Ethereum RLPx 安全漏洞

Ethereum RLPx is a TCP-based transport protocol from Ethereum used for communication between Ethernet nodes. A security vulnerability exists in Ethereum RLPx that stems from two CTR streams based on the same key, IV, and random number, potentially facilitating decryption on a private network...

SUSE CVE-2025-52968

xdg-open in xdg-utils through 1.2.1 can send requests containing SameSite=Strict cookies, which can facilitate CSRF. For example, xdg-open could be modified to, by default, associate x-scheme-handler/https with the execution of a browser with command-line options that arrange for an empty cookie...

golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect

A flaw was found in the net/http package of the Golang standard library. The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header redirected to b.com/ will not send that header to b.com. However, the...

AZL-64296 CVE-2025-52968 affecting package xdg-utils 1.2.1-3

xdg-open in xdg-utils through 1.2.1 can send requests containing SameSite=Strict cookies, which can facilitate CSRF. For example, xdg-open could be modified to, by default, associate x-scheme-handler/https with the execution of a browser with command-line options that arrange for an empty cookie...

CVE-2025-52968

xdg-open in xdg-utils through 1.2.1 can send requests containing SameSite=Strict cookies, which can facilitate CSRF. For example, xdg-open could be modified to, by default, associate x-scheme-handler/https with the execution of a browser with command-line options that arrange for an empty cookie...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like...

OESA-2025-1648 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written...

Astra Linux – Vulnerability in requests

Requests is an HTTP library. Prior to version 2.32.0, when making requests through a Requests Session, if the first request was made with verify=False to disable certificate verification, all subsequent requests to the same host would continue to ignore certificate verification, regardless of...

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass the same-origin policy through a crafted HTML page. Chromium security severity: Low...

CVE-2025-47849

A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can get the API key and secret key of user-accounts of Admin role type in the same domain. This operation is not appropriately restricted and...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like...

webpack-dev-server users' source code may be stolen when they access a malicious web site

Summary Source code may be stolen when you access a malicious web site. Details Because the request for classic script by a script tag is not subject to same origin policy, an attacker can inject in their site and run the script. Note that the attacker has to know the port and the output entrypoi...

CVE-2025-30359

Webpack-dev-server CVE-2025-30359 affects the development server used to serve webpack bundles. Before version 5.2.1, an attacker could steal a user’s source code via a malicious site by injecting a script and abusing prototype pollution; exploitation could reveal code through webpack_modules via...

DNS rebinding attacks explained: The lookup is coming from inside the house!

My colleague Kevin Stubbings mentioned the topic of DNS rebinding attacks in a previous blog post. No worries if you haven't read it yet though--in this article, we'll walk you through the concept of DNS rebinding from scratch, demystify how it works, and explore why it's a serious browser-based...

Youpot Worm Honeypot

Youpot listens on all TCP ports and connects to the attacker IP on the same port they connected to you on, proxying traffic back at them. This allows you to watch the attacker attack themselves. This project was presented at Confidence 2025...

CVE-2025-30466

This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4. A website may be able to bypass Same Origin Policy...

CVE-2025-30466

This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4. A website may be able to bypass Same Origin Policy...

CVE-2025-30466

This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, visionOS 2.4, macOS Sequoia 15.4. A website may be able to bypass Same Origin Policy...

CVE-2025-30466

This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, visionOS 2.4, macOS Sequoia 15.4. A website may be able to bypass Same Origin Policy...

CVE-2025-30466

CVE-2025-30466 concerns a bypass of the Same Origin Policy in Apple web/OS components. The issue is addressed through improved state management and is fixed in Safari 18.4, iOS 18.4, iPadOS 18.4, visionOS 2.4, and macOS Sequoia 15.4. The CVE entry lists network as the attack vector, with no user ...