-
### Vulnerability Details
- **Name**: Unnamed Vulnerability
- **CVE ID**: [CVE-2024-37383](https://nvd.nist.gov/vuln/detail/CVE-2024-37383)
- **Vendor**: Unknown Vendor
- **Product**: Webmail
- **Des…
-
In the documentation, I read that the shared storage can be use for the following use case:
Anti-abuse, anti-fraud, and web security organizations often use proprietary techniques to detect malicio…
-
### Comment:
In light of recently added [backdoor in `xz`](https://tukaani.org/xz-backdoor/) (for versions **not** packaged by conda-forge!) there have been [concerns raised](https://github.com/libar…
-
My plan is to do this on the wiki.
The whole repo (including the wiki) will be made public when we release the HUD, but I think we should be as up front about the threats (and mitigations) as possibl…
-
**This is a tracker issue.** Only discuss things here if they are i18n WG internal meta-discussions about the issue. **Contribute to the actual discussion at the following link:**
§ https://githu…
r12a updated
8 months ago
-
Since Ferveo is intended to be an "online" protocol and some/many primitives being used are not constant-time/may have other side-channel vulnerabilities, there should be an analysis and potential mit…
-
Other kernels and hypervisors, such as Xen and Linux, choose speculative execution mitigations at runtime, based on the actual hardware the kernel is running on. This is extremely important on non-em…
-
##### SUMMARY
https://www.vaultproject.io/docs/enterprise/consistency#mitigations
This can happen in Vault performance standby mode where you do a login for example, and then do a subseque…
-
Linux has several side channel mitigations (KPTI, spectre, L1F, ...). We should enable appropriate ones.
- https://docs.kernel.org/admin-guide/hw-vuln/index.html
- https://intel.github.io/ccc-lin…
-
We want to document the conditions related to mev-boost and the Flashbots relay that would affect the liveness of the blockchain, to make sure that they are prevented or mitigated.
We want to test …