Oracle on Saturday released its patch for the VENOM vulnerability, a guest escape flaw that affects many virtualization platforms.
Browsing Category: Vulnerabilities
A group of Polish researchers is claims there are still several outstanding vulnerabilities in Google App Engines, including three complete Java sandbox escapes.
Dennis Fisher and Mike Mimoso talk about the VENOM vulnerability, the idea of marketing bugs, Microsoft’s new Edge browser security features and the awesome CSI: Cyber finale.
Proof of concept code exploiting the VENOM vulnerability has surfaced. Its author says mitigating factors make VENOM difficult to exploit at scale.
Cisco patched command injection, authentication bypass, and denial of service vulnerabilities in a number of its TelePresence products.
Dennis Fisher talks with Dan Kaminsky about the VENOM bug, the value of virtual machine escapes, why everyone wants to make every bug the worst one of all time or just a bunch of hype and what the Avengers have to do with vulnerability disclosure.
SAP SE has fixed security vulnerabilities in a pair of compression algorithms used by a number of the company’s popular business management software programs.
The Open Smart Grid Protocol Alliance said updates will be rolled out in September to networks and devices that address weak homegrown cryptography pointed out in a research paper.
A handful of vulnerabilities have been identified in WSO2 Identity Server that could lead to takeover, firewall bypass, and potentially open subsequent internal servers up to further attacks.
Researchers have uncovered a vulnerability in an obscure component of many virtualization platforms that they say can allow an attacker to escape from a guest virtual machine and gain code execution on the host, as well as any other VMs operating on that machine. Experts say the bug affects a wide variety of virtualization software[…]