Two vulnerabilities in two different WordPress plugins – an Arbitrary Variable Overwrite vulnerability in eShop, and an XSS vulnerability in Jetpack – were identified this week.
Browsing Category: Vulnerabilities
Apple has issued a series of bulletins for its Safari browser fixing various security vulnerabilities in its WebKit rendering engine.
IOActive researchers disclosed details on three patched vulnerabilities in Lenovo’s System Update mechanism.
Microsoft’s introduction of Windows Update for Business puts an end to Patch Tuesday security updates as we know them.
Hospira’s Lifecare PCA3 Drug Infusion pumps are susceptible to multiple remotely exploitable vulnerabilities that could not only brick the device but allow an attacker to run commands and put lives in jeopardy.
Buffer and integer overflow vulnerabilities have been patched in the ICU Project ICU4C library, used in hundreds of open source and enterprise software packages.
For the second time in less than a week, Google has updated its Password Alert extension for Chrome to address a method for bypassing the warning screens that alert users that they’re entering data on a non-Google site.
Google paid out a $1,337 bounty to a researcher who found a clickjacking vulnerability in Google API Explorer.
Attackers have recently taken to the job searching website CareerBuilder to spread Microsoft Word documents that masquerade as job hopefuls’ resumes, but in reality, are laden with malware.
A security researcher has developed a method–actually two methods–for defeating the new Chrome Password Alert extension that Google released earlier this week. The Password Alert extension is designed to warn users when they’re about to enter their Google passwords into a fraudulent site. The extension is meant as a defense against phishing attacks, which remain[…]