SA-2023-059 - DHEat attack (CVE-2002-20001)
Summary The Diffie-Hellman Key Agreement Protocol enables remote attackers to send arbitrary numbers without public keys, triggering costly server-side DHE modular-exponentiation calculations. This at...
Blog Articles
SA-2023-058 - SSH Session ID Matching (CVE-2001-1473)
Summary SSH-1 protocol enables remote servers to engage in man-in-the-middle attacks by creating a Session ID matching the target's using weaker public key pairs. This enables attackers to masquerade ...
SA-2023-057 - Apache Tomcat mod_proxy_ajp (CVE-2023-34981)
Summary A defect in a bug fix in Apache Tomcat caused the AJP proxy to use response headers from the previous request, resulting in information leakage if the response did not include any HTTP headers...
- Jon_P on: SA-2025-092 - eBPF Verifier Branch Pruning Linux K...
- FredrikB-NN2 on: SA-2023-103 - Privilege escalation via Redis serve...
- ACollins on: SA-2023-091 - OpenSSH information leak (CVE-2020-1...
- CraigW on: SA-2023-023 - OpenSSL c_rehash script (CVE-2022-20...
- AntonioP on: Security Advisory - SA-2022-007 - TLS Heap Overflo...
-
SamPirok
on:
Security Advisory: SA-2022-004 – Spring Framework
- Danny_Schaper on: Security Advisory - SA-2022-003 - "Spring4Shell" (...
- StephanH on: Vulnerability Notice VN-2021-460- "FragAttacks" Wi...
