Google has fixed several vulnerabilities in Chrome, including a pair of cross-origin bypasses and a high-risk scheme validation error.
Browsing Category: Vulnerabilities
There is a privilege-escalation vulnerability in several versions of Ubuntu that results from the fact that the operating system fails to check permissions when users are creating files in some specific circumstances.
A trio of vulnerabilities were recently patched in eBay’s Magento e-commerce web application that could have let attackers carry out a handful of exploits.
Researchers from ERPScan said SAP’s HANA in-memory database contains a default static encryption key.
Drupal has patched several vulnerabilities in versions 6 and 7 of the content-management system, including a critical bug that enables an attacker to hijack administrators’ accounts and take arbitrary actions on target sites. That vulnerability lies in the OpenID module in Drupal that enables users to authenticate themselves using the OpenID protocol. The protocol is based[…]
Google’s decision to limit its Android Security Rewards program to Nexus devices could have security consequences for non-Nexus device users.
A group of researchers claim that they found a handful of vulnerabilities in both Apple’s OS X and iOS, and cracked the Keychain service that the company uses for apps and sandboxes on OS X.
LinkedIn today announced that since October it has been running a private bug bounty, and to date has patched 65 bugs and paid out $65,000 in rewards.
A week after disclosing a cross-site request forgery vulnerability in small wind turbines manufactured by a company called XZERES, a security researcher has discovered a serious bug in the human-machine interface for turbines made by German company RLE International GmbH. Researcher Maxim Rupp discovered the vulnerability in the Nova-Wind Turbine HMI and reported it to the vendor.[…]
Attackers sitting on a network can intercept Swift keyboard updates from Samsung, inject code, and potentially take remote control of millions of Android mobile devices.