196 matches found
[SECURITY] Fedora 37 Update: libreswan-4.10-1.fc37
Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...
4 things to look for in a multicloud data protection solution
What does it mean to be a multicloud organization? As the name implies, the term describes a model of cloud computing where an organization uses multiple clouds—two or more public clouds, private clouds, or a combination of public, private, and edge clouds—to distribute applications and services...
Will a Labeling System Solve IoT Security Challenges?
By Waqas The planned smart device security labeling program spearheaded by the US government will be introduced next year, although… This is a post from HackRead.com Read the original post: Will a Labeling System Solve IoT Security Challenges?...
November 1, 2022, update for Office 2016 (KB5002306)
November 1, 2022, update for Office 2016 KB5002306 This article describes update 5002306 for Microsoft Office 2016 that was released on November 1, 2022.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply...
How Microsoft Purview and Priva help simplify data protection
At Microsoft Security, we understand how challenging it is to protect your most important asset, your data, in today’s threat landscape. You’re faced with evolving challenges—from empowering employees for greater productivity to eliminating gaps in your infrastructure—all while trying to protect...
Heartex Label Studio Server-Side Request Forgery Vulnerability
Label Studio is an open source data labeling tool from Heartex. Heartex Label Studio Community Edition 1.5.0 and previous versions contain a server-side request forgery vulnerability that stems from a failure to properly validate user input in the data import module, which could be exploited by a...
s3label 路径遍历漏洞
S3Label is an open source browser-based tool for quickly labeling images from Stone Three. A path traversal vulnerability exists in s3label on 2019-08-14 and prior versions, which stems from an unsafe use of Flask's sendfile function that allows absolute path traversal...
CVE-2021-43708
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the generation of a classification label by using Excel's safe mode...
CVE-2021-43708
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the generation of a classification label by using Excel's safe mode...
Design/Logic Flaw
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the generation of a classification label by using Excel's safe mode...
CVE-2021-43708
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the generation of a classification label by using Excel's safe mode...
CVE-2021-43708
The CVE-2021-43708 entry concerns Titus Classification Suite version 18.8.1910.140. The issue centers on the labeling tool, where a user can avoid generating a classification label by leveraging Excel’s Safe Mode. Documents explicitly tie the vulnerability to a bypass of the label generation mech...
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.
...
Microsoft shares 4 challenges of protecting sensitive data and how to overcome them
Breaches of sensitive data are extremely costly for organizations when you tally data loss, stock price impact, and mandated fines from violations of General Data Protection Regulation GDPR, California Consumer Privacy Act CCPA, or other regulations. They also can diminish the trust of those who...
Fedora: Security Advisory for libreswan (FEDORA-2022-42e0892147)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 35 Update: libreswan-4.6-1.fc35
Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...
[SECURITY] Fedora 34 Update: libreswan-4.6-1.fc34
Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...
libvirt: Insecure sVirt label generation
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality a...
kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c
A flaw use-after-free in the Linux kernel CIPSO network packet labeling protocol functionality was found in the way user open local network connection with the usage of the security labeling that is IP option number 134. A local user could use this flaw to crash the system or possibly escalate...
How to protect your CAD data files with MIP and HALOCAD
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Computer-aided design CAD files are used by design professionals in the manufacturing, engineering, architecture, surveying, and construction industries. These highly valuable files...