4 matches found
EUVD-2022-1452
Malicious code in bioql PyPI...
CURL-CVE-2022-27781 CERTINFO never-ending busy-loop
libcurl provides the CURLOPTCERTINFO option to allow applications to request details to be returned about a TLS server's certificate chain. Due to an erroneous function, a malicious server could make libcurl built with NSS get stuck in a never-ending busy-loop when trying to retrieve that...
Design/Logic Flaw
OWASP Zed Attack Proxy ZAP through w2022-03-21 does not verify the TLS certificate chain of an HTTPS server...
Tor Vulnerable to Remote arbitrary code Execution
Tor Vulnerable to Remote arbitrary code Execution According to latest post of Gentoo Linux Security Advisory, There are multiple vulnerabilities have been found in TOR, the most severe ofwhich may allow a remote attacker to execute arbitrary code. TOR is an implementation of second generation Oni...