-
Syncing code should be reviewed for any potential
* [ ] Eclipse or attention stealing attacks.
* [ ] DOS attacks on memory. All data collected per peer or globally should be bounded.
* [ ] DOS at…
-
Hi,
I opened the demo but it's just a black screen with two sliders and dropdown. Is something supposed to render?
-
Our scanning tools are showing that `git-lfs` is built with a Go Version 1.18.1 has several vulnerabilities that might impact the binary. CVEs are as follows:
| CVE | Description |
| --- | -----…
-
The precise timing of HTLC forwards [can enable an on-path adversary](https://arxiv.org/pdf/2006.12143.pdf) to determine with some accuracy the full payment path. One possible mitigation is to add jit…
-
Related to #904, the idea here is that user agents make connections conditionally based upon not just the destination origin, but on the initiating/'top level' origin.
For UAs that implement #904 f…
-
Currently the alert system allows triggering a "safe mode" (not to be confused with https://github.com/zcash/zcash/issues/3311) that disables a handful of RPC commands, including creation of new trans…
-
This seems to be useful for steps in RSA.
-
To Be Performed when all the Bob animations are tested and approved.
-
Since Mac address randomization is on by default on most devices
this make the probe sniffing a bit useless
So i think it can maybe be fixed a bit
1. We can fingerprint devices that probe for ce…
-
`ProcessManager.exec` is modified at https://github.com/OpenPDroid/OpenPDroidPatches/blob/4.2.1/openpdroid_4.2.1_libcore.patch#L311
The current modifications are possibly insecure. If `taintedCommand…