This archive contains proof of concepts and a whitepaper that describes multiple email client implementations where popular clients for email are vulnerable to signature spoofing attacks.
3356c7f94ef68ddc7268602c64a93e10fbaff874992374b51f89d7cf87f71a0c
Debian Linux Security Advisory 4388-1 - Three vulnerabilities were discovered in the Mosquitto MQTT broker, which could result in authentication bypass.
41bc3a5a4d1300c705acf98facd1d98003e98611aeceab7a0a851c2fe2340a84
RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnerability within the workflow architect component (ACM). A remote authenticated malicious user with non-admin privileges could potentially bypass the Java Security Policies. Once bypassed, a malicious user could potentially run arbitrary system commands at the OS level with application owner privileges on the affected system. RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to a vulnerable web application, which is then reflected back to the victim and executed by the web browser.
9ddb565ccd3cfa1b04d5848eeb00478b6bf3789a0a270773a457841b32dbe50b