In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed (org.bouncycastle.math.raw.Nat???). These classes are used...
In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that...
The Gentoo app-backup/burp package before 2.1.32 has incorrect group ownership of the /etc/burp directory, which might allow local users to obtain read and write access to arbitrary files by leveraging access to a certain...
The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to the burp account, which might allow local users to kill arbitrary processes by leveraging access to this account for...
IBM Connections 5.0, 5.5, and 6.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could...
`sqlserver` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-04 https://nodesecurity.io/advisories/486
`nodefabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-04 https://nodesecurity.io/advisories/488
`fabric-js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-04 https://nodesecurity.io/advisories/487
`node-fabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-04 https://nodesecurity.io/advisories/489
`sqliter` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-04 https://nodesecurity.io/advisories/490
`sqlite.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-04 https://nodesecurity.io/advisories/491
`nodesqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-04 https://nodesecurity.io/advisories/492
`node-sqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-04 https://nodesecurity.io/advisories/493
`mariadb` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-04 https://nodesecurity.io/advisories/495