четвъртък, 30 април 2020 г.

Weekly Update: New diabetes clinical trial (11 items)


New diabetes clinical trial: Diabetes Type 2 in the Eastern Region of Morocco

Published on: February 24, 2020 at 07:00PM
Conditions:   Quality of Life;   Diabetes Mellitus, Type 2;   Adherence, Medication;   Diet Habit
Intervention:  
Sponsors:   Universiteit Antwerpen;   Artesis Plantijn University College, Antwerp;   Université Mohammed Premier, Oujda;   Vliruos
Recruiting
https://clinicaltrials.gov/ct2/show/NCT04281069?term=diabetes&sfpd_d=14 February 24, 2020 at 03:52PM

via ClinicalTrials.gov


New diabetes clinical trial: Resilience-Based Diabetes Self-Management Education (RB-DSME) for African Americans

Published on: February 24, 2020 at 07:00PM
Condition:   Type 2 Diabetes
Interventions:   Behavioral: Resilience-Based Diabetes Self-Management Education;   Behavioral: Standard Diabetes Self-Management Education
Sponsors:   University of Texas at Austin;   University of Colorado, Aurora
Recruiting
https://clinicaltrials.gov/ct2/show/NCT04282395?term=diabetes&sfpd_d=14 February 24, 2020 at 03:52PM

via ClinicalTrials.gov


New diabetes clinical trial: Prolonged Fasting on Glucose Metabolism and Hormonal Regulation in Healthy, Obese and Subjects With Type 2 Diabetes

Published on: February 25, 2020 at 07:00PM
Conditions:   Healthy;   Obesity;   Type 2 Diabetes Mellitus;   Type 1 Diabetes
Interventions:   Behavioral: 12h fasting;   Behavioral: 36h fasting
Sponsor:   Medical University of Graz
Recruiting
https://clinicaltrials.gov/ct2/show/NCT04283318?term=diabetes&sfpd_d=14 February 25, 2020 at 02:52PM

via ClinicalTrials.gov


New diabetes clinical trial: Type 2 Diabetes Mellitus Prevention Ukraine

Published on: February 25, 2020 at 07:00PM
Condition:   Evaluation of Lifestyle Modification for the Prevention of Type 2 Diabetes
Intervention:   Other: Lifestyle modification
Sponsor:   Komisarenko Institute of Endocrinology and Metobolism
Active, not recruiting
https://clinicaltrials.gov/ct2/show/NCT04283201?term=diabetes&sfpd_d=14 February 25, 2020 at 02:52PM

via ClinicalTrials.gov


New diabetes clinical trial: Specified Drug-Use Survey of Trelagliptin Tablets "Survey on Long-term Use in Type 2 Diabetes Mellitus Patients With Severe Renal Impairment or End-stage Renal Disease"

Published on: February 26, 2020 at 07:00PM
Condition:   Type 2 Diabetes Mellitus
Intervention:   Drug: Trelagliptin
Sponsor:   Takeda
Not yet recruiting
https://clinicaltrials.gov/ct2/show/NCT04285983?term=diabetes&sfpd_d=14 February 26, 2020 at 03:52PM

via ClinicalTrials.gov


New diabetes clinical trial: Surgical TreAtment for Obesity Related Disease and Onco-Metabolic Surgery

Published on: February 26, 2020 at 07:00PM
Conditions:   Gastric Cancer;   Diabetes Mellitus, Type 2
Interventions:   Procedure: Long limb Roux-en-Y reconstruction after subtotal gastrectomy;   Procedure: Conventional Roux-en-Y reconstruction after subtotal gastrectomy;   Procedure: Billroth II reconstruction after subtotal gastrectomy
Sponsors:   Korea University Anam Hospital;   Guangdong Provincial People's Hospital;   First Hospital of Jilin University;   Shanghai Jiao Tong University School of Medicine;   Guangdong Provincial Hospital of Traditional Chinese Medicine;   Korea University
Recruiting
https://clinicaltrials.gov/ct2/show/NCT04284943?term=diabetes&sfpd_d=14 February 26, 2020 at 03:52PM

via ClinicalTrials.gov


New diabetes clinical trial: SUSTAIN SWITCH: A Research Study to Compare Two Dose Schedules of Semaglutide Taken Once Weekly in People With Type 2 Diabetes

Published on: February 27, 2020 at 07:00PM
Condition:   Diabetes Mellitus, Type 2
Intervention:   Drug: Semaglutide
Sponsor:   Novo Nordisk A/S
Not yet recruiting
https://clinicaltrials.gov/ct2/show/NCT04287179?term=diabetes&sfpd_d=14 February 27, 2020 at 04:59PM

via ClinicalTrials.gov


New diabetes clinical trial: Response of Gut Microbiota in Type 2 Diabetes to Hypoglycemic Agents

Published on: February 27, 2020 at 07:00PM
Condition:   Type2 Diabetes Mellitus
Interventions:   Drug: Glucophage 500Mg Tablet;   Drug: Acarbose Tablets;   Drug: Sitagliptin tablet;   Drug: Dapagliflozin Tablet;   Drug: Pioglitazone Tablets;   Drug: Glimepiride Tablets
Sponsors:   Peking Union Medical College Hospital;   Chinese Academy of Sciences
Not yet recruiting
https://clinicaltrials.gov/ct2/show/NCT04287387?term=diabetes&sfpd_d=14 February 27, 2020 at 04:59PM

via ClinicalTrials.gov


New diabetes clinical trial: Patient Activation Through Community Empowerment/Engagement for Diabetes Management (PACE-D)

Published on: February 28, 2020 at 07:00PM
Conditions:   Diabetes Mellitus;   Chronic Disease;   Patient Care Planning;   Patient Participation;   Self Care;   Empowerment
Interventions:   Other: Intervention Group;   Other: Control Group
Sponsors:   National University Health System, Singapore;   National University Hospital, Singapore;   National University, Singapore
Recruiting
https://clinicaltrials.gov/ct2/show/NCT04288362?term=diabetes&sfpd_d=14 February 28, 2020 at 02:59PM

via ClinicalTrials.gov


New diabetes clinical trial: Skeletal Fragility in Type 1 Diabetes: Glycemic Control and Bone Strength

Published on: February 28, 2020 at 07:00PM
Condition:   Type1diabetes
Intervention:  
Sponsor:   Columbia University
Active, not recruiting
https://clinicaltrials.gov/ct2/show/NCT04289727?term=diabetes&sfpd_d=14 February 28, 2020 at 02:59PM

via ClinicalTrials.gov


New diabetes clinical trial: The Effectiveness of "CARE Coaching Model" as an Effort to Empower Type 2 Diabetes Mellitus Patients

Published on: February 28, 2020 at 07:00PM
Condition:   Diabetes Type 2
Intervention:   Other: Health Coaching
Sponsor:   Indonesia University
Active, not recruiting
https://clinicaltrials.gov/ct2/show/NCT04289818?term=diabetes&sfpd_d=14 February 28, 2020 at 02:59PM

via ClinicalTrials.gov


Weekly Update: a new vulnerability is published on the National Vulnerability Database (28 items)


New vulnerabilities from the NVD: CVE-2012-0785

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."
Published at: February 24, 2020 at 07:15PM
View on website

February 24, 2020 at 10:04PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2015-0565

NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.
Published at: February 25, 2020 at 10:15PM
View on website

February 26, 2020 at 12:04AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17032

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: February 26, 2020 at 07:15PM
View on website

February 26, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17031

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: February 26, 2020 at 07:15PM
View on website

February 26, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17030

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: February 26, 2020 at 07:15PM
View on website

February 26, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17029

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: February 26, 2020 at 07:15PM
View on website

February 26, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17028

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: February 26, 2020 at 07:15PM
View on website

February 26, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17027

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: February 26, 2020 at 07:15PM
View on website

February 26, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12882

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Published at: February 27, 2020 at 07:15AM
View on website

February 27, 2020 at 09:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-19668

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-17963. Reason: This candidate is a reservation duplicate of CVE-2018-17963. Notes: All CVE users should reference CVE-2018-17963 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Published at: February 27, 2020 at 07:15AM
View on website

February 27, 2020 at 09:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-6371

Synchronet BBS 3.16c for Windows allows remote attackers to cause a denial of service (service crash) via a long string in the HTTP Referer header.
Published at: February 27, 2020 at 07:15AM
View on website

February 27, 2020 at 09:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-6363

** DISPUTED ** In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.'"
Published at: February 27, 2020 at 07:15AM
View on website

February 27, 2020 at 09:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-5861

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-1000020. Reason: This candidate is a reservation duplicate of CVE-2017-1000020. Notes: All CVE users should reference CVE-2017-1000020 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Published at: February 27, 2020 at 06:15AM
View on website

February 27, 2020 at 09:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2015-5686

Parts of the Puppet Enterprise Console 3.x were found to be susceptible to clickjacking and CSRF (Cross-Site Request Forgery) attacks. This would allow an attacker to redirect user input to an untrusted site or hijack a user session.
Published at: February 27, 2020 at 03:15AM
View on website

February 27, 2020 at 09:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-16900

Incorrect Access Control in Hunesion i-oneNet 3.0.6042.1200 allows the local user to access other user's information which is unauthorized via brute force.
Published at: February 27, 2020 at 08:15PM
View on website

February 27, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2015-2992

Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability.
Published at: February 27, 2020 at 08:15PM
View on website

February 27, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-8878

Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network devices' hostnames and MAC addresses by reading the custom_id variable on the blocking.asp page.
Published at: February 28, 2020 at 12:15AM
View on website

February 28, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-8877

Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network IP address ranges by reading the new_lan_ip variable on the error_page.htm page.
Published at: February 28, 2020 at 12:15AM
View on website

February 28, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10064

hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
Published at: February 28, 2020 at 05:15PM
View on website

February 28, 2020 at 08:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-15609

The kill-port-process package version < 2.2.0 is vulnerable to a Command Injection vulnerability.
Published at: February 28, 2020 at 10:15PM
View on website

February 29, 2020 at 12:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10805

valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function (hasOwnProperty) from the unsafe user-input to examine an object. It is possible for a crafted payload to overwrite this function to manipulate the inspection results to bypass security checks.
Published at: February 28, 2020 at 11:15PM
View on website

February 29, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10804

serial-number through 1.3.0 allows execution of arbritary commands. The "cmdPrefix" argument in serialNumber function is used by the "exec" function without any validation.
Published at: February 28, 2020 at 11:15PM
View on website

February 29, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10803

push-dir through 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable "opt.branch" is not validated before being provided to the "git" command within "index.js#L139". This could be abused by an attacker to inject arbitrary commands.
Published at: February 28, 2020 at 11:15PM
View on website

February 29, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10802

giting version prior to 0.0.8 allows execution of arbritary commands. The first argument "repo" of function "pull()" is executed by the package without any validation.
Published at: February 28, 2020 at 11:15PM
View on website

February 29, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10801

enpeem through 2.2.0 allows execution of arbitrary commands. The "options.dir" argument is provided to the "exec" function without any sanitization.
Published at: February 28, 2020 at 11:15PM
View on website

February 29, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21035

In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption).
Published at: February 28, 2020 at 11:15PM
View on website

February 29, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2015-5361

Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provide similar functionality when the SRX secures the FTP/FTPS client. As the control channel is encrypted, the FTP ALG cannot inspect the port specific information and will open a wider TCP data channel (gate) from client IP to server IP on all destination TCP ports. In FTP/FTPS client environments to an enterprise network or the Internet, this is the desired behavior as it allows firewall policy to be written to FTP/FTPS servers on well-known control ports without using a policy with destination IP ANY and destination port ANY. Issue The ftps-extensions option is not intended or recommended where the SRX secures the FTPS server, as the wide data channel session (gate) will allow the FTPS client temporary access to all TCP ports on the FTPS server. The data session is associated to the control channel and will be closed when the control channel session closes. Depending on the configuration of the FTPS server, supporting load-balancer, and SRX inactivity-timeout values, the server/load-balancer and SRX may keep the control channel open for an extended period of time, allowing an FTPS client access for an equal duration.​ Note that the ftps-extensions option is not enabled by default.
Published at: February 29, 2020 at 01:15AM
View on website

February 29, 2020 at 04:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2015-3006

On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates. Entropy increases after the system has been up and running for some time, but immediately after boot, the entropy is very low. This issue only affects the QFX3500 and QFX3600 switches. No other Juniper Networks products or platforms are affected by this weak entropy vulnerability.
Published at: February 29, 2020 at 01:15AM
View on website

February 29, 2020 at 04:22AM

via National Vulnerability Database