September 2019 Security Updates

We have released the September security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder,...

September 2019 Security Updates

We have released the September security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder,...

Varnish Cache Denial of Service Vulnerability

Varnish Cache is a set of reverse web caching servers. A security vulnerability exists in Varnish Cache versions prior to 6.0.4 LTS, 6.1.x, and 6.2.x prior to 6.2.1. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/1 request to cause a denial of service automat...

Finding a Better Route to Router and Home Network Security

When was the last time you looked at your home router? We tend to only notice these magical boxes when something goes wrong. And given that many of us get our router as part of a single broadband box technically known as a gateway, combining modem and router in one device, there’s even less...

CVE-2019-15892

An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Servic...

[SECURITY] Fedora 29 Update: clamav-0.101.4-1.fc29

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

[SECURITY] Fedora 30 Update: clamav-0.101.4-1.fc30

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

Fedora Update for mod_md FEDORA-2019-099575a123

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 29 Update: clamav-0.101.3-1.fc29

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

[SECURITY] Fedora 30 Update: clamav-0.101.3-1.fc30

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

freeimage:load_from_memory_fuzzer: Stack-buffer-overflow in strncpy

Detailed Report: https://oss-fuzz.com/testcase?key=5131488567230464 Project: freeimage Fuzzing Engine: libFuzzer Fuzz Target: loadfrommemoryfuzzer Job Type: libfuzzerasanfreeimage Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address: 0x7f152a437530 Crash State: strncpy...

Honeywell Experion C300 Controller

Binary data 764916.prm...

Honeywell Experion C300 Controller

Binary data 764917.prm...

Windows Remote Desktop Services remote command execution vulnerability, CVE-2019-1181/1182-a vulnerability warning-the black bar safety net

One, Foreword GMT + 8 on 14 October, Microsoft released a set for the Remote Desktop service repair program, which includes two critical remote code execution（RCE）vulnerability CVE-2019-1181 and CVE-2019-1182。 With the prior repair of the“BlueKeep”vulnerability, CVE-2019-0708）the same. This also...

August 2019 Security Updates

We have released the August security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windo...

August 2019 Security Updates

We have released the August security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windo...

August 2019 Security Updates

We have released the August security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windo...

[SECURITY] Fedora 29 Update: aubio-0.4.9-1.fc29

aubio is a library for audio labeling. Its features include segmenting a sound file before each of its attacks, performing pitch detection, tapping the beat and producing midi streams from live audio. The name aubio comes from 'audio' with a typo: several transcription errors are likely to be fou...

[SECURITY] Fedora 30 Update: aubio-0.4.9-1.fc30

aubio is a library for audio labeling. Its features include segmenting a sound file before each of its attacks, performing pitch detection, tapping the beat and producing midi streams from live audio. The name aubio comes from 'audio' with a typo: several transcription errors are likely to be fou...

NewStart CGSL MAIN 4.05 : mutt Multiple Vulnerabilities (NS-SA-2019-0140)

The remote NewStart CGSL host, running version MAIN 4.05, has mutt packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters...