[SECURITY] Fedora 31 Update: nodejs-12.18.3-1.fc31

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

CVE-2020-10604

In OSIsoft PI System multiple products and versions, a remote, unauthenticated attacker could crash PI Network Manager service through specially crafted requests. This can result in blocking connections and queries to PI Data Archive...

CVE-2020-10604

In OSIsoft PI System multiple products and versions, a remote, unauthenticated attacker could crash PI Network Manager service through specially crafted requests. This can result in blocking connections and queries to PI Data Archive...

CVE-2020-10602

In OSIsoft PI System multiple products and versions, an authenticated remote attacker could crash PI Network Manager due to a race condition. This can result in blocking connections and queries to PI Data Archive...

CVE-2020-10600

An authenticated remote attacker could crash PI Archive Subsystem when the subsystem is working under memory pressure. This can result in blocking queries to PI Data Archive 2018 SP2 and prior versions...

Design/Logic Flaw

An authenticated remote attacker could crash PI Archive Subsystem when the subsystem is working under memory pressure. This can result in blocking queries to PI Data Archive 2018 SP2 and prior versions...

Race condition

In OSIsoft PI System multiple products and versions, an authenticated remote attacker could crash PI Network Manager due to a race condition. This can result in blocking connections and queries to PI Data Archive...

CVE-2020-10600

CVE-2020-10600 affects OSIsoft PI System: a NULL pointer dereference vulnerability in the PI Archive Subsystem can be triggered by an authenticated remote attacker under memory pressure, potentially blocking queries to the PI Data Archive (2018 SP2 and earlier). The vulnerability is documented wi...

CVE-2020-10600 OSIsoft PI System

An authenticated remote attacker could crash PI Archive Subsystem when the subsystem is working under memory pressure. This can result in blocking queries to PI Data Archive 2018 SP2 and prior versions...

CVE-2020-10602

In OSIsoft PI System multiple products and versions, an authenticated remote attacker could crash PI Network Manager due to a race condition. This can result in blocking connections and queries to PI Data Archive...

CVE-2020-6164

In SilverStripe through 4.5.0, a specific URL path configured by default through the silverstripe/framework module can be used to disclose the fact that a domain is hosting a Silverstripe application. There is no disclosure of the specific version. The functionality on this URL path is limited to...

Fedora: Security Advisory for adns (FEDORA-2020-530188bf36)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: adns-1.6.0-1.fc32

adns is a resolver library for C and C++ programs. In contrast with the existing interfaces, gethostbyname et al and libresolv, it has the following features: - It is reasonably easy to use for simple programs which just want to translate names to addresses, look up MX records, etc. - It can be...

[SECURITY] Fedora 31 Update: adns-1.6.0-1.fc31

adns is a resolver library for C and C++ programs. In contrast with the existing interfaces, gethostbyname et al and libresolv, it has the following features: - It is reasonably easy to use for simple programs which just want to translate names to addresses, look up MX records, etc. - It can be...

Privilege escalation in Presto

Affected This affects Presto server installations. This does NOT affect clients such as the CLI or JDBC driver. Impact Authenticated users can bypass authorization checks by directly accessing internal APIs. This impacts Presto server installations with secure internal communication configured...

PT-2020-14175 · Presto · Presto

Name of the Vulnerable Software and Affected Versions: Presto versions prior to 337 Description: Authenticated users can bypass authorization checks by directly accessing internal APIs. This issue impacts Presto server installations with secure internal communication configured. It does not affec...

COVID-19 Risks of Flying

I fly a lot. Over the past five years, my average speed has been 32 miles an hour. That all changed mid-March. It's been 105 days since I've been on an airplane -- longer than any other time in my adult life -- and I have no future flights scheduled. This is all a prelude to saying that I have be...

CVE-2020-14210

Reflected Cross-Site Scripting XSS vulnerability in MONITORAPP WAF in which script can be executed when responding to Request URL information. It provides a function to response to Request URL information when blocking...

GHSA-QCXH-W3J9-58QR Apache Tomcat Denial of Service vulnerability

The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servle...

Security update for java-1_8_0-openjdk (important)

openSUSE Security Update: Security update for java-180-openjdk Announcement ID: openSUSE-SU-2020:0800-1 Rating: important References: 1160398 1169511 1171352 Cross-References: CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803...