The Cloud in 2019: Current Uses and Emerging Risks

In the current tech landscape, one would be hard-pressed to find an organization that operates without the help of cloud environments and capabilities. From data storage and document sharing to enabling remote access and communication, the cloud represents the most critical linchpin of today's...

[SECURITY] Fedora 29 Update: spice-0.14.1-2.fc29

The Simple Protocol for Independent Computing Environments SPICE is a remote display system built for virtual environments which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine...

Moderate: Red Hat Bug Fix Advisory: OpenShift Container Platform 3.9 bug fix and enhancement update

Red Hat OpenShift Container Platform release 3.9.60 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud...

From the Core to the Edge: 3 Security Imperatives and the Evolving Digital Topology

The breathtaking pace at which everyone and everything is becoming connected is having a profound effect on digital business, from delivering exceptional experiences, to ensuring the security of your customers, applications, and workforce. Consider this: There are over 20 billion connected device...

LibVNC Null Pointer Reverse Reference Vulnerability

LibVNC is a cross-platform C library for implementing VNC server and client functionality. A null pointer back-reference vulnerability exists in VNC client code in versions prior to LibVNC commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7. An attacker could exploit this vulnerability to cause a...

LibVNC Improper Initialization Vulnerability

LibVNC is a cross-platform C library for implementing VNC server and client functionality. A security vulnerability exists in the VNC client code in versions prior to LibVNC 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838, which stems from incorrect initialization of the program. An attacker could explo...

DEBIAN-CVE-2018-20022

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak...

UBUNTU-CVE-2018-20020

LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution...

UBUNTU-CVE-2018-20019

LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution...

My Takeaways from the Gartner I&O Conference

By Renata Budko, Wallarm Last week I spent a few days in Las Vegas with the great folks at the Gartner IT Infrastructure, Operations & Cloud Strategies Conference. Gathered for the conference there were experts around the world from analysts to VPs to infrastructure and operations leaders to...

Multiple Siemens Products Denial of Service Vulnerabilities

Siemens SINUMERIK 808D and so on are the German Siemens Siemens company's CNC machine tool system controller. A security vulnerability exists in several Siemens products. A remote attacker could exploit this vulnerability by using the integrated VNC server on port 5900/tcp to cause a denial of...

First Steps in Hyper-V Research

Microsoft has put a lot of effort in Hyper-V security. Hyper-V, and the whole virtualization stack, runs at the core of many of our products: cloud computing, Windows Defender Application Guard, and technology built on top of Virtualization Based Security VBS. Because Hyper-V is critical to so mu...

RHEL 6 : openshift-origin-node-util (RHSA-2013:0148)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2013:0148 advisory. The openshift-origin-node-util package provides a set of utility scripts for a node. Red Hat OpenShift Enterprise is a cloud computing...

RHEL 6 : openshift (RHSA-2014:0487)

Red Hat OpenShift Enterprise release 2.1, which fixes one security issue, several bugs, and includes various enhancements, is now available. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which...

RHEL 6 : Red Hat OpenShift Enterprise 2.2 Release Advisory (Moderate) (RHSA-2014:1796)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1796 advisory. OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private clou...

RHEL 6 : openshift (RHSA-2013:0582)

Red Hat OpenShift Enterprise 1.1.1 is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in...

RHEL 7 : atomic-openshift (RHSA-2016:1427)

An update for atomic-openshift is now available for Red Hat OpenShift Enterprise 3.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 7 : jenkins (RHSA-2016:1206)

An updated Jenkins package and image that includes security fixes are now available for Red Hat OpenShift Enterprise 3.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

RHEL 7 : OpenShift Container Platform 3.1 (RHSA-2018:1243)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1243 advisory. Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud...

RHEL 7 : Red Hat OpenShift Enterprise (RHSA-2017:3389)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3389 advisory. OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud...