Skip to content

Underground News

Header Image
Archive

Month: May 2022

646 Posts

Featured

Posted byUDiscoverMusic.
デフ・レパード、新作発売に合わせて新たなマッチ3パズルゲーム「Let’s Rock It」を発表
Posted byUDiscoverMusic.
【発売15周年】リアーナ『Good Girl Gone Bad』解説:大胆な変身を見せ、時代を象徴する存在となった第一歩
Posted byマイナビニュース
デル、14型の小型でNVIDIA T550搭載のモバイルワークステーション「Precision 3470」
Posted byマイナビニュース
FRONTIER、第11世代Intel Core搭載の15.6型ノートPC「NLTシリーズ」

超光るファンは伊達じゃない! Palit「GeForce RTX 3090 Ti GameRock」レビュー

  • Posted inUncategorized
  • Posted byマイナビニュース
  • 05/04/2022

Palitから、NVIDIA Ampereシリーズ集大成となる最上位GPU「GeForce RTX …

[org.apache.tomcat:tomcat] Denial of Service in Apache Tomcat

  • Posted inUncategorized
  • Posted byGitHub
  • 05/04/202207/14/2022

Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters a…

[openssl-src] `OCSP_basic_verify` may incorrectly verify the response signing certificate

  • Posted inUncategorized
  • Posted byGitHub
  • 05/04/202206/21/2022

The function OCSP_basic_verify verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the respons…

[openssl-src] Resource leakage when decoding certificates and keys

  • Posted inUncategorized
  • Posted byGitHub
  • 05/04/202206/21/2022

The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically deco…

[openssl-src] Incorrect MAC key used in the RC4-MD5 ciphersuite

  • Posted inUncategorized
  • Posted byGitHub
  • 05/04/202206/21/2022

The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sen…

[com.google.oauth-client:google-oauth-client] Improper Verification of Cryptographic Signature in google-oauth-java-client

  • Posted inUncategorized
  • Posted byGitHub
  • 05/04/202206/10/2022

Summary
The vulnerability impacts only users of the IdTokenVerifier class. The verify method in IdTokenVerifier does not validate the signature before verifying the claims (e.g., iss, aud, etc.). Signature verification makes sure that the token’s paylo…

[Masuit.Tools.Core] Code Injection in Masuit.Tools.Core

  • Posted inUncategorized
  • Posted byGitHub
  • 05/03/202205/24/2022

All versions of package Masuit.Tools.Core are vulnerable to Arbitrary Code Execution via the ReceiveVarData function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has…

おとぎ話であり「愛」「結婚」の普遍的な物語!? ジェニファー・ロペス主演 『マリー・ミー』レビュー

  • Posted inUncategorized
  • Posted byラジオ関西
  • 05/02/2022

“逆シンデレラ”物語としても話題の『マリー・ミー』。今作を、映画をこよなく愛するラジオパーソナリティ…

[org.apache.tomcat:tomcat] Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat

  • Posted inUncategorized
  • Posted byGitHub
  • 05/02/202206/18/2022

Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server’s hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the real…

[feedparser] Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) in feedparser

  • Posted inUncategorized
  • Posted byGitHub
  • 05/02/202206/18/2022

Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas.
References

h…

Posts navigation

Previous Posts 1 … 60 61 62 63 64 65 Next Posts
Underground News
WordPress theme by componentz

Archives

2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
Hit enter to search or ESC to close