438 matches found
Product update: Virtuozzo Infrastructure Platform 2.5 Update 2 (2.5.0-1600)
This update provides a stability and usability fix. Vulnerability id: VSTOR-20151 Some storage cluster archives may become unavailable after upgrade to version 2.5...
Product update: Virtuozzo Infrastructure Platform 2.5 Update 1 (2.5.0-1599)
This update provides stability and usability fixes. Vulnerability id: VSTOR-19695, VSTOR-19857 Improved automatic firewall rules configuration. Vulnerability id: VSTOR-19909 Unable to register Backup Gateway in Acronis Backup Advanced with an IP address...
Artifex MuPDF Code Issue Vulnerability
Artifex MuPDF is a free, lightweight PDF reader from Artifex Software. A security vulnerability exists in the 'fzloadpage' function in the fitz/document.c file in Artifex MuPDF version 1.14.0. An attacker could exploit this vulnerability to cause an impact on usability...
Troy Hunt on Passwords
Troy Hunt has a good essay about why passwords are here to stay, despite all their security problems: This is why passwords aren't going anywhere in the foreseeable future and why insert thing here isn't going to kill them. No amount of focusing on how bad passwords are or how many accounts have...
Artifex MuPDF Buffer Overflow Vulnerability
Artifex MuPDF is a free, lightweight PDF reader from Artifex Software. A buffer overflow vulnerability exists in the 'fzrunt3glyph' function in the fitz/font.c file in Artifex MuPDF version 1.14.0. An attacker can exploit this vulnerability to cause an impact on usability...
Good Primer on Two-Factor Authentication Security
Stuart Schechter published a good primer on the security issues surrounding two-factor authentication. While it's often an important security measure, it's not a panacea. Stuart discusses the usability and security issues that you have to think about before deploying the system...
Updated godot packages fix security vulnerability
Updated godot packages fix security vulnerability Fabio Alessandrelli found and fixed several security vulnerabilities in the marshalling code of Godot Engine, which could be used by a remote Godot client to cause a Denial of Service for a Godot server. This update to Godot 2.1.5 fixes it, as wel...
MGASA-2018-0333 Updated godot packages fix security vulnerability
Updated godot packages fix security vulnerability Fabio Alessandrelli found and fixed several security vulnerabilities in the marshalling code of Godot Engine, which could be used by a remote Godot client to cause a Denial of Service for a Godot server. This update to Godot 2.1.5 fixes it, as wel...
Qualys Cloud Platform (VM, SCA, PC) 8.15 New Features
This new release of the Qualys Cloud Platform VM, SCA, PC, version 8.15, includes several new improvements across the VM, PC, and SCA Apps including new IPv6 configuration options for the scanner, improvements to several VM reports including ability to display EC2 metadata, a new Policy Complianc...
Product update: Virtuozzo 7.0 Update 8 (7.0.8-486)
The Update 8 for Virtuozzo 7.0 provides new features as well as stability and usability bug fixes. Vulnerability id: PSBM-75892 Node could crash with error in 'memcgroupiter'. Vulnerability id: PSBM-78762 Container running a Java process could fail to migrate live due to a CRUI issue. Vulnerabili...
March-April 2018 test results: More insights into industry AV tests
In a previous post, in the spirit of our commitment to delivering industry-leading protection, customer choice, and transparency on the quality of our solutions, we shared insights and context into the results of AV-TESTs January-February 2018 test cycle. We released a transparency report to help...
One-Lin3r v1.1 - Gives You One-Liners That Aids In Penetration Testing Operations
One-Lin3r is simple and light-weight framework inspired by the web-delivery module in Metasploit. It consists of various one-liners that aids in penetration testing operations: Reverser : Give it IP & port and it returns a reverse shell liner ready for copy & paste. Dropper : Give it an...
AV-TEST’s April 2018 Windows Home User Test Report Shows 100% Protection Result and Top Product Award for Trend Micro Internet Security
Maintaining its Top Product protection rating, Trend Micro Internet Security 12.0 2018 continues to show 100% Protection results in tests conducted by the internationally respected testing lab AV-TEST.org. In its Mar-Apr 2018 test of 18 endpoint security products on Windows 10, the latest release...
CVE-2016-10527
The riot-compiler project (version 2.3.21) contains a regex vulnerability causing a regular expression denial of service (catastrophic backtracking) under certain inputs. This affects riot-compiler’s ability to process some patterns efficiently, potentially impacting availability. The issue is do...
Product update: Virtuozzo 7.0 Update 7 Hotfix 1 (7.0.7-445)
The Hotfix 1 for Virtuozzo 7.0 Update 7 provides stability and usability bug fixes. Vulnerability id: PSBM-82558 Container migration could sometimes fail due to a CRIU issue. Vulnerability id: PSBM-82711 'prlctl qemu-update' could fail due to unnamed dirty bitmaps. This could result in backups no...
Open Source Static Code Analyser: StaCoAn
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications. This tool will look for interesting lines in the code which can contain: Hardcoded credentials API keys URL’s of API’s Decryption keys Major coding...
Important product update: Fixes for Meltdown and Spectre exploits in virtual machines; Virtuozzo 6.0 Update 12 Hotfix 21 (6.0.12-3698)
Hotfix 21 for Virtuozzo 6.0 Update 12 provides fixes for Meltdown and Spectre exploits in virtual machines as well as stability and usability bug fixes. NOTE: For clusters with CPU pools, follow the instructions at https://help.virtuozzo.com/customer/en/portal/articles/2919459. Vulnerability id:...
Product update: Virtuozzo Automator 7.0 Update 2 Hotfix 4 (VA MN: 7.0.2-545, VA Agent: 7.0.2-278)
This hotfix for Virtuozzo Automator 7.0.2 provides new features as well as stability and usability bug fixes. Vulnerability id: PVA-35054 VM could not be shown in the Control Center. Vulnerability id: PVA-37072 XML API returned empty list of VM templates after restart of the prl-disp service...
Product update: Virtuozzo 7.0 Update 6 Hotfix 2 (7.0.6-695)
The Hotfix 2 for Virtuozzo 7.0 Update 6 provides a new feature as well as stability and usability bug fixes. Vulnerability id: PSBM-65549 Resource alerts could be shown in Virtuozzo Automator for Windows VMs with enough resources. Vulnerability id: PSBM-78460 Container live migration could fail d...
December 12, 2017—KB4053580 (OS Build 15063.786)
December 12, 2017—KB4053580 OS Build 15063.786 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Updates Internet Explorer’s default visibility for the button that launches Microsoft Edge...