LocalTapiola: Possibly big authorization problem in Lähitapiola´s varainhoito

Issue The reporter found a design flaw in a feature where pdf-reports are generated. Pdf-reports were generated using 19-digit random names and the names as well as the reports were persistent and accessible by all authenticated users. Fix Guessing a random 19-digit name was found to be almost...

IOS9. 3 may be implemented remotely make their phone becomes brick-vulnerability warning-the black bar safety net

The so-called“1 9 7 0 bricked”problem refers to the iPhone or iPad's time is set to the 1 9 7 0 years 1 month 1 day, and then shutdown again, the device is“bricked”, unable to start until the battery is drained. This year 2 month, Apple gave confirmed, saying that the system time manually setting...

Mathway - Math Problem Solver - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Mathway - Math Problem Solver published at the 'play' market has multiple vulnerabilities...

Error: "Cannot start app 'App/Desktop Name'" on StoreFront 3.5

After successfully upgrading to StoreFront 3.5, users are unable to launch applications or desktops with the following error: Cannot start app "App/Desktop Name"...

XenMobile Does Not Recognize Licenses Installed on a Remote License Server

XenMobile does not recognize licenses installed on a remote license server. The ZDM.log file shows that cached license has expired and XenMobile temporary license expires after 30 days. Telnet from XenMobile server to licensing server over 7279 fails and netstat on licensing server shows that the...

Error: "Cannot Complete Your Request" When Connecting to StoreFront

The following error is displayed when connecting to StoreFront: Cannot Complete Your Request New Experience Classic Experience...

How to Crack GCHQ Crypto Puzzle? — Here's the Solution

GCHQ has finally released the solution to their head spinning Xmas Puzzle, after all, the participants failed to reach the final answer. GCHQ had released a crypto puzzle, dubbed Xmas Puzzle, on 9th December in the form of a Christmas Card that went viral online soon after its release. Nearly...

Security update for Java7 (important)

Update OpenJDK to 7u95 / IcedTea 2.6.4 including the following fixes: Security fixes - S8059054, CVE-2016-0402: Better URL processing - S8130710, CVE-2016-0448: Better attributes processing - S8132210: Reinforce JMX collector internals - S8132988: Better printing dialogues - S8133962,...

CVE-2016-0610

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and MariaDB before 10.0.22 and 10.1.x before 10.1.9 allows remote authenticated users to affect availability via unknown vectors related to InnoDB...

APNs Communication Fails

Device APNS communication fails. The following error is reported: INFO com.sparus.nps.ios.push.ApnsHandler - Not using APNS connection pool WARN com.sparus.nps.ios.push.ApnsHandler - Sending message to APNS failed...

NetScaler Gateway Stuck at /cgi/login for a User of a Particular Group

After NetScaler Gateway authentication, logon page gets stuck at /cgi/login for a user of a particular group. Users of other groups have no issue...

Customer can see Internal Comment created by Automation Action

h5. Environment - run JIRA from atlas-debug - JIRA 7.0.5 - JIRA Service Desk 3.0.5 h5. Steps to reproduce Create Service Desk project go to Administration - Automation tab click New rule - Custom rule add Trigger Issue Created add Action Add comment put some Comment text and select Internal as...

Screensaver Not Working in XenDesktop

Screensaver not starting on Virtual Desktop - Desktop OS VDA...

FreeBSD : libvirt -- ACL bypass using ../ to access beyond storage pool (f714b4c9-a6c1-11e5-88d7-047d7b492d07)

Libvit development team reports : Various virStorageVol API operate on user-supplied volume names by concatenating the volume name to the pool location. Note that the virStoragePoolListVolumes API, when used on a storage pool backed by a directory in a file system, will only list volumes...

autofs security, bug fix and enhancement update

5.0.7-54.0.1 - add autofs-5.0.5-lookup-mounts.patch Orabug:12658280 Bert Barbe 1:5.0.7-54 - bz1263508 - Heavy program map usage can lead to a hang - fix out of order call in program map lookup. - Resolves: rhbz1263508 1:5.0.7-53 - bz1238573 - RFE: autofs MAPHASHTABLESIZE description - update...

Configuration Wizard Crashes after PVS Upgrade from Version 6.1 to 7.6

Configuration Wizard crashes after PVS upgrade from version 6.1 to 7.6...

Microsoft .NET Information Disclosure (MS15-118: CVE-2015-6096)

An information disclosure vulnerability exists in Microsoft .NET Framework. The specific vulnerability involves DTD problem in the underlying calls to XmlParser. An attacker who successfully exploited this vulnerability could gain read access to local files on the target system...

Unable to Disable Workspace Control on StoreFront and XenApp 7.6

Unable to disable workspace control on StoreFront and XenApp 7.6.New apps launched from other devices are pulling the session from the previous sessions and instead of creating a new session.After disabling workspacecontrol on StoreFront is still enabled...

Cannot Reconnect to a Disconnected Session from a Wyse Client

If by any chance any sessions gets disconnected then while trying to reconnect to that session via Wyse terminals the desktop launches properly and the session remains active for only 10-15 sec and then disconnects automatically and this behavior continues. Everything works fine from the FAT...

SUSE: Security Advisory for krb5 (SUSE-SU-2014:1028-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...