Tag
#ssl
Red Hat Security Advisory 2024-1484-03 - An update for firefox is now available for Red Hat Enterprise Linux 8. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2024-1608-03 - An update for opencryptoki is now available for Red Hat Enterprise Linux 8.
By Uzair Amir In the last 30 days, Powerloom generated over 250 million snapshots (unique data points), with a daily increase to approximately 10 million snapshots This is a post from HackRead.com Read the original post: Powerloom Announces Expansion to Base as It Surpasses 5200 Snapshotter Lite Nodes
A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error.
Details are starting to emerge about a stunning supply chain attack that sent the open source software community reeling.
This Metasploit module exploits a buffer overflow at the administration interface (8080 or 4117) of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. Successful exploitation results in remote code execution as user nobody.
By Uzair Amir Isn’t it shocking that people still use passwords like QWERTY12, 1234, or pet names for their online accounts?… This is a post from HackRead.com Read the original post: Payment authorization and one-time passwords – Mobile Token
Facebook is accused of using potentially criminal methods to spy on Snapchat users to gain a commercial advantage over its competition.
By Waqas Masa Network’s AI Data Marketplace will be an interoperable network for the world’s personal data, launching across multiple blockchains from day one. This is a post from HackRead.com Read the original post: Masa Network Integrates with LayerZero to Power Its Cross-chain AI Data Network
Workout Journal App version 1.0 suffers from a persistent cross site scripting vulnerability.