Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-41867: Comparing v2.3.3...v2.4 · onionshare/onionshare

An information disclosure vulnerability in OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to retrieve the full list of participants of a non-public OnionShare node via the --chat feature.

CVE

Related news

New 'Trojan Source' Method Lets Attackers Hide Vulns in Source Code

Researchers discover a new technique attackers could use to encode vulnerabilities into software while evading detection.

IP Surveillance Bugs in Axis Gear Allow RCE, Data Theft

Three security vulnerabilities in Axis video products could open up the door to a bevy of different cyberattacks on businesses.

CVE-2021-41868: Comparing v2.3.3...v2.4 · onionshare/onionshare

OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to upload files on a non-public node when using the --receive functionality.

Tips & Tricks for Unmasking Ghoulish API Behavior

Jason Kent, hacker-in-residence at Cequence Security, discusses how to track user-agent connections to mobile and desktop APIs, to spot malicious activity.

Latest web hacking tools – Q4 2021

We take a look at the latest additions to security researchers’ armoury

Google Spots New Technique to Sneak Malware Past Detection Tools

The operator behind OpenSUpdater is using a new way to sneak adware and other malware past security tools.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907