784 matches found
Siemens SIMATIC S7-1500 Improper Certificate Validation (CVE-2025-32989)
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
Scam Ads Are Flooding Social Media. These Former Meta Staffers Have a Plan
Rob Leathern and Rob Goldman, who both worked at Meta, are launching a new nonprofit that aims to bring transparency to an increasingly opaque, scam-filled social media ecosystem...
Why Data Security Is the Key to Transparency in Private Markets
Private markets used to operate behind closed doors, exclusive, informal, and built on personal connections more than structure.…...
Astra Linux – Vulnerability in gnutls28
A heap-buffer-overread vulnerability was discovered in GnuTLS regarding its handling of the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
You asked, we delivered: Introducing new features for an improved security experience
At the Microsoft Security Response Center MSRC, your feedback drives our innovation. Every enhancement we deliver starts with listening to the security community and our customers. Based on your input, we’ve introduced three new features designed to make your experience more efficient, transparen...
Security Bulletin: Allocation of resources without limits, heap-buffer-overread, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service
Summary IBM Storage Defender - Resiliency service is vulnerable to allocation of resources without limits, heap-buffer-overread, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-32988 DESCRIPTION: A flaw was found in GnuTLS. A double-free vulnerability...
The Geomys Standard of Care
One of the most impactful effects of professionalizing open source maintenance is that as professionals we can invest into upholding a set of standards that make our projects safer and more reliable. The same commitments and overhead that are often objected to when required of volunteers should b...
EUVD-2019-17902
Malware in sbrugna...
EUVD-2016-1405
Malware in sbrugna...
EUVD-2017-2993
Malware in sbrugna...
EUVD-2014-1359
Malware in sbrugna...
"Your Doctor Is Spying on You": An Analysis of Data Practices in Mobile Healthcare Applications
Mobile healthcare mHealth applications promise convenient, continuous patient-provider interaction but also introduce severe and often underexamined security and privacy risks. We present an end-to-end audit of 272 Android mHealth apps from Google Play, combining permission forensics, static...
gnutls: Vulnerability in GnuTLS SCT extension parsing
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
gnutls: Vulnerability in GnuTLS SCT extension parsing
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
Agentic Misalignment: How LLMs Could Be Insider Threats
We stress-tested 16 leading models from multiple developers in hypothetical corporate environments to identify potentially risky agentic behaviors before they cause real harm. In the scenarios, we allowed models to autonomously send emails and access sensitive information. They were assigned only...
EUVD-2025-6524
Malicious code in bioql PyPI...
EUVD-2025-20927
Malicious code in bioql PyPI...
EUVD-2022-0958
Malicious code in bioql PyPI...
EUVD-2025-28538
Malicious code in bioql PyPI...
EUVD-2025-25782
Malicious code in bioql PyPI...