A vulnerability was found in the EC2 credentials API of Keystone, the OpenStack identity service: Any user authenticated within a limited scope (trust/oauth/application credential) could create an EC2 credential with an escalated permission, such as obtaining “admin” while
Archive for May 6th, 2020
Several vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in HTTP request smuggling, code execution in the AJP connector (disabled by default in Debian) or a man-in-the-middle attack against the JMX interface.
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure.
Whether you want to sell your idea to your leadership or want a more solidified project proposal backed by proof, we are going to equip you with the tools you need to improve your success. We’ll walk you through step by step what to do before you plan your proposal. You want to find the best way to devise a plan that will support your idea with hard data and approvals will be a breeze. …
OpenLDAP could be made to crash if it received specially crafted network traffic.
OpenLDAP could be made to crash if it received specially crafted network traffic.
The system could be made to expose sensitive information.
An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Several security issues were fixed in PHP.
An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
Next Level Ops Podcast: The Best Extensions for Your Website with Jan Loeffler
The post Next Level Ops Podcast: The Best Extensions for Your Website with Jan Loeffler appeared first on Plesk.
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
An update for firefox is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting (XSS) and Cross-Site Request Forgery (CSRF) attacks, create files on the server, disclose private information, create open
Several vulnerabilities were discovered in salt, a powerful remote execution manager, which could result in retrieve of user tokens from the salt master, execution of arbitrary commands on salt minions, arbitrary directory access to authenticated users or arbitrary code