14 matches found
CVE-2026-10735
CVE-2026-10735 concerns a supply‑chain compromise of ShapedPlugin Pro plugins (Product Slider Pro for WooCommerce, Real Testimonials Pro, Smart Post Show Pro) delivered via the vendor update server. Technical details show a stage 1 loader in src/Includes/LicenseLoader.php that runs on admin init ...
Malicious code in loading-session (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 640bfe1e0b6627e78ec34ef2d97df0d5d29d912446883f284c15935cc8f6f996 Package advertises itself via a verbatim copy of pino's README, docs/, and index.d.ts TypeScript types and documentation are pino's, but index.js doe...
AI Pulse: The First Agentic Cyber Week
In 2025, AI bots officially entered Cyber Week. Learn how agents shaped traffic and shopper intent — and why retailers must optimize for AI-driven commerce...
Friday Squid Blogging: Squid-Shaped UFO Spotted Over Texas
Here's the story. The commenters on X formerly Twitter are unimpressed. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...
Split Happens: Combating Advanced Threats with Split Learning and Function Secret Sharing
Split Learning SL -- splits a model into two distinct parts to help protect client data while enhancing Machine Learning ML processes. Though promising, SL has proven vulnerable to different attacks, thus raising concerns about how effective it may be in terms of data privacy. Recent works have...
[SECURITY] Fedora 41 Update: crosswords-0.3.13.3-4.fc41
A simple and fun game of crosswords. Load your crossword files, or play one of the included games. Features include: - Support for shaped and colored crosswords - Loading .ipuz and .puz files - Hint support, such as showing mistakes and suggesting words - Dark mode support - Locally installed...
[SECURITY] Fedora 39 Update: crosswords-0.3.13-1.fc39
A simple and fun game of crosswords. Load your crossword files, or play one of the included games. Features include: - Support for shaped and colored crosswords - Loading .ipuz and .puz files - Hint support, such as showing mistakes and suggesting words - Dark mode support - Locally installed...
[SECURITY] Fedora 40 Update: crosswords-0.3.13-1.fc40
A simple and fun game of crosswords. Load your crossword files, or play one of the included games. Features include: - Support for shaped and colored crosswords - Loading .ipuz and .puz files - Hint support, such as showing mistakes and suggesting words - Dark mode support - Locally installed...
SUSE CVE-2012-5839
Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via...
Google OpenThread 缓冲区错误漏洞
Google OpenThread is an open source implementation of the Thread networking protocol from Google USA. A buffer overflow vulnerability exists in OpenThread wpantund, which stems from an error in the handling of shaped data in the metriclen function. No details of the vulnerability are available at...
Friday Squid Blogging: Squid-Shaped Bike Rack
Theres a new squid-shaped bike rack in Ballard, WA. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
[SECURITY] Fedora 34 Update: swell-foop-40~rc-1.fc34
Clear the screen by removing groups of colored and shaped tiles...
[SECURITY] Fedora 22 Update: vtun-3.0.3-15.fc22
VTun provides a method for creating Virtual Tunnels over TCP/IP networks and allows one to shape, compress, and encrypt traffic in those tunnels. Supported types of tunnels are: PPP, IP, Ethernet and most other serial protocols and programs. VTun is easily and highly configurable: it can be used...
SSL/TLS is the latest vulnerability ordination ceremony parsing-vulnerability warning-the black bar safety net
2 0 1 5 year 3 month, there are about 3 0% of the network communication is controlled by the RC4 to be protected. By“ordination ceremony”attack, the attacker may be in a particular environment just by sniffing the visit listen you can restore using RC4 to protect the encrypted information in plai...