PT-2018-10171 · Python +2 · Python-Cryptography +2

Name of the Vulnerable Software and Affected Versions: python-cryptography versions 1.9.0 through 2.3 Description: A flaw was found in the finalize with tag API, which did not enforce a minimum tag length. This allows an attacker to craft an invalid payload with a shortened tag, potentially leadi...

Microsoft Windows: LAPS: Password Settings: Password Length

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winlapspasswdlength.nasl 11337 2018-09-11 14:23:53Z emoss $ Check value for Password Settings: Password Length Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program i...

Display client-side notification area battery status in desktop sessions

Feature Description In previous versions of XenApp & XenDesktop, users working from a laptop and in a full-screen desktop session would not be aware of the laptop’s battery status or remaining battery level. This could lead to a loss of work/productivity for users when the laptop unexpectedly shu...

Работа по всей территории РФ

НАБИРАЕМ ПЕРСОНАЛ - Возможность зарабатывать от 5000 рублей в день. - График работы гибкий. - Выплаты стабильно, без задержек - еженедельно. - Предоставляем помощь в переезде при необходимости - Приём на работу строго от 18 лет По вопросам трудоустройства пишите НАШИ КОНТАКТЫ: Telegram:...

Microsoft Windows: Minimum password age

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winpasswdminage.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Minimum password age WMI Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

Linux kernel denial of service vulnerability (CNVD-2018-07978)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'killsomethinginfo' function in the kernel/signal.c file in Linux kernel versions prior to 4.13. A local attacker can exploit th...

UBUNTU-CVE-2018-10124

The killsomethinginfo function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INTMIN argument...

DEBIAN-CVE-2018-10087

The kernelwait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INTMIN value...

UBUNTU-CVE-2018-10087

The kernelwait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INTMIN value...

Microsoft Excel CVE-2018-1029 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

TLS and SHA2 Support with Citrix Receivers

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company's Help Desk/IT support team and can refer to CTX297149 for more information. To use TLS encryption for Citrix Receiver Communications, following table describes the minimum Citr...

CVE-2017-17815

In Netwide Assembler NASM 2.14rc0, there is an illegal address access in ismmacro in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts...

Distributed File Analysis Framework: Assemblyline

Assemblyline is a scalable distributed file analysis framework . It is designed to process millions of files per day but can also be installed on a single box. Canada’s electronic spy agency says it is taking the “unprecedented step” of releasing one of its own cyber defence tools to the public, ...

What to Consider When Choosing a Security Vendor

Picking a security vendor for your managed service business should be about business model alignment, not product cost. If you’re a seasoned managed service provider MSP, you are already very familiar with the benefits of the pay-as-you-go business model. In fact, it’s most likely how you sell yo...

Fedora 26 : php-pear-CAS (2017-2f3096ba16)

Changes in version 1.3.5 - Security Fixes : - Fix possible authentication bypass in validateCAS20 228 Gregory Boddin - Bug Fixes : - Fix file permissions non-executable 177 Remi Collet - Fixed translations Greek and Japanese 192 ikari7789 - Fix errors under phpdbg 204 MasonM - Fix logout...

Sandia Cyber Omni Tracker: SCOT

Sandia Cyber Omni Tracker The Sandia Cyber Omni Tracker SCOT is a cyber security incident response management system and knowledge base. Designed by cyber security incident responders, SCOT provides a new approach to manage security alerts, analyze data for deeper patterns, coordinate team effort...

Unbreakable Enterprise kernel security update

2.6.39-400.295.2 - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986995 CVE-2017-7895 2.6.39-400.295.1 - ocfs2/o2net: o2netlistendataready should do nothing if socket state is not TCPLISTEN Tariq Saeed Orabug: 25510857 - IB/CORE: sync the resouce access in fmrpool...

DEBIAN-CVE-2015-8626

The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 generates passwords smaller than $wgMinimalPasswordLength, which makes it easier for remote attackers to obtain access via a brute-force attack...

Profile Builder < 2.5.8 - Authenticated Stored Cross-Site Scripting (XSS)

Stored Cross-Site Scripting XSS in field minimum password length. history.pushState'', '', '/'...

Denial Of Service (DoS) Or Remote Code Execution (RCE)

libopus is vulnerable to remote code execution or denial of service attacks. The vulnerability exists because silk/NLSFstabilize.c does not properly validate the negative input when computing a minimum distance...