#git

### Summary In the WASMI Interpreter, an [Out-of-bounds Buffer Write](https://cwe.mitre.org/data/definitions/787.html) will arise arise if the host calls or resumes a Wasm function with more parameters than the default limit (128), as it will surpass the stack value. This doesn’t affect calls from Wasm to Wasm, only from host to Wasm. ### Impact After conducting an analysis of the dependent Polkadot systems of `wasmi`: [Pallet Contracts](https://github.com/paritytech/polkadot-sdk/tree/master/substrate/frame/contracts), [Parity Signer](https://github.com/paritytech/parity-signer), and [Smoldot](https://github.com/smol-dot/smoldot), we have found that none on those systems have been affected by the issue as they are calling host to Wasm function with a small limited amount of parameters always. ### Mitigations If you are using `wasmi` betwen version 0.15.0 and 0.31.0, please update it to the [0.31.1](https://github.com/paritytech/wasmi/releases/tag/v0.31.1) patch release that we ju...

By cyberwire Badge Launches Partner Program to Expand Availability of its Privacy-Enhancing “Enroll Once and Authenticate on Any Device” Software. This is a post from HackRead.com Read the original post: Badge Launches Partner Program for ‘Enroll Once and Authenticate Any Device’ Software

Pet retail company PetSmart has emailed customers to alert them to a recent attack that used reused passwords.

NDtaskmatic version 1.0 suffers from a remote SQL injection vulnerability.

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Red Hat Security Advisory 2024-1194-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include denial of service and file overwrite vulnerabilities.

Red Hat Security Advisory 2024-1193-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include denial of service and file overwrite vulnerabilities.

Red Hat Security Advisory 2024-1192-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include denial of service and file overwrite vulnerabilities.

By Uzair Amir Stay up to date on the ever-changing trends and enhance your internet security with traditional VPNs. Not only do they provide an extra layer of protection, but they also come with plenty of entertainment credentials! This is a post from HackRead.com Read the original post: VPN Evolution: Security and Entertainment Essentials Amid Rising Digital Risks

By Deeba Ahmed Tycoon and Storm-1575 threat actors launched targeted spear phishing attacks to bypass MFA protections, targeting officials at large US school districts. This is a post from HackRead.com Read the original post: Tycoon and Storm-1575 Linked to Phishing Attacks on US Schools