 : ruby-sprockets - security update

Orange Tsai discovered a path traversal flaw in ruby-sprockets, a Rack-based asset packaging system. A remote attacker can take advantage of this flaw to read arbitrary files outside an application's root directory via specially crafted requests, when the Sprockets server is used in production. C...

RubyGems BSON Denial of Service Vulnerability (CNVD-2015-03761)

RubyGems gems is a Ruby packaging system for packaging Ruby components. A denial of service vulnerability exists in RubyGems BSON. This vulnerability can be exploited to launch a denial of service attack...

[Subterfuge v1.0] Automated Man-in-the-Middle Attack Framework

Subterfuge , a Framework to take the arcane art of Man-in-the-Middle Attacks and make it as simple as point and shoot. Subterfuge demonstrates vulnerabilities in the ARP Protocol by harvesting credentials that go across the network and even exploiting machines by injecting malicious code directly...