Building the Azure IoT Edge Security Daemon in Rust

Azure IoT Edge is an open source, cross platform software project from the Azure IoT team at Microsoft that seeks to solve the problem of managing distribution of compute to the edge of your on-premise network from the cloud. This post explains some of the rationale behind our choice of Rust as t...

Building the Azure IoT Edge Security Daemon in Rust

Azure IoT Edge is an open source, cross platform software project from the Azure IoT team at Microsoft that seeks to solve the problem of managing distribution of compute to the edge of your on-premise network from the cloud. This post explains some of the rationale behind our choice of Rust as t...

The embedded software of Intel NUC Kits, Intel Compute Sticks, and Intel Compute Cards is vulnerable due to insufficient testing of input data. This vulnerability allows attackers to escalate their privileges, disclose sensitive information, or cause service failures.

The vulnerability of the built-in software in Intel NUC Kits, Intel Compute Sticks, and Intel Compute Cards exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to enhance their privileges, expose sensitive information, or cause system failures...

Qualys Cloud Platform 8.21.2 New Features

This new release of the Qualys Cloud Platform VM, PC, version 8.21.2, includes Virtual Scanner Appliance support for Alibaba Cloud Compute, scheduling of EC2 scans with no scannable EC2 assets in Asset Tags in Qualys Vulnerability Management, expanded support for instance discovery and auto recor...

Moderate: Red Hat Security Advisory: openstack-nova security and bug fix update

An update for openstack-nova is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

openstack-nova: Nova server resource faults leak external exception details

A vulnerability was found in the Nova Compute resource fault handling. The Nova Compute service might leak configuration information or other sensitive information because of a failed API request. To trigger this vulnerability, the API request needs to fail due to an external exception. The abili...

Moderate: Red Hat Security Advisory: openstack-nova security and bug fix update

An update for openstack-nova is now available for Red Hat OpenStack Platform 14.0 Rocky. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

openstack-nova: Nova server resource faults leak external exception details

A vulnerability was found in the Nova Compute resource fault handling. The Nova Compute service might leak configuration information or other sensitive information because of a failed API request. To trigger this vulnerability, the API request needs to fail due to an external exception. The abili...

Moderate: Red Hat Security Advisory: openstack-nova security and bug fix update

An update for openstack-nova is now available for Red Hat OpenStack Platform 10.0 Newton. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

USN-4104-1 nova vulnerability

Donny Davis discovered that the Nova Compute service could return configuration or other information in response to a failed API request in some situations. A remote attacker could use this to expose sensitive information...

USN-4104-1: Nova vulnerability

Donny Davis discovered that the Nova Compute service could return configuration or other information in response to a failed API request in some situations. A remote attacker could use this to expose sensitive information...

DEBIAN-CVE-2019-13221

A stack buffer overflow in the computecodewords function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file...

Stack overflow

A stack buffer overflow in the computecodewords function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file...

UBUNTU-CVE-2019-13221

A stack buffer overflow in the computecodewords function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file...

Sean Barrett stb_vorbis Buffer Overflow Vulnerability

Sean Barrett stbvorbis is an open source audio codec for decoding ogg vorbis files. A buffer overflow vulnerability exists in the 'computecodewords' function in Sean Barrett stbvorbis 2019-03-04 and earlier versions. The vulnerability stems from a networked system or product performing operations...

PT-2019-13188 · Stb · Stb Vorbis

Name of the Vulnerable Software and Affected Versions: stb vorbis versions through 2019-03-04 Description: A stack buffer overflow in the compute codewords function allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. Recommendations: For...

CVE-2019-10364

Jenkins Amazon EC2 Plugin 1.43 and earlier wrote the beginning of private keys to the Jenkins system log...

CVE-2019-2343

Out of bound read and information disclosure in firmware due to insufficient checking of an embedded structure that can be sent from a kernel driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

CVE-2019-2236

Null pointer dereference during secure application termination using specific application ids. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

CVE-2019-2273

IOMMU page fault while playing h265 video file leads to denial of service issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS605, Qualcomm 215,...