CVE-2022-43513

A vulnerability has been identified in Automation License Manager V5 All versions, Automation License Manager V6 All versions V6.0 SP9 Upd4, TeleControl Server Basic V3 All versions V3.1.2. The affected components allow to rename license files with user chosen input without authentication. This...

Black Hat 2019: Security's Powerful Cultural Transformation

LAS VEGAS — “Start with yes.'” That’s the advice to security teams from Dino Dai Zovi, mobile security lead at Square, giving the keynote on Wednesday at the 23rd annual Black Hat conference in Las Vegas. Taking as a first principle the idea that security teams now have the ear of company boards...

Apache Commons Compress和Apache Ant拒绝服务漏洞

BUGTRAQ ID: 53676 CVE ID: CVE-2012-2098 Apache Commons Compress库定义了一个API，可处理ar、cpio、Unix dump、tar、zip、gzip、XZ、Pack200、bzip2文件。Apache Ant，是一个将软件编译、测试、部署等步骤联系在一起加以自动化的一个工具，大多用于Java环境中的软件开发。 Apache Commons Compress 1.4.1之前版本在使用bzip2压缩文件时存在安全漏洞，可通过发送到BZip2CompressorOutputStream类的特制文件利用此漏洞消耗系统资源，造成拒绝服...