14 matches found
PT-2026-37991
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and 21.3.8. Difficult to exploit vulnerability allows unauthenticated...
Keycloak 安全漏洞
Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. Keycloak suffers from a security vulnerability that stems from an insecure configuration of the management interface. An attacker could use thi...
Apache Geode vulnerable to Incorrect Authorization
When an Apache Geode server versions 1.0.0 to 1.4.0 is configured with a security manager, a user with DATA:WRITE privileges is allowed to deploy code by invoking an internal Geode function. This allows remote code execution. Code deployment should be restricted to users with DATA:MANAGE privileg...
GHSA-JMG4-X4VP-6C6X Apache Geode vulnerable to Incorrect Authorization
When an Apache Geode server versions 1.0.0 to 1.4.0 is configured with a security manager, a user with DATA:WRITE privileges is allowed to deploy code by invoking an internal Geode function. This allows remote code execution. Code deployment should be restricted to users with DATA:MANAGE privileg...
Actors Target Huawei Cloud Using Upgraded Linux Malware
In this article, we discuss a new Linux malware trend in which malicious actors deploy code that removes applications and services present mainly in Huawei Cloud...
OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows unauthenticated...
OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows unauthenticated...
PT-2021-3750
Name of the Vulnerable Software and Affected Versions Java SE versions 7u301, 8u291, 11.0.11, 16.0.1 Oracle GraalVM Enterprise Edition versions 20.3.2 and 21.1.0 Description The issue is related to insufficient input validation in the Networking component of Java SE and Oracle GraalVM Enterprise...
Innovative Ways Customers Compute on the Edge
Moving everything closer to the edge is the key to delivering better, faster experiences to people through billions of devices around the world. The idea of edge computing isn't new -- Akamai customers have been caching content at the edge for decades, taking advantage of lower latency and...
Cooolis-ms - A Server That Supports The Metasploit Framework RPC
Cooolis-ms is a server that supports Metasploit Framework RPC. It is used to work for Shellcode and PE loader, bypassing the static detection of anti-virus software to a certain extent, and allows the Cooolis-ms server to perform with the Metasploit server separate. Loader execution process: 1...
Building for Billions: Addressing Security Concerns for Platforms at Scale
Security operations once consisted of a multitude of manual operations based around alerts, thresholds and severity levels. As systems scale and platforms continue to grow, how do you keep up with the growing requirements to secure these transactions and the networks they are built upon?...
CVE-2017-15695
CVE-2017-15695 affects Apache Geode server versions 1.0.0–1.4.0 when configured with a security manager. A user with the privileges DATA:WRITE can deploy code by invoking an internal Geode function, enabling remote code execution. The proper restriction is that code deployment should be limited t...
CVE-2017-15695
When an Apache Geode server versions 1.0.0 to 1.4.0 is configured with a security manager, a user with DATA:WRITE privileges is allowed to deploy code by invoking an internal Geode function. This allows remote code execution. Code deployment should be restricted to users with DATA:MANAGE privileg...
Etsy Feature Flags Keep Marketplace Online and Secure
BOSTON – Etsy is one of the Web’s biggest marketplaces. Its developers may be one of Web’s busiest teams. Proudly, the vintage and homemade goods online store, will push code to production upwards of 50 times a day. And, according to Kenneth Lee, senior product security engineer, they do so with...