GHSA-GGMG-CQG6-J45G Sentry: Improper authentication on SAML SSO process allows user identity linking

Impact A critical vulnerability was discovered in the SAML SSO implementation of Sentry. It was reported to us via our private bug bounty program. The vulnerability allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on the same...

DLL hijacking and the Opera browser

Security DLL hijacking and the Opera browser Share March 10th, 2017 Recently, a collection of documents was released online, which was claimed to have originated with a major World power. The documents listed hacking vectors that could be used to inject code into major operating systems and...

Apple Releases OS X bash Update 1.0

Apple has released OS X bash Update 1.0 to address vulnerabilities found in the Bourne-again Shell bash which could allow a remote attacker to execute arbitrary shell commands. US-CERT recommends users and administrators review Apple Security Update HT6495, TA14-268A, Vulnerability Note VU252743...

Apple QuickDraw Manager heap buffer overflow vulnerability

Overview Apple QuickDraw contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description PICT is a graphics file format that was used by Apple Macintosh systems prior to Mac OS X as their standa...