The vulnerability of the ubuntu-server.js component in the React Native Desktop development platform allows a attacker to execute arbitrary code.

The vulnerability of the ubuntu-server.js component of the React Native Desktop development platform is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Error Code 42B when using Citrix Gateway Native OTP authentication in Citrix Workspace app for Android upgrade

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company's Help Desk/IT support team and can refer to CTX297149 for more information. The following error message appears even after upgrading to the latest version of Citrix Workspace...

Fedora Update for mariadb-connector-c FEDORA-2019-60befaed69

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for mariadb-connector-c FEDORA-2019-f873e2799f

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 29 Update: mariadb-connector-c-3.1.3-1.fc29

The MariaDB Native Client library C driver is used to connect applications developed in C/C++ to MariaDB and MySQL databases...

[SECURITY] Fedora 30 Update: mariadb-connector-c-3.1.3-1.fc30

The MariaDB Native Client library C driver is used to connect applications developed in C/C++ to MariaDB and MySQL databases...

Fedora 29 : icedtea-web (2019-efb92eed7a)

fixed CVEs 2019-10181, 2019-10182, 2019-10185 ---- Updated to fres upstream release : https://mail.openjdk.java.net/pipermail/distro-pkg-dev/2019-March/0413 20.html New in release 1.8 2019-03-12 : - added support for javafx-desc and so allwong run of pure-javafx only applications - --nosecurity...

[SECURITY] Fedora 30 Update: oniguruma-6.9.2-2.fc30

Oniguruma is a regular expressions library. The characteristics of this library is that different character encoding for every regular expression object can be specified. supported APIs: GNU regex, POSIX and Oniguruma native...

NATS Server Input Validation Error Vulnerability

NATS Server is an open source messaging system. The system is mainly used for cloud-native applications, IoT messaging and microservices architecture. NATS Server suffers from an input validation error vulnerability. An attacker can exploit the vulnerability by sending a specially crafted request...

CVE-2019-12164

ubuntu-server.js in Status React Native Desktop before v0.57.8mobileui allows Remote Code Execution...

CVE-2019-12164

ubuntu-server.js in Status React Native Desktop before v0.57.8mobileui allows Remote Code Execution...

Remote code execution

ubuntu-server.js in Status React Native Desktop before v0.57.8mobileui allows Remote Code Execution...

CVE-2019-12164

Affected software: Status React Native Desktop prior to v0.57.8_mobile_ui (ubuntu-server.js). Vulnerability: remote code execution via ubuntu-server.js. Impact & scope: reported RCE in the desktop component; CVE-2019-12164. Mitigation status: no remediation details provided in the connected docum...

Partner Perspectives: Maintaining Order in Chaotic Times

Erkang Zheng is the CISO of LifeOmic and the General Manager of JupiterOne. One of the key challenges facing growing cloud-native organizations is the ability to maintain your security and compliance posture despite your employees’ access to critical data from numerous locations and devices. This...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 3.1 Service Pack 7 security and bug fix update

An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

Cryptocurrency Firm Itself Hacked Its Customers to Protect Their Funds From Hackers

Are you using Komodo's Agama Wallet to store your KMD and BTC cryptocurrencies? Were your funds also unauthorisedly transferred overnight to a new address? If yes, don't worry, it's probably safe, and if you are lucky, you will get your funds back. Here's what exactly happened… Komodo, a...

Malicious Package

Overview All versions of electron-native-notify contain malicious code. The package was part of a targeted attack to steal cryptocurrency wallet seeds and upload them to a remote server, effectively giving attackers access to users wallets. Recommendation Remove the package from your environment...

Symantec Content Analysis < 2.3.5.1 affected by Multiple Vulnerabilities (SYMSA1463)

The version of Symantec Content Analysis running on the remote host is prior to version 2.3.5.1. It is, therefore, affected by multiple vulnerabilities: - An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denia...

Updated tomcat-native packages fix security vulnerability

When using an OCSP responder did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked certificates when using mutual TLS CVE-2018-8019. Did not properly check OCSP...

MGASA-2019-0184 Updated tomcat-native packages fix security vulnerability

When using an OCSP responder did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked certificates when using mutual TLS CVE-2018-8019. Did not properly check OCSP...