How to Build a Reliable Well-Architected Framework

In this article, we will explore the Reliability pillar of the AWS Well-Architected Framework, examining best practices for cloud-based operations, including change management and disaster recovery...

November 10, 2020-KB4585208 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

November 10, 2020-KB4585208 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703 Release Date: November 10, 2020 Version: .NET Framework 4.8 Note On Jan 12, 2020, a live revision was made to this update to remove its supersedence relationship with the October 13, 2020, .NET...

November 10, 2020-KB4586082 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10, version 1809 and Windows Server, version 2019

November 10, 2020-KB4586082 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10, version 1809 and Windows Server, version 2019 Release Date: November 10, 2020 Version: .NET Framework 3.5, 4.7.2 and 4.8 Note On Jan 12, 2020, a live revision was made to this update to remove its...

November 10, 2020-KB4585210 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803

November 10, 2020-KB4585210 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803 Release Date: November 10, 2020 Version: .NET Framework 4.8 Note On Jan 12, 2020, a live revision was made to this update to remove its supersedence relationship with the October 13, 2020, .NET...

Juniper Junos OS DoS (JSA11111)

The version of Junos OS installed on the remote host is affected by a denial of service vulnerability as referenced in the JSA11111 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. TRUSTED...

November 10, 2020-KB4580980 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10 , version 1903, Windows Server, version 1903, Windows 10 , version 1909, and Windows Server, version 1909

November 10, 2020-KB4580980 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10 , version 1903, Windows Server, version 1903, Windows 10 , version 1909, and Windows Server, version 1909 Release Date: November 10, 2020 Version: .NET Framework 3.5 and 4.8 Note On Jan 12, 2020, a...

Debian: Security Advisory (DLA-2523-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

January 12, 2021-KB4586878 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10, version 1903, Windows Server, version 1903, Windows 10, version 1909 and Windows Server, version 1909

January 12, 2021-KB4586878 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10, version 1903, Windows Server, version 1903, Windows 10, version 1909 and Windows Server, version 1909 Release Date: January 12, 2021 Version: .NET Framework 3.5 and 4.8 This update for Windows 10,...

January 5, 2021, update for Access 2016 (KB4484509)

January 5, 2021, update for Access 2016 KB4484509 This article describes update 4484509 for Microsoft Access 2016 that was released on January 5, 2021.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply t...

Arteco Web Client DVR/NVR Session Hijacking Vulnerability

The session identifier used by Arteco Web Client DVR/NVR is of an insufficient length and can be brute forced, allowing a remote attacker to obtain a valid session, bypass authentication, and disclose the live camera stream. !/usr/bin/env python3 Arteco Web Client DVR/NVR 'SessionId' Cookie Brute...

Pulse Secure VPN Remote Code Execution Exploit

The Pulse Connect Secure appliance versions prior to 9.1R9 suffer from an uncontrolled gzip extraction vulnerability which allows an attacker to overwrite arbitrary files, resulting in remote code execution as root. Admin credentials are required for successful exploitation...

Oracle Solaris SunSSH PAM parse_user_name() Buffer Overflow Exploit

This Metasploit module exploits a stack-based buffer overflow in the Solaris PAM library's username parsing code, as used by the SunSSH daemon when the keyboard-interactive authentication method is specified. Tested against SunSSH 1.1.5 on Solaris 10u11 1/13 x86 in VirtualBox, VMware Fusion, and...

Azure File Sync Agent v11.1 Release – November 2020

Azure File Sync Agent v11.1 Release – November 2020 Introduction This article describes the improvements and issues that are fixed in the Azure File Sync Agent v11.1 release that is dated November 2020. Additionally, this article contains installation instructions for the update. Improvements and...

ImageMagick Code Issue Vulnerability

Imagemagick Studio ImageMagick is a suite of open source image processing software from ImageMagick Studio Imagemagick Studio, an American company. The software can read, convert or write images in many formats. A security vulnerability exists in versions prior to ImageMagick 7.0.8-68, which stem...

RESTler - The First Stateful REST API Fuzzing Tool For Automatically Testing Cloud Services Through Their REST APIs And Finding Security And Reliability Bugs In These Services

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services. For a given cloud service with an OpenAPI/Swagger specification, RESTler analyzes its entire specification, and then...

CVE-2020-27755

in SetImageExtent of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwing an exception. Th...

Code injection

in SetImageExtent of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwing an exception. Th...

CVE-2020-27755

in SetImageExtent of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwing an exception. Th...

CVE-2020-27755

in SetImageExtent of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwing an exception. Th...

CVE-2020-25666

There are 4 places in HistogramCompare in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values and count value for a color. The patch uses casts to ssizet type for these calculations, instead of int. This flaw could impact...