CVE-2020-4957
IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information in URL parameters that could aid in future attacks against the system. IBM X-Force...
Google to launch repository service with security-tested versions of open-source software packages
Developers across the enterprise space are concerned about the security of the open-source software supply chain which they heavily depend on for their application development....
USN-5423-2: ClamAV vulnerabilities
USN-5423-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Michał Dardas discovered...
USN-5425-1: PCRE vulnerabilities
Yunho Kim discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE...
US Government Warns Firms to Avoid Hiring North Korean IT Workers
North Korean IT workers are attempting to generate revenue for DPRK and conduct cyber intrusions Read More
Mind the (Communication) Gap: How Security Leaders Can Become Dev and Ops Whisperers
Developers, Ops and DevOps teams must incorporate security into their processes – often a hard sell. Here’s how security leaders can successfully align with them...
Terrascan Joins the Nessus Community, Enabling Nessus To Validate Modern Cloud Infrastructures
The addition of Terrascan to the Nessus family of products helps users better secure cloud native infrastructure by identifying misconfigurations, security weaknesses, and policy violations...
vim-8.2.4969-1.fc35
FEDORA-2022-2078cfb52d Packages in this update: vim-8.2.4969-1.fc35 Update description: The newest upstream commit Security fix for CVE-2022-1674 Read More
vim-8.2.4969-1.fc36
FEDORA-2022-d20b51de9c Packages in this update: vim-8.2.4969-1.fc36 Update description: The newest upstream commit Security fix for CVE-2022-1674 Read More
USN-5424-1: OpenLDAP vulnerability
It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this...
