Researchers have built proof-of-concept exploits for an unpatched unserialize vulnerability in Apache Commons Collections, a library used in most Java rollouts.
Browsing Category: Vulnerabilities
Certificate authority Comodo admits it incorrectly issued eight certificates that include forbidden internal server names or reserved IP addresses.
Nearly two dozen critical SAP HANA vulnerabilities have been patched, including a critical misconfiguration of the TrexNet administrative interface.
Google’s Project Zero tested the security of one of its biggest OEM partners, Samsung, finding 11 critical vulnerabilities in the Galaxy S6 Edge.
A vulnerability in a network that processes genomic data could pave the way to some global genomic databases being hacked.
Researchers have developed a bypass for Microsoft’s EMET exploit mitigations by targeting a design limitation of the WoW64 subsystem that provides backwards compatibility for 32-bit applications on 64-bit systems.
Google released its monthly over-the-air Android security update to Nexus devices, patching another handful of vulnerabilities related to Stagefright.
Mike Mimoso and Chris Brook discuss the news of the week: The latest Xen vulnerability, CISA passing the Senate, a researcher challenging that Weak DH paper, and more.
Xen patched a seven-year-old vulnerability that allows an attacker to escape a guest virtual machine and attack the host operating system.
Rockwell Automation has patched a handful of vulnerabilities in its Allen-Bradley MicroLogix programmable logic controllers