hw: cpu: speculative store bypass

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the...

LibRaw: Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp

LibRaw is vulnerable to stack-based buffer overflow in internal/dcrawcommon.cpp:quicktake100loadraw function when processing specially-crafted RAW data. An attacker could potentially use this flaw to cause an arbitrary code execution or denial of service...

LibRaw 'rollei_load_raw()' function heap buffer overflow vulnerability

LibRaw is a C++ library for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A heap buffer overflow vulnerability exists in the 'rolleiloadraw' function in the internal/dcrawcommon.cpp file in LibRaw versions prior to 0.18.9. A remote attacker can exploit this vulnerability with th...

iOS 12 adoption and performance - what it means for your business's app

On September 17th, Apple released iOS 12. And while many innovative new features were announced, the very first feature listed in the release notes was "Performance." Earlier this year, Apple was heavily criticized for throttling CPU speeds on mobile devices, which drastically affected their...

[SECURITY] Fedora 28 Update: lighttpd-1.4.51-1.fc28

Secure, fast, compliant and very flexible web-server which has been optimiz ed for high-performance environments. It has a very low memory footprint compa red to other webservers and takes care of cpu-load. Its advanced feature-set FastCGI, CGI, Auth, Output-Compression, URL-Rewriting and many mo...

CVE-2018-15316

In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge Client 7101-7160, the BIG-IP APM Edge Client component loads the policy library with user permission and bypassing the endpoint checks...

GHSA-JX6H-3FJX-CGV5 Apache Tomcat information exposure vulnerability

Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that...

CVE-2018-7110

A remote unauthorized disclosure of information vulnerability was identified in HPE Service Governance Framework SGF version 4.2, 4.3. A race condition under high load in SGF exists where SGF transferred different parameter to the enabler...

CVE-2018-7110

A remote unauthorized disclosure of information vulnerability was identified in HPE Service Governance Framework SGF version 4.2, 4.3. A race condition under high load in SGF exists where SGF transferred different parameter to the enabler...

It will take more than web pages that load faster to boost holiday conversion

When designing websites to meet peak traffic demands, it is vital to look beyond basic metrics such as page load speed. Providing visual content optimized for both desktop and mobile devices, and combating security threats will help you drive traffic and improve conversion rates during the holida...

New Ninth-Gen Intel CPUs Shield Against Some Spectre, Meltdown Variants

Intel’s new ninth-generation CPUs come packed with hardware-based protections against two variants of the infamous Meltdown and Spectre speculative execution attacks. The ninth-generation desktop Core processors are dubbed Coffee Lake, and became available for preorder on Tuesday. they’re built t...

September 20, 2018—KB4458315 (Preview of Monthly Rollup)

September 20, 2018—KB4458315 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4458010 released September 11, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: No...

[SECURITY] Fedora 28 Update: haproxy-1.8.14-1.fc28

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

[SECURITY] Fedora 29 Update: haproxy-1.8.14-1.fc29

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

USN-3780-1: HAProxy vulnerability

It was discovered that HAProxy incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service...

USN-3775-1 linux vulnerabilities

It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. CVE-2018-15594 It was...

HTTPS client certificate authentication security issues. Part 1/3

Sometimes we need to improve web authentication by client certificates. It’s much better than passwords, allows to enable 2nd factor because of hardware keys and just sounds so strong, isn’t it? ; Let’s look inside it to understand how secure is it and what to check to be sure, that you didn’t...

WAVM Denial of Service Vulnerability (CNVD-2019-09768)

WAVM is the WebAssembly Virtual Machine. A denial of service vulnerability exists in versions of WAVM prior to 2018-09-16, which stems from the loadModule function in Include/Inline/CLI.h failing to check the length of a file before the file MAGIC comparison, which can be exploited by an attacker...

Error : "An error occurred while building your environment...". Synchronization State of WEM Agents Has a Red "X"

After upgrading WEM from 4.2 to 4.4, WEM agents are failing to connect to the WEM server with the following error: "An error occurred while building your environment. Agent processing will now stop. Please contact your Administrator." Issue only occurs when connections are going through Load...

CyberChef - The Cyber Swiss Army Knife [A Web App For Encryption, Encoding, Compression And Data Analysis]

The Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression an...