-
The Cisco Talos team found a security vulnerability impacting the network packet handling functionality of Shadowsocks-libev 3.3.2.
As this is a sensitive security issue, this email is to request a…
-
> Hi all,
>
> As promised, here are my review comments on the draft. Most of them are
> just suggestions (I tried to be explicit when changes are definitely
> required), and I'm happy to talk …
-
TALOS-2019-0956
CVE-2019-5163
Shadowsocks-libev ss-server UdpRelay Denial-of-Service Vulnerability
### Summary
An exploitable denial-of-service vulnerability exists in the UDPRelay functio…
-
**Is your feature request related to a problem? Please describe.**
We should create a SECURITY.md file which is supported now as policy to inform users how and for how long we support phpMussel with …
-
**Steps to reproduce**
1. Open Loginpage
2. Enter username that does not exist and a password
3. Click on login and then after the failed login on Link 'Wrong password. Reset it?'
**Expected behavio…
-
[CWE-829: Inclusion of Functionality from Untrusted Control Sphere](https://cwe.mitre.org/data/definitions/829.html)
[CWE-494: Download of Code Without Integrity Check](https://cwe.mitre.org/data/def…
-
@nodejs/tsc @nodejs/security @nodejs/security-wg:
There are many businesses who depend on Node.js core that would benefit from the ability to have responsible early disclosure of security vulnerabi…
-
The following query:
```
https://api.propublica.org/congress/v1/bills/search.json?query=climate%20change&sort=_score&dir=desc&offset=0
```
Will produce invalid JSON. The first bill returned, `hr…
ndawg updated
4 years ago
-
@nodejs/tsc @nodejs/ctc ...
One need we have had for quite some time is a formal early disclosure policy for core and ecosystem vulnerabilities. Currently, our process is rather undefined, includin…
-
Many organisations these days have a public vulnerability disclosure policy. These policies can have a legal status granting researchers rights when they follow the disclosure process described in the…