4 matches found
CVE-2026-58207
A flaw was found in NATS Server. A client with the ability to send account-scoped connection monitoring requests could crash the server. This is achieved by providing pagination offset and limit values that cause an arithmetic overflow, leading to a Denial of Service DoS. Mitigation Upstream...
Johnson Controls Metasys
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Equipment: Metasys Servers, Engines, and Tools Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could give an authenticated...
Implementing the CIS 20 Critical Security Controls: Make Your InfoSec Foundation Rock Solid
For almost 10 years, thousands of organizations eager to solidify their security and compliance foundations have found clarity and direction in the the Center for Internet Security’s Critical Security Controls CSCs. This structured set of 20 foundational InfoSec best practices, first published in...
Sprint Responds to Developer's Disclosure of Virgin Mobile Security Shortcoming
A Sprint spokeswoman today responded to a software developer’s claim that millions of Virgin Mobile users are vulnerable to attacks due to inadequate authentication mechanisms. In an email sent to Computerworld, Stephanie Vinge Walsh said Virgin Mobile, a subsidiary of Sprint, has multiple...