Все RSS новости

This year, AfricaCom becomes a virtual event as part of the new Virtual Africa Tech Festival – the largest and most influential tech and telecoms event on the continent. Canonical and Ubuntu will be joining as a Lead Stream Sponsor, introducing the  Digital Infrastructure Investment stream of sessions and exhibits with a speaker session by […]

As part of the effort to build a flexible, cloud-native ready infrastructure, phoenixNAP collaborated with Canonical on enabling nearly instant OS installation. Canonical’s MAAS (Metal-as-a-Service) solution allows for automated OS installation on phoenixNAP’s Bare Metal Cloud, making it possible to set up a server in less than two minutes.   Bare Metal Cloud is a cloud-native […]

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

RedTeam Pentesting discovered a vulnerability in the BigBlueButton web conferencing system version 2.2.25 that allows participants of a conference with permissions to upload presentations to read arbitrary files from the file system and perform server-side requests. This leads to administrative access to the BigBlueButton instance.

Ubuntu Security Notice 4596-1 - It was discovered that Tomcat did not properly manage HTTP/2 streams. An attacker could possibly use this to cause Tomcat to consume resources, resulting in a denial of service. It was discovered that Tomcat did not properly release the HTTP/1.1 processor after the upgrade to HTTP/2. An attacker could possibly use this to generate an OutOfMemoryException, resulting in a denial of service. Various other issues were also addressed.

Red Hat Security Advisory 2020-4295-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.

Bludit versions 3.9.2 and below bruteforce mitigation bypass exploit. Please visit the related homepage for deep dive details on usage.

Tiki Wiki CMS Groupware version 21.1 suffers from an authentication bypass vulnerability.

Libtaxii versions 1.1.117 and below and OpenTaxi versions 0.2.0 and below suffer from a server-side request forgery vulnerability.

Red Hat Security Advisory 2020-4264-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

Ubuntu Security Notice 4595-1 - It was discovered that Grunt did not properly load yaml files. An attacker could possibly use this to execute arbitrary code.

GOautodial version 4.0 suffers from a remote shell upload vulnerability.

Ubuntu Security Notice 4594-1 - It was discovered that Quassel incorrectly handled Qdatastream protocol. A remote attacker could possibly use this issue to execute arbitrary code. It was discovered that Quassel incorrectly handled certain login requests. A remote attacker could possibly use this issue to cause a denial of service.

School Faculty Scheduling System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

School Faculty Scheduling System version 1.0 suffers from a persistent cross site scripting vulnerability.

Red Hat Security Advisory 2020-4299-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include crlf injection, denial of service, and double free vulnerabilities.

Hrsale version 2.0.0 suffers from a local file inclusion vulnerability.