Microsoft Windows Multiple Vulnerabilities (KB4550930)

This host is missing a critical security update according to Microsoft KB4550930 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4550927)

This host is missing a critical security update according to Microsoft KB4550927 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: A vulnerability in IBM Java affects IBM Decision Optimization Center (CVE-2020-2654)

Summary There is a vulnerability in IBM® Java™ Version 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-2654 DESCRIPTION: An unspecified vulnerability in Java™ SE related to the Java™ SE Libraries...

Security Bulletin: A vulnerability in IBM Java affects IBM ILOG CPLEX Optimization Studio and IBM CPLEX Enterprise Server (CVE-2020-2654)

Summary There is a vulnerability in IBM® Java™ Version 8 used by IBM CPLEX Optimization Studio and IBM CPLEX Enterprise Server. IBM CPLEX Optimization Studio and IBM CPLEX Enterprise Server have addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-2654 DESCRIPTION: An unspecified...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Decision Optimization Center (CVE-2020-2593, CVE-2020-2583, CVE-2019-4732)

Summary There are multiple vulnerabilities in IBM® SDK Java™ and IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2593 DESCRIPTION: An unspecified...

CVE-2020-5861

On BIG-IP 12.1.0-12.1.5, the TMM process may produce a core file in some cases when Ram Cache incorrectly optimizes stored data resulting in memory errors...

March 2020 - Professional Services and the Media Industry

In today's ever-shifting market, we recognize that you need to be constantly adapting, and Akamai provides a way to enhance your customers' experiences through our unique expertise, helping you unlock the value of Akamai's products and services. Professional Services' primary mission is to drive...

Exclusion of Citrix embedded browser from the Citrix Workspace app 1912 LTSR for Windows

The Citrix Workspace app Long Term Service Release LTSR is released on a less frequent cadence with an extended lifecycle than the Workspace app Current Releases CR, offering predictability and less changes to the product. The Citrix Workspace app LTSR offers Cumulative Updates CU that contain...

Who’s Behind the ‘Web Listings’ Mail Scam?

In December 2018, KrebsOnSecurity looked at how dozens of U.S. political campaigns, cities and towns had paid a shady company called Web Listings Inc. after receiving what looked like a bill for search engine optimization SEO services rendered on behalf of their domain names. The story concluded...

CVE-2020-10111

Citrix Gateway 11.1, 12.0, and 12.1 has an Inconsistent Interpretation of HTTP Requests. NOTE: Citrix disputes the reported behavior as not a security issue. Citrix ADC only caches HTTP/1.1 traffic for performance optimization...

JSC DFG ObjectAllocationSinkingPhase Crash

JSC: DFG: ObjectAllocationSinkingPhase leaves data flow graph inconsistent While fuzzing JavaScriptCore with fuzzilli, I encountered the following simplified and commented JavaScript program which crashes jsc from current HEAD and the stable release: function v9 const v14 = ; const v15 = a: 42;...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to access sensitive data, compromise its integrity, and cause service failures.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to incorrect optimization settings. Exploiting this vulnerability can allow a remote attacker to access sensitive data, compromise its integrity, and cause service failures through a specially crafted HTML...

DNS Encryption at DNS OARC 32

The DNS DNS Operations, Analysis, and Research Center DNS OARC is an organization that, in their own words, works to "improve the security, stability, and understanding of the Internet's DNS infrastructure." They hold regular workshops where deployment experts, software developers, researchers, a...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM ILOG CPLEX Optimization Studio and IBM CPLEX Enterprise Server (CVE-2020-2593, CVE-2020-2583, CVE-2019-4732)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM CPLEX Optimization Studio and IBM CPLEX Enterprise Server. IBM CPLEX Optimization Studio and IBM CPLEX Enterprise Server have addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-259...

Security Bulletin: A vulnerability in IBM Java Runtime affects IBM ILOG CPLEX Optimization Studio and IBM CPLEX Enterprise Server

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM CPLEX Optimization Studio and IBM CPLEX Enterprise Server. IBM CPLEX Optimization Studio and IBM CPLEX Enterprise Server have addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-2958...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1153)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2019-2073)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLL Hijacking Vulnerability in Jiangmin Optimization Expert

Jiangmin Optimization Expert is a completely free computer optimization software developed by Beijing Jiangmin New Technology Co., Ltd. with a beautiful and simple interface, easy to operate, and is a pure tool software. JM Optimizer has a DLL hijacking vulnerability, which can be exploited by...

Atlassian JIRA < 7.13.6 / 8.x < 8.4.0 XSS (JRASERVER-69795)

According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to 7.13.6, or 8.x prior to 8.4.0. It is, therefore, affected by a cross-site scripting XSS vulnerability. The vulnerability exists in the Optimization plugin due to improper...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2019-10086)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...