Loading...

Tag trends are in beta. Feedback? Thoughts? Email me at [email protected]

CVE-2024-6409: OpenSSH: Possible remote code execution in privsep child

Password cracking: past, present, future (OffensiveCon 2024)

Glibc Buffer Overflow in Iconv

From xz to ibus: more questionable tarballs

Make your own backdoor: CFLAGS code injection, Makefile injection, pkg-config

Backdoor in upstream xz/liblzma leading to SSH server compromise

Out-of-bounds read and write in the glibc's qsort()

With Firefox on X11, any page can pastejack you anytime (middle button paste)

Multiple vulnerablities unfixed in Squid Proxy after two years

Mozilla VPN: CVE-2023-4104: vpndaemon wrongly implements Polkit authentication

Musl 1.2.4 adds TCP DNS fallback

A use-after-free in AMD Zen2 Processors

Linux /proc/pid/stat parsing bugs

Systemd-coredump: CVE-2022-4415: local information leak

CVE-2022-45063: xterm code execution via font ops

CVE-2022-29154: Rsync client-side arbitrary file write vulnerability

Re: Zlib memory corruption on deflate (i.e. compress)

CVE-2022-0435: A Remote Stack Overflow in the Linux Kernel

Fun with DBM-type databases (2018)

Bug in Lynx' SSL certificate validation – leaks password in clear text via SNI

Yescrypt – scalable KDF and password hashing scheme

CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer

X.Org server security advisory: April 13, 2021

Linux kernel incorrect computation of branch displacements in BPF JIT compiler

Git: Malicious repositories can execute remote code while cloning

Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)

Pam 1.5.0 has a auth bypass under some conditions

Linux Kernel Runtime Guard (LKRG) in a nutshell

Red Hat reports security issue in Linux Kernel which was fixed 17 months prior

Remote Code Execution in qmail

More →