CVE-2021-30874

An authorization issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. A VPN configuration may be installed by an app without user permission...

389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control()

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. The highest threat from this vulnerability is t...

New Relic: Adding your account to victim's app via deeplink

At your android app, there is a feature for passwordless login. It sends an email and if you click the link, it triggers a deeplink on the app for login. I think this feature needs a state control, for example setting loginstatetoken=ABC on the requester device and adding this loginstatetoken to...

Citrix SD-WAN Path State Sensitivity Control Overview

Bad Loss Sensitive – Select a setting from the drop-down menu. The options are: Enable– Default If enabled, paths will be marked BAD due to loss, and will incur a path scoring penalty. Disable – Disabling Bad Loss Sensitive can be useful when the loss of bandwidth is intolerable. Custom – Select...

Libyan authorities restrict internet access !

The Libyan government could pull the plug on the country's internet as protests sweep the country. On Friday and Saturday night the country experienced a near black-out, with continued patchy access this week, according to a Google Transparency Report. Libya has had periods of partial or total...