Cross-site Scripting (XSS)

Red Hat Enterprise MRG Messaging, Realtime, and Grid is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. A number of unprotected resources web pages, export functionality,...

[SECURITY] Fedora 28 Update: samba-4.8.11-0.fc28

Samba is the standard Windows interoperability suite of programs for Linux and Unix...

[SECURITY] Fedora 29 Update: samba-4.9.6-0.fc29

Samba is the standard Windows interoperability suite of programs for Linux and Unix...

[SECURITY] Fedora 30 Update: samba-4.10.2-0.fc30

Samba is the standard Windows interoperability suite of programs for Linux and Unix...

Facebook’s history betrays its privacy pivot

Facebook CEO Mark Zuckerberg proposed a radical pivot for his company this month: it would start caring—really—about privacy, building out a new version of the platform that turns Facebook less into a public, open “town square” and more into a private, intimate “living room.” Zuckerberg promised...

UBUNTU-CVE-2018-20030

An error when processing the EXIFIFDINTEROPERABILITY and EXIFIFDEXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources...

ALPINE-CVE-2018-20030

An error when processing the EXIFIFDINTEROPERABILITY and EXIFIFDEXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources...

DEBIAN-CVE-2018-20030

An error when processing the EXIFIFDINTEROPERABILITY and EXIFIFDEXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources...

libexif EXIF_IFD_INTEROPERABILITY / EXIF_IFD_EXIF Denial of Service Vulnerability

libexif is a library of functions written in C to read and write EXIF meta-information from graphics files. A denial of service vulnerability exists in libexif EXIFIFDINTEROPERABILITY / EXIFIFDEXIF. An attacker can exploit the vulnerability to cause a DoS Denial of Service...

Cumulative Update 38 for Microsoft Dynamics NAV 2016 (Build 50785)

Cumulative Update 38 for Microsoft Dynamics NAV 2016 Build 50785 This article applies to Microsoft Dynamics NAV 2016 for all countries and all language locales. Overview This cumulative update includes all hotfixes and regulatory features that have been released for Microsoft Dynamics NAV 2016,...

[SECURITY] Fedora 29 Update: samba-4.9.3-0.fc29

Samba is the standard Windows interoperability suite of programs for Linux and Unix...

Is FIDO the future instrument to prove our identity?

FIDO, short for Fast IDentity Online, is an industry consortium started in 2013 to address the lack of interoperability among strong authentication devices and the problems users face creating and remembering multiple usernames and passwords. Among the founders were those who work in the financia...

Privacy Questions Raised as Tech Giants Join Forces on Data Portability

A veritable who’s who of tech giants from Google, Facebook, Microsoft and Twitter, went public last week with a partnership on a standards initiative called the Data Transfer Project DTP, built to enable data portability between cloud platforms. But security researchers believe the project’s...

Security Bulletin: FileNet Content Management Interoperability Services (CMIS), which is shipped with IBM Content navigator, is affected by the ability to execute remote attacker’s arbitrary code on a target machine vulnerability

Summary FileNet Content Management Interoperability Services CMIS, which is shipped with IBM Content Navigator, has addressed the following vulnerability. Ability to execute remote attacker’s arbitrary code on a target machine by leveraging the untrusted data in DiskFileItem class of FileUpload...

SUSE SLED12 / SLES12 Security Update : Recommended update for LibreOffice (SUSE-SU-2018:1076-1)

LibreOffice was updated to version 6.0.3. Following new features were added : - The Notebookbar, although still an experimental feature, has been enriched with two new variants: Grouped Bar Full for Writer, Calc and Impress, and Tabbed Compact for Writer. The Special Characters dialog has been...

Security baselines should underpin efforts to manage cybersecurity risk across sectors

This post is authored byAngela McKay, Director of Cybersecurity Policy and Amanda Craig, Senior Cybersecurity Strategist, CELA. Organizations are leveraging technology to transform their operations, products, and services, and governments are increasingly focusing on how to enable such dynamic...

[SECURITY] Fedora 26 Update: asterisk-13.18.4-1.fc26

Asterisk is a complete PBX in software. It runs on Linux and provides all of the features you would expect from a PBX and more. Asterisk does voice over IP in three protocols, and can interoperate with almost all standards-based telephony equipment using relatively inexpensive hardware...

[SECURITY] Fedora 26 Update: samba-4.6.11-0.fc26

Samba is the standard Windows interoperability suite of programs for Linux and Unix...

[SECURITY] Fedora 27 Update: samba-4.7.3-0.fc27

Samba is the standard Windows interoperability suite of programs for Linux and Unix...

I can Haz TLS 1.3 ?

Everybody wants to be able to use TLS 1.3. Among the reasons are: It's faster - being able to reconnect to a server you've previously used, and saving a full round-trip latency is impressive. It's more reliable - the protocol has been cleaned up and simplified. For example, the related concepts o...