Overcoming OpenStack Obstacles for vCDN at the Edge

Akamai and Wind River have collaborated to provide a validated, joint solution for virtual CDN services delivered with the reliability, scalability, and edge-optimized footprint that are required for cost-effective deployments in telecom networks. As the competition for viewers continues to heat...

[SECURITY] Fedora 28 Update: kio-extras-18.08.3-1.fc28

Additional components to increase the functionality of KIO Framework...

[SECURITY] Fedora 29 Update: kio-extras-18.08.3-1.fc29

Additional components to increase the functionality of KIO Framework...

PT-2018-3322 · Tp Link · Tp-Link Tl-R600Vpn

Name of the Vulnerable Software and Affected Versions: TP-Link TL-R600VPN versions HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 Description: A remote code execution issue exists in the ping and tracert functionality of the TP-Link TL-R600VPN http server. This is caused by a stack overflow resulting from a...

Inova Partner Authorization Bypass Vulnerability (CNVD-2019-08310)

Inova Partner is a CRM solution for biotech, pharmaceutical and other life science companies. An authorization bypass vulnerability exists in 5.0.5-RELEASE, Build 0510-0906 and earlier versions of Inova Partner, which can be exploited by an attacker to access restricted functionality...

Helpdezk 1.1.1 - Arbitrary File Upload

Helpdezk 1.1.1 - Arbitrary File Upload Exploit Title: Helpdezk 1.1.1 - Arbitrary File Upload Dork: N/A Date: 2018-11-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.helpdezk.org/ Software Link: https://netcologne.dl.sourceforge.net/project/helpdezk/helpdezk-1.1.1.zip Version: 1.1.1...

xorg security update

CentOS Errata and Security Advisory CESA-2018:3410 An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

QSC18: The Need for Security Visibility in the Age of Digital Transformation

Enterprises are moving full steam ahead when it comes to their digital transformation efforts. They’ve aggressively adopted cloud infrastructure and other cloud services, IoT, application containers, serverless functionality, and other technologies that are helping their organization to drive...

Out-of-bounds

In the serialization functions of StatsLogEventWrapper.java, there is a possible out-of-bounds write due to unnecessary functionality which may be abused. This could lead to local escalation of privilege in the system process with no additional execution privileges needed. User interaction is not...

The Don 1.0.1 - 'login' SQL Injection

Exploit Title: The Don 1.0.1 - 'login' SQL Injection Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://thedon.sourceforge.io/ Software Link: https://netix.dl.sourceforge.net/project/thedon/thedon-1.0b.rar Version: 1.0.1 Category: Webapps Tested on:...

[SECURITY] Fedora 29 Update: roundcubemail-1.3.8-1.fc29

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

CVE-2018-15437 Cisco Immunet and Cisco AMP for Endpoints System Scan Denial of Service Vulnerability

A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection AMP for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system...

CVE-2018-15437 Cisco Immunet and Cisco AMP for Endpoints System Scan Denial of Service Vulnerability

A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection AMP for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system...

Cisco Immunet and Cisco AMP for Endpoints System Scan Denial of Service Vulnerability

A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection AMP for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system...

CVE-2018-3890

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerability...

F5 Networks BIG-IP : TMM vulnerability (K52167636)

Features in the BIG-IP system that utilizeinflate functionality directly, via an iRule, or via the inflate code from PEM module are subjected to a service disruption via a 'Zip Bomb' attack.CVE-2017-6153 Impact BIG-IP systems deployed in Forward Proxy mode with the inflate functionality enabled a...

Cross site request forgery (csrf)

The Apache Web Server httpd specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was...

CVE-2018-11759

The Apache Web Server httpd specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was...

DEBIAN-CVE-2018-11759

The Apache Web Server httpd specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was...

CVE-2018-11759

The Apache Web Server httpd specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was...