Automattic: No Rate Limit when accessing "Password protection" enabled surveys leads to bypassing passwords via "pd-pass_surveyid" cookie

Summary: Hi team, If you write the right password on any password protected survey, you will see this request : F878934 This request is protected with rate limit, that's great. But if you look to response, you will see a cookie. The password protection feature is cookie-based system. In my survey...

CVE-2018-10751

A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. The Samsung ID is SVE-2018-11463...

libreswan: crafted IKE packet causes daemon restart

A flaw was discovered in the way Libreswan's IKE daemon processed certain IKEv1 payloads. A remote attacker could send specially crafted IKEv1 payloads that, when processed, would lead to a denial of service daemon crash...

Asterisk RTP DoS

Crash on RTP comfort noise payload processing...

bluez-libs and bluez-utils security update

bluez-libs: 3.7-1.1 - Fix CVE-2008-2374 Resolves: 452880 bluez-utils: 3.7-2.2 - Add explicit versioned Requires and BuildRequires for new bluez-libs 3.7-2.1 - Fix CVE-2008-2374 452715 SDP payload processing vulnerability...