8751 matches found
new packages: gcc-toolset-9-elfutils
GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-elfutils packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GCC...
ALEA-2019:3443 new packages: gcc-toolset-9-elfutils
GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-elfutils packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GCC...
ALBA-2019:3439 new packages: gcc-toolset-9-dwz
GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-dwz packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GCC...
new packages: gcc-toolset-9-dwz
GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-dwz packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GCC...
JetBrains Rider Code Issue Vulnerability
JetBrains Rider is a cross-platform .NET integrated development environment IDE from the Czech company JetBrains. A code issue vulnerability exists in JetBrains Rider versions prior to 2019.1.2. The vulnerability stems from an improperly designed or implemented code development process for a...
SQL Injection Vulnerability in Qingdao Business-to-Business Web Development System
Qingdao Business to Faith Network Technology Co., Ltd, founded in March 2001, was initially a high-tech specialized company specializing in e-commerce, network marketing, software development, IDC and related network value-added services. A SQL injection vulnerability exists in Qingdao Business t...
PHP: Arbitrary code execution
Background PHP is an open source general-purpose scripting language that is especially suited for web development. Description A underflow in envpathinfo in PHP-FPM under certain configurations can be exploited to gain remote code execution. Impact A remote attacker, by sending special crafted HT...
Mail.ru: Access to Tarantool
An access to admin interface of Tarantool host in development/stage environment was not properly restricted, allowing LUA code execution...
A New Playground for Cybercrime: Why Supply Chain Security Must Cover Software Development
Most organisations see supply chains as providers of physical goods and services. The supply chain management function in these companies usually provides the governance framework to reduce third-party risks and prevent hackers from stealing data, disrupting daily operations and affecting busines...
Celebrate Cybersecurity Awareness Month with These Tips From a Survey of 1,200 Security Pros
Held every October, National Cybersecurity Awareness Month NCSAM is a collaborative effort between government and industry meant to raise awareness about the importance of cybersecurity. NCSAM is focused largely on consumer awareness, but for cybersecurity leaders, it is also a great opportunity ...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM® SDK Java™ Technology Edition, Version 6 shipped with IBM Netezza Analytics
Summary IBM Netezza Analytics does not use IBM SDK, Java Technology Edition, therefore the April IBM Java SDK update was not applicable to IBM Netezza Analytics. If you developed code using the IBM Java SDK that is shipped with IBM Netezza Analytics, you should evaluate your code to determine...
The vulnerability of the OpenJDK project for the Java programming language stems from lack of access control, allowing attackers to gain access to confidential data.
The vulnerability of the OpenJDK project for the Java programming language is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to confidential data...
Oracle JDeveloper and ADF Unauthorized Access Vulnerability
Oracle JDeveloper is an integrated development environment that provides end-to-end support for modeling, developing, debugging, optimizing, and deploying Java applications and Web services.Oracle ADF is an end-to-end Java EE framework that simplifies application development by providing...
PT-2019-3753 · Oracle · Adf +2
Name of the Vulnerable Software and Affected Versions: Oracle JDeveloper and ADF versions 11.1.1.9.0 through 12.2.1.3.0 Description: The issue is related to insufficient access control in the OAM component of Oracle JDeveloper and ADF, allowing a remote attacker to gain unauthorized access to...
Exploit for Improper Privilege Management in Cloudcti Hip_Integrator_Recognition_Configuration_Tool
Author: Arn Vollebregt Introduction Creativity is at the c...
Race condition
A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFIN...
New IDA Pro plugin provides TileGX support
By Jonas Zaddach Overview Cisco Talos has a new plugin available for IDA Pro that provides a new disassembler for TileGX binaries. This tool should assist researchers in reverse-engineering threats in IDA Pro that target TileGX. We started developing this tool after the VPNFilter campaign last...
PT-2019-19691 · Cobham · Cobham Explorer 710
Name of the Vulnerable Software and Affected Versions: Cobham EXPLORER 710 firmware version 1.07 Description: The issue concerns the lack of firmware image validation in the device. Development scripts that were left in the firmware can be exploited to upload a custom firmware image. This could...
DEBIAN-CVE-2019-6471
A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 - 9.11.7, 9.12.0 - 9.12.4-P1, 9.14.0 - 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of...
CVE-2019-6467
A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAI...