openSUSE Security Update : claws-mail (openSUSE-2020-1139)

This update for claws-mail fixes the following issues : - Update to 3.17.6 : - It is now possible to 'Inherit Folder properties and processing rules from parent folder' when creating new folders with the move message and copy message dialogues. - A Phishing warning is now shown when copying a...

VulnCheck KEV: CVE-2019-6109

An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server or Man-in-The-Middle attacker can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This...

Converting MBOX to Outlook Easily

Mail transfer is a common search query. Most commonly, users may migrate due to personal preferences, corporate policies, or support issues. Systems based on the MBOX format are tricky: you may easily export the files, but direct import to Outlook is impossible. That is unless you use the right...

EulerOS 2.0 SP2 : openssh (EulerOS-SA-2020-1657)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target...

openSUSE Security Update : axel (openSUSE-2020-778)

This update for axel fixes the following issues : axel was updated to 2.17.8 : - CVE-2020-13614: SSL Certificate Hostnames were not verified boo1172159 - Replaced progressbar line clearing with terminal control sequence - Fixed parsing of Content-Disposition HTTP header - Fixed User-Agent HTTP...

Security update for axel (moderate)

openSUSE Security Update: Security update for axel Announcement ID: openSUSE-SU-2020:0778-1 Rating: moderate References: 1172159 Cross-References: CVE-2020-13614 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for axel fixes...

OPENSUSE-SU-2020:0778-1 Security update for axel

This update for axel fixes the following issues: axel was updated to 2.17.8: CVE-2020-13614: SSL Certificate Hostnames were not verified boo1172159 Replaced progressbar line clearing with terminal control sequence Fixed parsing of Content-Disposition HTTP header Fixed User-Agent HTTP header never...

Google Chrome Security Update (stable-channel-update-for-desktop-2020-06) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Stable Channel Update for Desktop

The stable channel has been updated to 83.0.4103.97 for Windows, Mac, and Linux, which will roll out over the coming days/weeks. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictio...

Bing-Ip2Hosts - Bingip2Hosts Is A Bing.com Web Scraper That Discovers Websites By IP Address

Bing-ip2hosts is a Bing.com web scraper to discover hostnames by IP address. Description Bing-ip2hosts is a Bing.com web scraper that discovers hostnames by IP address. Bing is the flagship Microsoft search engine formerly known as MSN Search and Live Search. It provides a feature unique to searc...

[SECURITY] Fedora 32 Update: condor-8.8.8-1.fc32

HTCondor is a workload management system for high-throughput and high-performance jobs. Like other full-featured batch systems, HTCondor provides a job queuing mechanism, scheduling policy, priority scheme, resource monitoring, and resource management. Users submit their serial or parallel jobs t...

CVE-2020-12677

An issue was discovered in Progress MOVEit Automation Web Admin. A Web Admin application endpoint failed to adequately sanitize malicious input, which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS. This affects 2018 - 2018.0 prior to 2018.0.3, 20...

Design/Logic Flaw

An issue was discovered in Progress MOVEit Automation Web Admin. A Web Admin application endpoint failed to adequately sanitize malicious input, which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS. This affects 2018 - 2018.0 prior to 2018.0.3, 20...

CVE-2020-12677

An issue was discovered in Progress MOVEit Automation Web Admin. A Web Admin application endpoint failed to adequately sanitize malicious input, which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS. This affects 2018 - 2018.0 prior to 2018.0.3, 20...

CVE-2020-12677

CVE-2020-12677 affects Progress MOVEit Automation Web Admin. An endpoint fails to sanitize input, enabling XSS that could let an unauthenticated attacker execute arbitrary code in a victim’s browser. Affected versions include 2018.0 before 2018.0.3; 2018 SP1–SP2 before 2018.2.3–2018.3.7; 2019.0 b...

Blue Mockingbird Monero-Mining Campaign Exploits Web Apps

A Monero cryptocurrency-mining campaign has emerged that exploits a known vulnerability in public-facing web applications built on the ASP.NET open-source web framework. The campaign has been dubbed Blue Mockingbird by the analysts at Red Canary that discovered the activity. Research uncovered th...

Why Organizations Need to Simplify Cybersecurity

The emergent adoption of cloud services helps organizations drive agility, differentiation, and progress. But like with any technological progress, the cyber risks attached grow right alongside it. This exemplifies that the need for IT leaders to adopt a more holistic, simpler way to manage...

comune.prezza.aq.it Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1151172 Security Researcher Gh05tPT Helped patch 6892 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting comune.prezza.aq.it...

The DoD Isn't Fixing Its Security Problems

It has produced several reports outlining what's wrong and what needs to be fixed. It's not fixing them: GAO looked at three DoD-designed initiatives to see whether the Pentagon is following through on its own goals. In a majority of cases, DoD has not completed the cybersecurity training and...

Security Bulletin: Vulnerability in SSLv3 affects IBM SPSS Data Access Pack (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 can be configured for the IBM SPSS Data Access Pack. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain...