signal-echo-radar

Signal Echo Radar Signal Echo Radar is a static cybersecurity...

CVE-2024-40684

IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log Analysis does not require that users should have strong passwords by default, which makes it easi...

EUVD-2024-55600

IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log Analysis does not require that users should have strong passwords by default, which makes it easi...

Inadequate Encryption Strength

github.com/enchant97/note-mark/backend is vulnerable to Inadequate Encryption Strength. The vulnerability is due to missing enforcement of minimum length and entropy requirements for the JWTSECRET value, which allows an attacker to brute-force weak secrets and forge valid JWT tokens...

Quantifiable Uncertainty: A Stochastic Consensus Multi-Agent RAG Framework for Robust Malware Detection

While contemporary deep learning malware detectors define a dominant defense paradigm, their sophistication also exposes them to novel structural evasion attacks, a limitation we attribute to their inherent inability to express epistemic uncertainty. To address this challenge, we present MAGMA, a...

Understanding Password Preferences, Memorability, and Security through a Human-Centered Lens

Passwords remain the primary authentication method, yet user-created passwords are often the weakest due to the security-usability trade-off. Although AI-based password generators are emerging, little is known about their effectiveness and user perceptions. This eye-tracking study examined how...

OpenSSL Toolkit 3.3.7

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.3 release...

CVE-2026-33124

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Versions prior to 0.17.0-beta1 allow any authenticated user to change their own password without verifying the current password through the /users/username/password endpoint. Changing a password does not...

Akamai Leads the Way: 2026 GigaOm Radar for Microsegmentation

Akamai Guardicore Segmentation, a Leader and Fast Mover in the 2026 GigaOm Radar for Microsegmentation report, balances innovation with platform strength...

CVE-2026-33124 Frigate has insecure password change functionality

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Versions prior to 0.17.0-beta1 allow any authenticated user to change their own password without verifying the current password through the /users/username/password endpoint. Changing a password does not...

CVE-2026-33124 Frigate has insecure password change functionality

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Versions prior to 0.17.0-beta1 allow any authenticated user to change their own password without verifying the current password through the /users/username/password endpoint. Changing a password does not...

PT-2026-26598

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Versions prior to 0.17.0-beta1 allow any authenticated user to change their own password without verifying the current password through the /users/username/password endpoint. Changing a password does not...

Multilingual AI-Driven Password Strength Estimation with Similarity-Based Detection

Considering the rise of cyberattacks incidents worldwide, the need to ensure stronger passwords is necessary. Developing a password strength meter PSM can help users create stronger passwords when creating an account on an online platform. This research aimed to explore whether incorporating a...

Bluetooth RFCOMM 1.1 Signal-Triggered Air-Gap Interaction

This project demonstrates how Flipper Zero can be used to interact with devices in an Air-Gap context using Bluetooth RFCOMM signals. The system monitors RSSI signal strength and uses statistical peak detection Z-Score analysis to identify significant signal spikes from target devices. When a pea...

cyber-security-toolkit

cyber-security-toolkit Python-based Cyber Secu...

Inadequate Encryption Strength

Overview github.com/pion/dtls is a DTLS 1.2 Server/Client implementation for Go. Affected versions of this package are vulnerable to Inadequate Encryption Strength due to the use of the random nonce generation with AES GCM ciphers. An attacker can obtain the authentication key and spoof data by...

Inadequate Encryption Strength

Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength due to the use of the random nonce generation with AES GCM ciphers. An attacker can obtain the authentication key and spoof data by exploiting nonce reuse within a session. Remediation Upgrade...

Tucows (VDP): Password Strength Policy Bypass via Server-Side Validation Flaw

A password strength policy bypass was discovered due to a server-side validation flaw. The password strength policy was only enforced in the browser, not on the server side...

CVE-2021-33563

Koel before 5.1.4 lacks login throttling, lacks a password strength policy, and shows whether a failed login attempt had a valid username. This might make brute-force attacks easier...

Password Strength Analysis through Social Network Data Exposure: A Combined Approach Relying on Data Reconstruction and Generative Models

Although passwords remain the primary defense against unauthorized access, users often tend to use passwords that are easy to remember. This behavior significantly increases security risks, also due to the fact that traditional password strength evaluation methods are often inadequate. In this...