Sensitive Information Disclosure

OpenSearch is vulnerable to Sensitive Information Disclosure. The vulnerability is due to redacted values being retrievable through range queries and the fields option in the search API...

Pushing the Limits of Frequency Analysis in Leakage Abuse Attacks

Searchable encryption SE is the most scalable cryptographic primitive for searching on encrypted data. Typical SE constructions often allow access-pattern leakage, revealing which encrypted records are retrieved in the server's responses. All the known generic cryptanalyses assume either that the...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure in the application of Field Level Security FLS rules to fields that are members of an object within a source document. An attacker can gain unauthorized access to sensitive data by reconstructing the contents of...

[SECURITY] [DLA 58-2] apt regression fix

Package : apt Version : 0.8.10.3+squeeze6 CVE ID : CVE-2014-6273 This update fixes a regression introduced in 0.8.10.3+squeeze5 where apt would send invalid HTTP requests when sending If-Range queries. Thanks to Steven McDonald who reported1 the regression and to Michael Vogt for having uploaded ...