286 matches found
Acronis True Image 授权问题漏洞
Acronis True Image is a famous data backup and restore software from Acronis Singapore. The software can be used to create drive and disk images and can restore the image when a clean system is needed. A security vulnerability exists in Acronis True Image 2021 Update 4 and earlier versions for...
CVE-2021-32753
EdgeX Foundry is an open source project for building a common open framework for internet-of-things edge computing. A vulnerability exists in the Edinburgh, Fuji, Geneva, and Hanoi versions of the software. When the EdgeX API gateway is configured for OAuth2 authentication and a proxy user is...
CVE-2021-32753
EdgeX Foundry is an open source project for building a common open framework for internet-of-things edge computing. A vulnerability exists in the Edinburgh, Fuji, Geneva, and Hanoi versions of the software. When the EdgeX API gateway is configured for OAuth2 authentication and a proxy user is...
Authentication flaw
EdgeX Foundry is an open source project for building a common open framework for internet-of-things edge computing. A vulnerability exists in the Edinburgh, Fuji, Geneva, and Hanoi versions of the software. When the EdgeX API gateway is configured for OAuth2 authentication and a proxy user is...
CVE-2021-32753 Weak password in API gateway in EdgeX Foundry Edinburgh, Fuji, Geneva, and Hanoi releases allows remote attackers to obtain authentication token via dictionary-based password attack when OAuth2 authentication method is enabled.
EdgeX Foundry is an open source project for building a common open framework for internet-of-things edge computing. A vulnerability exists in the Edinburgh, Fuji, Geneva, and Hanoi versions of the software. When the EdgeX API gateway is configured for OAuth2 authentication and a proxy user is...
(RHSA-2021:2439) Important: Open Liberty 21.0.0.6 Runtime security update
Open Liberty is a lightweight open framework for building fast and efficient cloud-native Java microservices. This release of Open Liberty 21.0.0.6 serves as a replacement for Open Liberty 21.0.0.3, and includes a security fix and enhancements. For specific information about this release, see lin...
Apache APISIX Access Control Error Vulnerability
Apache Apisix is a cloud-native microservices API gateway service from the Apache Foundation. The software is implemented based on OpenResty and etcd, with dynamic routing and plugin hot-loading, suitable for API management under the microservices architecture. APISIX Dashboard has a security...
SQL Injection Vulnerability in Seiko Cloud MES
Jinggong Cloud MES, mainly for small and medium-sized manufacturing shop floor management, based on industrial Internet, micro-services, cloud computing, Internet of Things, big data technology architecture, to provide low-cost, fast deployment, easy operation and maintenance of SAAS applications...
Why Developers Are Writing Apps on Our Edge Platform
A lot of companies talk about edge computing today, but at Akamai, we've been doing it for more than 20 years. We were the first company to offer edge computing services, beginning in 1999 with advanced metadata, an XML-based language used to enable a variety of capabilities on our edge platform ...
Securing Kubernetes Deployments From Runway to Takeoff
Kubernetes use is rising rapidly—according to a 2019 Cloud Native Computing Foundation CNCF survey, 78% of respondents say they use Kubernetes today 58% more respondents than the previous year. With numbers like those, it looks like everyone is headed toward the cloud. But as with any journey, yo...
Low: Red Hat Security Advisory: Red Hat AMQ Streams 1.7.0 release and security update
Red Hat AMQ Streams 1.7.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
NATS Server Access Control Error Vulnerability
NATS Server is an open source messaging system. The system is mainly used for cloud-native applications, IoT messaging and microservices architecture. An access control error vulnerability exists in NATS Server 2.x before 2.2.0 and JWT library before 2.0.1, which stems from improper handling of...
Securing Containers and Kubernetes-Orchestrated Environments
In a recent Black Hat webcast, “Securing Containers and Kubernetes-Orchestrated Environments,” sponsored by VMware Carbon Black, guest speakers Sheila A. Berta, Offensive Security Specialist, Dreamlab Technologies and Haim Helman, CTO, VMware Carbon Black App Security, VMware Security Business...
Launching a New Game Studio and Planning for Growth
So, you're starting your own game studio. This is an incredible opportunity! You and your team get to start fresh and build the game of your dreams! But, let's be honest, if you have just founded your own game studio, odds are that you're not a technical architect. You may have some technical...
How the Edge Improves Microservices
Microservice architecture has transformed the way we develop and operate our applications. Microservices aren't a technology or a programming language. Instead, they create a structure for designing and building applications based on the idea that the individual functions of a website should...
How DevOps Tools Can Help Publishers Thrive
Agility has proven to be a key weapon in the publisher arsenal during the pandemic. Agile firms -- particularly news publishers -- that switched directions or added digital services quickly reaped the rewards of new readers and viewers, even if the audience boost didn't result in a similar increa...
Security Bulletin: Multiple Security Vulnerabilities in IBM WebSphere Application Server affects IBM Voice Gateway
Summary Multiple security vulnerabilities in IBM WebSphere Application Server affect certain IBM Voice Gateway microservices. CVE-2020-4590 impacts the beta version, OpenID Provider microservice and CVE-2020-10693 impacts the Voice Agent Tester microservice. Vulnerability Details CVEID:...
Semrush: Critically Sensitive Spring Boot Endpoints Exposed
Spring Boot includes a number of additional features to help you monitor and manage your application when you push it to production. Hacker found that actuator endpoints containing potentially sensitive data such as internal tokens and service data were left public. Semrush has a microservices...
(RHSA-2020:4344) Moderate: Open Liberty 20.0.0.11 Runtime security update
Open Liberty is a lightweight open framework for building fast and efficient cloud-native Java microservices. This release of Open Liberty 20.0.0.11 serves as a replacement for Open Liberty 20.0.0.10 and includes enhancements. For specific information about this release, see links in the Referenc...
Platform Update Highlights for eCommerce
Akamai's October Platform Update offers a ton of new features for our customers across all industries. But if you're an online retailer, you should really be paying attention to improvements to EdgeWorkers and Image & Video Manager, which provide expanded capabilities for creating new microservic...