Open source продукты стали жизнеспособной альтернативой проприетарным решениям, покинувшим рынок. Однако российским организациям еще предстоит сформировать компетенции для того, чтобы перейти от операционного «латания дыр» к стратегическому использованию технологий с открытым…
This month, vulners collected Google’s open-source OSS-Fuzz data. OSS-Fuzz is a great tool for fuzz testing your projects to uncover different kinds of programming errors in software. “OSS-Fuzz provides ‘fuzzing as a service’ for open source projects” https://opensource.google/projects/oss-fuzz It’s amazing that this data is now available both for easy visual searching and via the Vulners … Continue reading OSS-Fuzz data in Vulners →
Vulnerability in the OSS Support Tools product of Oracle Support Tools (component: Oracle Explorer). The supported version that is affected is 18.3. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where OSS Support Tools executes to compromise OSS Support Tools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in OSS Support Tools, attacks may significantly impact additional products (scope…
Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). The supported version that is affected is Prior to 2.11.33. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise OSS Support Tools. Successful attacks of this vulnerability can result in takeover of OSS Support Tools. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector:…