784 matches found
UBUNTU-CVE-2025-32989
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
CVE-2025-32989 Gnutls: vulnerability in gnutls sct extension parsing
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
CVE-2025-32989
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
CVE-2025-32989 Gnutls: vulnerability in gnutls sct extension parsing
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
CVE-2025-32989
CVE-2025-32989 : A heap-buffer-overread in GnuTLS occurs during X.509 certificate parsing of the CT SCT extension (OID 1.3.6.1.4.1.11129.2.4.2). A malformed SCT can lead to exposure of confidential data when certificates are validated for certain sites and SCT checks are not performed correctly. ...
CVE-2025-32989
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
PT-2025-29041
Name of the Vulnerable Software and Affected Versions GnuTLS affected versions not specified gnutls28 versions prior to 3.7.9-2+deb12u5 gnutls30 versions prior to 3.8.10-alt1 Description GnuTLS is a library that implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. A...
GnuTLS 信任管理问题漏洞
GnuTLS is a free secure communications library for implementing the SSL, TLS and DTLS protocols from the GnuTLS open source. A trust management issue vulnerability exists in GnuTLS that stems from improper handling of CT SCT extensions when resolving X.509 certificates, which could lead to...
You Should Run a Certificate Transparency Log
Hear me out. If you are an organization with some spare storage and bandwidth, or an engineer looking to justify an overprovisioned homelab, you should consider running a Certificate Transparency log. It’s cheaper, easier, and more important than you might think. Certificate Transparency CT is on...
Cloud Digital Forensic Readiness: an Open Source Approach to Law Enforcement Request Management
Cloud Forensics presents a multi-jurisdictional challenge that may undermines the success of digital forensic investigations DFIs. The growing volumes of domiciled and foreign law enforcement LE requests, the latency and complexity of formal channels for crossborder data access are challenging...
Researchers Warn Free VPNs Could Leak US Data to China
Tech Transparency Project warns Chinese-owned VPNs like Turbo VPN and X-VPN remain on Apple and Google app stores, raising national security concerns...
Reversing the Paradigm: Building AI-First Systems with Human Guidance
The relationship between humans and artificial intelligence is no longer science fiction -- it's a growing reality reshaping how we live and work. AI has moved beyond research labs into everyday life, powering customer service chats, personalizing travel, aiding doctors in diagnosis, and supporti...
Core.ai Phoenix Code 安全漏洞
Core.ai Phoenix Code is a lightweight text editor from Core.ai India. A security vulnerability exists in Core.ai Phoenix Code that stems from allowing dynamic library injection, which could lead to a local attacker bypassing TCC...
Tracking GPTs Third Party Service: Automation, Analysis, and Insights
ChatGPT has quickly advanced from simple natural language processing to tackling more sophisticated and specialized tasks. Drawing inspiration from the success of mobile app ecosystems, OpenAI allows developers to create applications that interact with third-party services, known as GPTs. GPTs ca...
KGMark: a Diffusion Watermark for Knowledge Graphs
Knowledge graphs KGs are ubiquitous in numerous real-world applications, and watermarking facilitates protecting intellectual property and preventing potential harm from AI-generated content. Existing watermarking methods mainly focus on static plain text or image data, while they can hardly be...
Review of Blockchain-Based Approaches to Spent Fuel Management in Nuclear Power Plants
This study addresses critical challenges in managing the transportation of spent nuclear fuel, including inadequate data transparency, stringent confidentiality requirements, and a lack of trust among collaborating parties, issues prevalent in traditional centralized management systems. Given the...
Chances and Challenges of the Model Context Protocol in Digital Forensics and Incident Response
Large language models hold considerable promise for supporting forensic investigations, but their widespread adoption is hindered by a lack of transparency, explainability, and reproducibility. This paper explores how the emerging Model Context Protocol can address these challenges and support th...
Machine Learning Models Have a Supply Chain Problem
Powerful machine learning ML models are now readily available online, which creates exciting possibilities for users who lack the deep technical expertise or substantial computing resources needed to develop them. On the other hand, this type of open ecosystem comes with many risks. In this paper...
CVE-2024-55655
sigstore-python is a Python tool for generating and verifying Sigstore signatures. Versions of sigstore-python newer than 2.0.0 but prior to 3.6.0 perform insufficient validation of the "integration time" present in "v2" and "v3" bundles during the verification flow: the "integration time" is...
CVE-2025-4280
MacOS version of Poedit bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...