python-ecdsa has been found to be subject to a Minerva timing attack on the P-256 curve. Using the ecdsa.SigningKey.sign_digest() API function and timing signatures an attacker can leak the internal n ...
Continue Reading23 января, 2024
@hono/node-server is an adapter that allows users to run Hono applications on Node.js. Since v1.3.0, @hono/node-server has used its own Request object with url behavior that is unexpected. In the stan ...
Continue Reading23 января, 2024
In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can ...
Continue Reading22 января, 2024
Issue 1: Failure to quote characters Affected versions of this crate allowed the bytes { and xa0 to appear unquoted and unescaped in command arguments. If the output of quote or join is passed to a sh ...
Continue Reading22 января, 2024
python-ecdsa has been found to be subject to a Minerva timing attack on the P-256 curve. Using the ecdsa.SigningKey.sign_digest() API function and timing signatures an attacker can leak the internal n ...
Continue Reading22 января, 2024
This Metasploit module chains an authentication bypass vulnerability and a command injection vulnerability to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to a ...
Continue Reading22 января, 2024
This Metasploit module chains an authentication bypass vulnerability and a command injection vulnerability to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to a ...
Continue Reading22 января, 2024
Pioneering the Forward-Thinking Epoch of Internet Safety As we brace for an era anticipated to offer a deeper entwined digital landscape, a profound transformation stirs within the realms of online sa ...
Continue Reading22 января, 2024
Back to Main