Security Advisories from July-September, 2024
Our deepest apologies for the lack of content on this board for the past few months. There was a bug preventing us from posting on this board, but that has now been fixed. Please find the Security Adv...
Blog Articles
SA-2024-056 - less Vulnerability (CVE-2024-32487)
Summaryless through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-contro...
SA-2024-055 - Delayed DSA Keys or Parameters Checks (CVE-2024-4603)
SummaryApplications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that ar...
- FredrikB-NN2 on: SA-2023-103 - Privilege escalation via Redis serve...
- ACollins on: SA-2023-091 - OpenSSH information leak (CVE-2020-1...
- CraigW on: SA-2023-023 - OpenSSL c_rehash script (CVE-2022-20...
- AntonioP on: Security Advisory - SA-2022-007 - TLS Heap Overflo...
-
SamPirok
on:
Security Advisory: SA-2022-004 – Spring Framework
- Danny_Schaper on: Security Advisory - SA-2022-003 - "Spring4Shell" (...
- StephanH on: Vulnerability Notice VN-2021-460- "FragAttacks" Wi...
