The Swift File Transfer mobile application for ios, blackberry and android suffers from cross site scripting and information disclosure vulnerabilities.

Edimax EW-7438RPn suffers from an information disclosure vulnerability.

File Explorer version 1.4 for iOS suffers from an information disclosure vulnerability.

rpc.pcnfsd suffers from a syslog related format string vulnerability. IBM AIX versions 6.1.0 and below, IRIX 6.5 and HP-UX versions 11.11, 11.23 and 11.31 are all affected.

Patch for the xine/gxine CD player that was found susceptible to a remote format string bug. The vulnerable code is found in the xine-lib library that both xine and gxine use. The vulnerable versions are at least xine-lib-0.9.13, 1.0, 1.0.1, 1.0.2 and 1.1.0.

A DLL side loading vulnerability was found in the BDA MPEG2 Transport Information Filter that ships with Windows Vista. This issue can be exploited by loading the filter as an embedded OLE object. When instantiating the object Windows will try to load the DLL ehTrace.dll from the current working directory. If an attacker convinces the user to open a specially crafted (Office) document from a directory also containing the attacker's DLL file, it is possible to execute arbitrary code with the privileges of the target user. This can potentially result in the attacker taking complete control of the affected system.

A low impact information disclosure vulnerability in the setuid root xlock binary distributed with Solaris may allow local users to read partial contents of sensitive files. Due to the fact that target files must be in a very specific format, exploitation of this flaw to escalate privileges in a realistic scenario is unlikely.

Various ESET products suffer from a malformed archive bypass vulnerability. The parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive Compression Information Field so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.

The parsing engine for various Bitdefender products supports the RAR archive format. The parsing engine can be bypassed by specifically manipulating an RAR Archive (HOST_OS) so that it can be accessed by an end-user but not the anti-virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.

The Bitdefender parsing engine supports the RAR archive format. The parsing engine can be bypassed by specifically manipulating an RAR Archive (Compressed Size) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating. All Bitdefender Products and Vendors that have licensed the Engine before Dec 12, 2019 are affected.

The Bitdefender parsing engine supports the RAR archive format. The parsing engine can be bypassed by specifically manipulating an RAR Archive (RAR Compression Information) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating. All Bitdefender Products and Vendors that have licensed the Engine before Dec 12, 2019 are affected.

The ESET parsing engine can be bypassed by specifically manipulating a ZIP Archive Compression Information Field so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.

The Kaspersky parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (File Name length Field) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.

The Bitdefender parsing engine supports the GZIP archive format. The parsing engine can be bypassed by specifically manipulating a GZIP Archive (Compression Method) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.

The QuickHeal parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (GPFLAG) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.

An issue exists where a malformed iMessage can brick an iPhone. A method in IMCore can throw an NSException due to a malformed message containing a property with key IMExtensionPayloadLocalizedDescriptionTextKey with a value that is not a NSString.

Research by fDi Intelligence reveals which countries receive more than their ‘expected share’ of FDI. 

A look at the results of fDi’s rankings throughout 2019 finds that Singapore and New York dominated the year’s league tables, followed by Shanghai, Tokyo and London

An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause an information disclosure, resulting in the exposure of confidential information, including, but not limited to, plaintext passwords and SNMP community strings. An attacker can make an authenticated HTTP request, or run the binary, to trigger this vulnerability.

An exploitable information disclosure vulnerability exists in the ACEManager template_load.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a information leak, resulting in the disclosure of internal paths and files. An attacker can make an authenticated HTTP request to trigger this vulnerability.

Kenya’s cabinet secretary for the national treasury and planning, Ukur Yatani, discusses the country’s agenda of fiscal reforms and the importance of constructing an east-west Africa highway.

Warsaw already offers a skilled workforce and has improved its infrastructure – now it must focus on climate change and reducing congestion, mayor Rafał Trzaskowski tells fDi.

Continued African development could hinge on public finance reforms.

Digitalisation is one of the biggest enablers of the global transition to clean energy. From intelligent asset management, to Artificial Intelligence and the Internet of Things. Find out how digitalisation is transforming the management, operation and maintenance of renewable energy assets, and driving a more efficient renewable world.

kWh Analytics, a leader in solar risk management, this week announced the first refinancing supported by the Solar Revenue Put. The portfolio of 41 projects, owned by AES, totaling approximately 28 MW DC of capacity is located in Arizona and Massachusetts. The portfolio is being funded by Silicon Valley Bank and a Japanese financial services company. Swiss Re Corporate Solutions, a leading global corporate insurer, is providing capacity for the Solar Revenue Put.

Energy advisory and certification body DNV GL has launched a new digital platform for renewable energy power purchase agreements.

This week, diversified real estate acquisition and development firm Commercial Development Company and transmission developer Anbaric said they plan to build a renewable energy center at Brayton Point Commerce Center in Somerset, Massachusetts. The site is the former home of the Brayton Point Coal Plant, the cooling towers for which were demolished two weeks ago. (video of demolition at the end of article at this link).

A recent report by the Energy Futures Initiative (EFI), established by former Energy Secretary Ernest Moniz, and the National Association of State Energy Officials confirms that the energy sector as a whole grew 2 percent last year, which is .3 percent more than the national job growth percentage of 1.7 percent.

US utility Dominion Energy has filed grid modernization plans with the Virginia State Corporation Commission.

Experts from Rocky Mountain Institute, the Advanced Energy Economy Institute and America’s Power Plan have released a new report that shows why new utility business models are key to the energy transition.

This week, diversified real estate acquisition and development firm Commercial Development Company and transmission developer Anbaric said they plan to build a renewable energy center at Brayton Point Commerce Center in Somerset, Massachusetts. The site is the former home of the Brayton Point Coal Plant, the cooling towers for which were demolished two weeks ago. (video of demolition at the end of article at this link).

Collection of articles related to hydropower technology

The latest news on global small hydroelectric facilities from November-December 2014

The top hydroelectric power news for December 2014

A problem with bearing cooling at the Lookout Shoals plant helped Duke Energy uncover several other issues that needed to be resolved. Through creative approaches and significant machining work, the units are now operating dependably.

One or two new runners for the units at the 355-MW Brazeau Power Station in Alberta, Canada, would allow owner TransAlta Corp. to better optimize revenue and provide valuable ancillary services. Modeling of the various upgrade options allowed the utility to arrive at the most valuable solution.

Collection of articles related to hydropower technology

The latest hydropower industry news from Canada

On Sept. 3, U.S. President Barack Obama and China's President, Xi Jinping, formally agreed to participation in the negotiated 2015 United Nations Climate Change Conference (COP 21) Paris Agreement, a global agreement on the reduction of climate change.
 

This week, diversified real estate acquisition and development firm Commercial Development Company and transmission developer Anbaric said they plan to build a renewable energy center at Brayton Point Commerce Center in Somerset, Massachusetts. The site is the former home of the Brayton Point Coal Plant, the cooling towers for which were demolished two weeks ago. (video of demolition at the end of article at this link).

The transmission industry enters 2014 with a lot of work ahead as it continues to recreate the grid and make it more renewable energy-ready.

For many years, and particularly since the Energy Policy Act of 2005, U.S. federal income tax policy has served a dual function as both tax and renewable energy policy. However, last month House Ways and Means Chairman David Camp (R-MI) released an expansive tax reform proposal in which a number of credits and deductions for renewable energy technology were recommended for repeal, effectively rewriting renewable energy policy by a proposed elimination of renewable energy from the federal tax code.

New York State is pushing its utility industry to shift away from a century-old business model into a system that can accommodate more power from solar and wind.