GHSA-wc9m-r3v6-9p5h: Sparkle Signing Checks Bypass

GHSA-w7wm-2425-7p2h: MarbleRun unauthenticated recovery allows Coordinator impersonation

GHSA-mx2j-7cmv-353c: wasmvm: Malicious smart contract can slow down block production

GHSA-23qp-3c2m-xx6w: wasmvm: Malicious smart contract can crash the chain

GHSA-9crc-q9x8-hgqq: Vitest allows Remote Code Execution when accessing a malicious website while Vitest API server is listening

NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack.

**NASA AIT-Core uses unencrypted channels to exchange data over the network**

High severity GitHub Reviewed Published May 21, 2024 to the GitHub Advisory Database • Updated May 22, 2024

Headline

GHSA-qv6x-53jj-vw59: NASA AIT-Core uses unencrypted channels to exchange data over the network

ghsa: Latest News