Moderate: Red Hat Security Advisory: Red Hat Decision Manager 7.6.0 Security Update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

How Organizations Can Defend Against Advanced Persistent Threats

Advanced persistent threats APTs have emerged to be legitimate concerns for all organizations. APTs are threat actors that breach networks and infrastructures and stealthily lurk within them over extended spans of time. They typically perform complex hacks that allow them to steal or destroy data...

Authorization Bypass

apache-superset is vulnerable to authorization bypass. A malicious user is able bypass access controls to retrieve restricted metadata information of the database using complex queries...

CVE-2019-12413

In Apache Incubator Superset before 0.31 user could query database metadata information from a database he has no access to, by using a specially crafted complex query...

CVE-2019-19342

A flaw was found in Ansible Tower 3.6.1 and 3.5.3 when /websocket is requested and the password contains the '' character. This request would cause a socket error in RabbitMQ when parsing the password and an HTTP error code 500 and partial password disclose will occur in plaintext. An attacker...

[SECURITY] Fedora 30 Update: phpMyAdmin-4.9.2-1.fc30

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

[SECURITY] Fedora 31 Update: phpMyAdmin-4.9.2-1.fc31

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

[SECURITY] Fedora 30 Update: hunspell-1.7.0-4.fc30

Hunspell is a spell checker and morphological analyzer library and program designed for languages with rich morphology and complex word compounding or character encoding. Hunspell interfaces: Ispell-like terminal interface usi ng Curses library, Ispell pipe interface, LibreOffice UNO module...

Dexphot Malware Hijacks 80K+ Devices to Mine Cryptocurrency

Microsoft is warning of malware, Dexphot, that has infected more than 80,000 machines, sucking up their CPU power in order to mine cryptocurrency. Researchers first discovered Dexphot in October 2018 and saw its activity peak during July. They said that the malware has a complex attack chain and...

[SECURITY] Fedora 31 Update: mingw-hunspell-1.7.0-6.fc31

Hunspell is a spell checker and morphological analyzer library and program designed for languages with rich morphology and complex word compounding or character encoding. Hunspell interfaces: Ispell-like terminal interface usi ng Curses library, Ispell pipe interface, OpenOffice.org UNO module...

Fedora Update for mingw-hunspell FEDORA-2019-746b0b02f7

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Device Hopping Shoppers Drive Up Bounce Rates Leading Into Holiday 2019

Executive Summary In 2018, Akamai reported for the first time that shoppers used mobile devices more than desktops for all the major peak traffic events we measured. Interestingly, they often don't complete their purchase on a mobile device. If the most recently concluded back-to-school shopping...

Format string

In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srttoass in libavcodec/srtdec.c has a complex format argument to sscanf...

CVE-2019-9717

In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srttoass in libavcodec/srtdec.c has a complex format argument to sscanf...

[SECURITY] Fedora 29 Update: igraph-0.7.1-12.fc29

igraph wants to be an efficient platform for 1 complex network analysis and 2 developing and implementing graph algorithms. It provides flexible and efficient data structures for graphs and related tasks. It also provides implementation to many classic and new graph algorithms like: maximum flows...

[SECURITY] Fedora 30 Update: igraph-0.7.1-12.fc30

igraph wants to be an efficient platform for 1 complex network analysis and 2 developing and implementing graph algorithms. It provides flexible and efficient data structures for graphs and related tasks. It also provides implementation to many classic and new graph algorithms like: maximum flows...

Fedora Update for igraph FEDORA-2019-060e7b383c

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Corporate IoT - a path to intrusion

Several sources estimate that by the year 2020 some 50 billion IoT devices will be deployed worldwide. IoT devices are purposefully designed to connect to a network and many are simply connected to the internet with little management or oversight. Such devices still must be identifiable,...

How the West Got China's Social Credit System Wrong

It occupies a spot next to 'Black Mirror' and Big Brother in popular imagination, but China’s social credit project is far more complicated than a single, all-powerful numerical score...

Important: Red Hat Security Advisory: Red Hat Decision Manager 7.4.0 Security Update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...