13 matches found
EUVD-2020-27595
Malware in sbrugna...
Virtual Reality, Real Problems: a Longitudinal Security Analysis of VR Firmware
Virtual Reality VR technology is rapidly growing in recent years. VR devices such as Meta Quest 3 utilize numerous sensors to collect users' data to provide an immersive experience. Due to the extensive data collection and the immersive nature, the security of VR devices is paramount. Leading VR...
CVE-2024-42350
Biscuit is an authorization token with decentralized verification, offline attenuation and strong security policy enforcement based on a logic language. Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a ThirdPartyBlock request can be...
CVE-2024-42350 Public key confusion in third party block in Biscuit
Biscuit is an authorization token with decentralized verification, offline attenuation and strong security policy enforcement based on a logic language. Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a ThirdPartyBlock request can be...
CVE-2024-42350
The CVE describes a public-key confusion in Biscuit’s third-party blocks: a forged ThirdPartyBlock request can cause a third-party authority to generate datalog trusting the wrong keypair, enabling an attacker to embed a trusted annotation in tokens. The issue arises from how the block request co...
CVE-2024-42350 Public key confusion in third party block in Biscuit
Biscuit is an authorization token with decentralized verification, offline attenuation and strong security policy enforcement based on a logic language. Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a ThirdPartyBlock request can be...
CVE-2024-42350 Public key confusion in third party block in Biscuit
Biscuit is an authorization token with decentralized verification, offline attenuation and strong security policy enforcement based on a logic language. Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a ThirdPartyBlock request can be...
Important: Red Hat Security Advisory: postgresql:15 security update
An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Google Chrome Security Update (stable-channel-update-for-desktop_25-2021-05) - Mac OS X
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Insufficient Validation
An insufficient policy enforcement security issue has been found in the content security policy component of the Chromium browser before version 91.0.4472.77...
Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities
Credits: John Page aka HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SYMANTEC-SEPM-MULTIPLE-VULNS.txt + ISR: ApparitionSec Vendor: ================ www.symantec.com Product: =========== SEPM Symantec Endpoint Protection Manager and client v12.1...
Integrity Clientless Security (ICS) Update 3.7.144.0
Check Point Integrity Clientless Security ICS protects your Web site by detecting and disabling spyware processes and allowing you to enforce security policies before a user logs onto your network. Using ICS you can prevent users with potentially harmful software from accessing your Web site, a...
Integrity Clientless Security (ICS) Update 3.7.128.0
Check Point Integrity Clientless Security ICS protects your Web site by detecting and disabling spyware processes and allowing you to enforce security policies before a user logs onto your network. Using ICS you can prevent users with potentially harmful software from accessing your Web site, a...