Get Started

Knowledge Base

OSSpedia
Data Management and Analytics 6 Jun 2025 NebulaGraph: Unlocking the Power of Graph Databases for Complex Data Relationships Data AnalyticsNEB
Data Management and Analytics 6 Jun 2025 ClickHouse: A High-Performance Open-Source Database for Real-Time Analytics Data AnalyticsCLI
Infrastructure and Network 30 May 2025 Empowering Secure Remote Device Management with MeshCentral: Self-Hosted, Scalable, and Privacy-First Control Networking
DevOps 16 May 2025 PocketBase: A Lightweight Backend in Your Pocket Developer ToolsPOC
DevOps 16 May 2025 Filestash: A Modern, User-Friendly Interface for Managing All Your Files Developer ToolsFIL
Data Management and Analytics 16 May 2025 Apache Solr: Powering the World’s Most Demanding Search Applications Data AnalyticsAPA
More articles
Articles
3 May 2025 Securing Open-Source Applications with Hossted: Proven Strategies for Maximum Protection

Open-source software solutions are at the heart of innovation, offering businesses customizable, flexible, and cost-effective alternatives. As companies continue shifting towards cloud-based environments for application deployment, ensuring the security of these solutions has become more critical than ever. Hossted provides a comprehensive framework to safeguard open-source applications, addressing security, high availability, and ongoing support challenges. […]

 Knowledge BaseArticles
8 Jan 2025 Efficient Deployment and Management with Hossted VM Solutions

Why Choose the Hossted Instant Deployment Solution? Enterprises that rely on open-source applications often struggle with deployment, maintenance, and support, leading to operational complexity and resource-intensive management. Hossted solves these challenges by offering an instant deployment virtual machine with built-in self-monitoring, AI-powered insights, and enterprise-grade support. With Hossted Instant Deployment Solution, IT and DevOps teams […]

 Knowledge BaseArticles
25 Jan 2024 The Future of Open Source Software Management: Why Hossted is the Answer

In today’s digital age, open-source software (OSS) has become the backbone of many technological infrastructures. From startups to Fortune 500 companies, everyone is leveraging the power of open-source technologies. The reasons are clear: OSS offers flexibility, transparency, and a collaborative approach to software development. However, as with all good things, there are challenges that come […]

 Articles
27 Dec 2023 Hardened Images: Part 2: What exactly does that mean, and how does it work?

Ambiguity IT managers today are developing a soft spot for hardened images. The prospect of strengthening software images against continuously emerging vulnerabilities and cyber threats is an attractive one. We discussed in part one of this topic, the growing need for the hardening process in order to combat security threats to today’s companies. There’s just one question: […]

 Articles
27 Dec 2023 Hardened Images: Part 1: Why exactly are they needed?

Docker container images contain the code, runtime, system tools, system libraries and settings needed to run an application. According to the developer delivery platform, Section.io, Docker’s microservices architecture, its compatibility and cost effectiveness are among the reasons why Docker has become “the most wanted technology,” and has become “massively popular.” Ensuring the integrity of Docker […]

 Articles
26 Dec 2023 Shedding Light on the Darker Side of Open Source

Nobody wants to hear about the shortcomings of the hero, the champion, the savior of the story. It puts a real damper on the euphoria and the buzz generated by this spellbinding person of the hour. In many ways, open source software is the darling of the IT world. Crowds of fans tout the dramatic […]

 Articles
More articles
How To
8 May 2025 How to Deploy Hossted VM App on GCP How To
10 Jan 2025 How to configure a domain for Hossted VM application How To
22 Oct 2024 How to authorise through AWS Identity and Access Management (IAM) How To
17 Oct 2024 How to Deploy Hossted Kubernetes App on AWS How To
7 Oct 2024 How to Deploy Hossted Kubernetes App on Azure Marketplace How To
20 Dec 2023 Microservices development and CI-CD with dockers and git-submodules — GS3D How To
More articles
Newsflash
11 Jun 2025 Data Management and Analytics
GeoServer: REST API Access Control Bypass via File Extension in REST Path

In GeoServer versions prior to 2.26.3 and 2.25.6 a medium severity vulnerability CVE-2025-27505 was detected. This vulnerability allows attackers to bypass REST API access controls by appending file extensions (e.g., `.html`) to the `/rest` path, potentially disclosing information about installed extensions. To address this issue, users should upgrade GeoServer to versions 2.26.3 or 2.25.6. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-27505.

 Read more Database
11 Jun 2025 Data Management and Analytics
GeoServer: Unrestricted File Upload via Coverage REST API URL Method

In GeoServer versions prior to 2.26.0 a medium severity vulnerability CVE-2024-40625 was detected. This vulnerability allows attackers to upload arbitrary files via the Coverage REST API endpoint `/workspaces/{workspaceName}/coveragestores/{storeName}/url.{format}` by abusing the `url` method without proper restrictions. To address this issue, users should upgrade GeoServer to versions 2.26.0. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-40625.

 Read more Database
11 Jun 2025 Data Management and Analytics
GeoServer: Information Disclosure via Unrestricted Access to GeoWebCache Front Page

In GeoServer versions prior to 2.26.2 and 2.25.6 a medium severity vulnerability CVE-2024-38524 was detected. This vulnerability allows users to access potentially sensitive information via the `GeoWebCacheDispatcher.handleFrontPage` method, as there is no default mechanism to hide storage locations unless a specific system property is manually configured. To address this issue, users should upgrade GeoServer to versions 2.26.2 or 2.25.6. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-38524.

 Read more Database
11 Jun 2025 Data Management and Analytics
GeoServer: XML External Entity Injection via Schema Parsing in GeoTools Library

In GeoServer versions prior to 2.27.1, 2.26.3 and 2.25.7 a critical severity vulnerability CVE-2025-30220 was detected. This vulnerability allows attackers to exploit XML External Entity (XXE) injection due to improper use of the EntityResolver in the GeoTools Schema class, affecting XML parsing when external schemas are referenced. To address this issue, users should upgrade GeoServer to versions 2.27.1, 2.26.3 or 2.25.7. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-30220.

 Read more Database
11 Jun 2025 Data Management and Analytics
GeoServer: Denial of Service via Malicious Jiffle Scripts in WMS and WPS

In GeoServer versions prior to 2.27.0, 2.26.3 and 2.25.7 a high severity vulnerability CVE-2025-30145 was detected. This vulnerability allows attackers to execute malicious Jiffle scripts as rendering transformations in WMS dynamic styles or WPS processes, potentially triggering an infinite loop and causing denial of service. To address this issue, users should upgrade GeoServer to versions 2.27.0, 2.26.3 or 2.25.7. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-30145.

 Read more Database
10 Jun 2025 Communication and Collaboration
Discourse: Denial of Service via Malicious URL in Private Message

In Discourse versions prior to 3.4.4 (stable branch), 3.5.0.beta5 (beta branch) and 3.5.0.beta6-dev (tests-passed branch) a high severity vulnerability CVE-2025-48053 was detected. This vulnerability allows attackers to reduce the availability of a Discourse instance by sending a malicious URL in a private message to a bot user. To address this issue, users should upgrade Discourse to versions 3.4.4 (stable branch), 3.5.0.beta5 (beta branch) or 3.5.0.beta6-dev (tests-passed branch). For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-48053.

 Read more Communication
More articles
Case Studies
2 Jun 2025 Implementing SSL and High Availability in a Multi-Node OpenSearch Cluster

Problem: A financial services client encountered critical SSL-related errors while deploying a two-node OpenSearch 1.3.6 cluster for high availability. Despite both nodes appearing operational, accessing indices or interacting with the cluster through a Java application resulted in errors such as: SSLHandshakeException: Insufficient buffer remaining for AEAD cipher fragment IBMCertPathBuilderException: unable to find valid certification path […]

 Data Analytics
30 May 2025 Troubleshooting and Securing Access to Cassandra from SRE and EC2 Nodes

Problem: The client was operating a 5-node Apache Cassandra cluster (version 4.1.5) and needed to establish secure access to the database from both an SRE server and an EC2 server. While basic connectivity (e.g., telnet) between the source and Cassandra target nodes was verified, direct access to Cassandra using cqlsh was unsuccessful. The client sought […]

 Database
28 May 2025 Renaming a Kubernetes Control-Plane Node in a Production Cluster

Problem: A telecommunications customer operating a production Kubernetes cluster deployed via Kubespray encountered an infrastructure challenge. One of their original control-plane nodes (kz-bss-k8om01) had previously failed and was replaced with a new node named kz-bss-k8om04. Later, the client requested to rename this node back to its original FQDN (kz-bss-k8om01) and ideally retain the original IP […]

 Developer Tools
26 May 2025 Resolving Cassandra Backup Failures Due to Priam Incompatibility

Problem: The client encountered a failure while attempting to run a Cassandra backup using Commvault on their QAT cluster. The backup process failed with a 500 HTTP error originating from the local Priam REST endpoint: HTTP ERROR 500 Problem accessing /REST/v1/cassadmin/info. Reason: Commvault support traced the issue to the Priam service and advised the client […]

 Database
23 May 2025 Optimizing Nodetool Cleanup Performance in a Large-Scale Apache Cassandra 4.1.5 Cluster During Node Addition

Problem: The client faced performance challenges while running nodetool cleanup on an Apache Cassandra 4.1.5 cluster during a node addition activity in a production environment. Specifically, the cleanup process was taking an unexpectedly long time on nodes with over 600GiB of data load, raising concerns about the overall timeline and impact on production workflows. The […]

 Database
23 May 2025 Optimizing Apache Cassandra Repair: Reducing CPU Utilization from 90% to 30%

Problem: The client reported high CPU utilization (up to 90%) across all nodes in their 3-node Apache Cassandra 4.1.3 cluster during full or incremental repair operations initiated from any single node. Despite relatively low data volumes (~25 GB per node), the CPU spike raised concerns about system performance, stability, and potential downtime during repairs. Process: […]

 Database
More articles