GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
41a7b07ffe141c4fec20aaba1aeee12d5a9af92c2055dbfc7279b0584f819262Complete comprehensive archive of all 1,384 exploits added to Packet Storm in 2022.
7069a71c7743b7760efed9863e55ff54a9c668bbf6140d6eb8bf16981206280eThis archive contains all of the 82 exploits added to Packet Storm in December, 2022.
4c02657bd2bdfd6a09e83b0828804767c3a0d6e9f7adf724bc4f3e2b425611d9A design flaw in the Chrome Synchronous Mojo message handling introduces unexpected reentrancy and allows for multiple use-after-free vulnerabilities.
8a4497a8ccb25f14e2dfe008e25cc2f2541b2d1e30345fff6f3169f4cac5313dThe crewjam/saml go library is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements.
b98f26482dd59c89089a43c62936c2461318247bab55a7aaca8bb5e77ff8ba10EuskalHack Security Congress sixth edition is a new proposal from the EuskalHack Computer Security Association, with the aim to promote the community growth and the culture in the digital security field. As usual, in this new edition proximity to our public and technical quality will be our hallmarks. This exclusive conference is shaping up as the most relevant in Basque Country, with an estimated 200 attendees for this sixth edition. The participants include specialized companies, public organisms, state security organizations, professionals, hobbyists and students in the area of security and Information Technology. The date for the conference is the 23th and 24th of June 2023 in the lovely city of Donostia San Sebastian.
eb3ffa1da9807b837a3317ded516298ccef5fca21861e6fdeb5eed21bc5c6eedOracle versions 12.1.0.2, 12.2.0.1, and 19c suffer from a Unified Audit Policy bypass vulnerability.
7e5b1b4347cc242b7461a29b645553a188ed4ddb848dbd5b5689d7909dc614f0Red Hat Security Advisory 2023-0005-01 - The Byte Code Engineering Library is intended to give users a convenient way to analyze, create, and manipulate Java class files.
c16ea2f401bbe704b0f32faa6312162d77ed61009599a7363e1704bafd2c7635Red Hat Security Advisory 2023-0004-01 - The Byte Code Engineering Library is intended to give users a convenient way to analyze, create, and manipulate Java class files.
53d31bbdb453e192ea80bf19110cc5ec4cf023bc100419c112bcf5235e765cfdDebian Linux Security Advisory 5310-1 - It was discovered that ruby-image-processing, a ruby package that provides higher-level image processing helpers, is prone to a remote shell execution vulnerability when using the #apply method to apply a series of operations coming from unsanitized user input.
9114837e45c7440099d3923f2a43991909f94c975f31c25f4230d59e7dc5f0faDebian Linux Security Advisory 5309-1 - Vulnerabilities have been discovered in the WPE WebKit web engine. hazbinhotel discovered that processing maliciously crafted web content may result in the disclosure of process memory. KirtiKumar Anandrao Ramchandani discovered that processing maliciously crafted web content may bypass Same Origin Policy. Dohyun Lee and Ryan Shin discovered that processing maliciously crafted web content may disclose sensitive user information. Various other issues have also been addressed.
b6a4ddff8422c104447a74d4cd2afa4b8991b2e496ca694ad77acf12e52cc9e6Debian Linux Security Advisory 5308-1 - Vulnerabilities have been discovered in the WebKitGTK web engine. hazbinhotel discovered that processing maliciously crafted web content may result in the disclosure of process memory. Maddie Stone discovered that processing maliciously crafted web content may lead to arbitrary code execution. KirtiKumar Anandrao Ramchandani discovered that processing maliciously crafted web content may bypass Same Origin Policy. Multiple other issues were also addressed.
14928aa1c41eb7f7fba504e112497c87923df5cb9caf334ac3fa7072e2ab78aaDebian Linux Security Advisory 5307-1 - ZeddYu Lu discovered that the FTP client of Apache Commons Net, a Java client API for basic Internet protocols, trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client.
41b44ea9f6994bb126334a021ce554f5d235573bf2cf4cf42ab4a2effd6c874d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed