260 matches found
openSUSE Security Update : python (openSUSE-2020-696)
This update for python fixes the following issues : Security issues fixed : - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised bsc1155094. - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs...
openSUSE: Security Advisory for python (openSUSE-SU-2020:0696-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2020:1339-1)
This update for python fixes the following issues : Security issues fixed : CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised bsc1155094. CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs...
Security update for python (moderate)
openSUSE Security Update: Security update for python Announcement ID: openSUSE-SU-2020:0696-1 Rating: moderate References: 1155094 1162825 Cross-References: CVE-2019-18348 CVE-2019-9674 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description:...
SUSE SLES12 Security Update : python3 (SUSE-SU-2020:0854-1)
This update for python3 fixes the following issue : CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised bsc1155094. CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs bsc1162825. CVE-2020-8492: Fix...
SUSE-SU-2020:0854-1 Security update for python3
This update for python3 fixes the following issue: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised bsc1155094. - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs bsc1162825. - CVE-2020-8492...
openSUSE Security Update : python3 (openSUSE-2020-274)
This update for python3 fixes the following issues : Security issues fixed : - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs bsc1162825. - CVE-2020-8492: Fixed a regular expression in urrlib that was prone to denial of service via HTTP bsc1162367. Non-security issu...
SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2020:0510-1)
This update for python fixes the following issues : Security issues fixed : CVE-2019-9674: Improved the documentation, warning about dangers of zip-bombs bsc1162825. CVE-2020-8492: Fixed a regular expression in urrlib that was prone to denial of service via HTTP bsc1162367. Note that Tenable...
SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2020:0467-1)
This update for python3 fixes the following issues : Security issues fixed : CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs bsc1162825. CVE-2020-8492: Fixed a regular expression in urrlib that was prone to denial of service via HTTP bsc1162367. Non-security issue...
SUSE-SU-2020:0467-1 Security update for python3
This update for python3 fixes the following issues: Security issues fixed: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs bsc1162825. - CVE-2020-8492: Fixed a regular expression in urrlib that was prone to denial of service via HTTP bsc1162367. Non-security issue...
Insider Logic Bombs
Add to the "not very smart criminals" file: According to court documents, Tinley provided software services for Siemens' Monroeville, PA offices for nearly ten years. Among the work he was asked to perform was the creation of spreadsheets that the company was using to manage equipment orders. The...
Siemens Contractor Pleads Guilty to Planting 'Logic Bomb' in Spreadsheets
A former Siemens contractor has pledged guilty in federal court Friday to secretly planting code in automated spreadsheets he had created for the company over a decade ago that deliberately crashes the program every few years. David Tinley, a 62-year-old resident of Harrison City, Pennsylvania, w...
Mailing Tech Support a Bomb
I understand his frustration, but this is extreme: When police asked Cryptopay what could have motivated Salonen to send the company a pipe bomb or, rather, two pipe bombs, which is what investigators found when they picked apart the explosive package the only thing the company could think of...
How Feds Tracked Down Mail Bomb Suspect Cesar Sayoc
At a press conference Friday, officials detailed how they identified and found Cesar Sayoc, who has been arrested in connection with a series of mail bombs targeting prominent liberals and CNN...
Democrat Mail Bomb Scares Are a Perfect Misinformation Storm
News of apparent mail bombs targeting prominent Democrats and CNN give way to a deluge of false reports, partisan finger-pointing, and bad-faith conspiracy theories online...
What we’ve got here is failure to communicate: OS vendors misread CPU docs, create flaw
In a memorable scene from “Jumpin’ Jack Flash,” Whoopi Goldberg struggles to understand the lyrics of the eponymous song from the Rolling Stones, as she pleads: “Mick, Mick, Mick, speak English!” It appears that multiple operating system vendors had similar trouble interpreting Intel and AMD...
Boomerang spam bombs Malwarebytes forum—not a smart move
Tech support scammers are generally not the best and brightest. As such, they will occasionally post ads for their fake companies in the comment sections here or on the Malwarebytes forums. Last week, however, scammers struggled with configuring their spambots, resulting in spam bombs on the foru...
Apache Traffic Server Denial of Service Vulnerability (CNVD-2017-06029)
Apache Traffic Server is an efficient and scalable HTTP proxy and caching server . Apache Traffic Server has a security vulnerability that allows remote attackers to exploit the vulnerability to submit a special request and perform HPACK Bomb attacks...
Laser Gun to Detect Bombs and Chemical Weapons from 100 Feet Away
In Brief US-based Intelligence Advanced Research Projects Activity IARPA agency is sponsoring a program to build portable laser sensors that could detect explosives, narcotics and other dangerous chemical weapons from 100 feet away. Dubbed SILMARILS Standoff Illuminator for Measuring Absorbance a...
Bombs explosions – simulator - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application Bombs explosions – simulator published at the 'play' market has multiple vulnerabilities...