Researchers have identified a serious vulnerability in some versions of Oracle’s MySQL database product that allows an attacker to strip SSL/TLS connections of their security wrapping transparently. The vulnerability is the result of the way that an option in MySQL handles requests for secure connections. Researchers at Duo Security discovered the bug after noticing some[…]
Browsing Category: Vulnerabilities
Details on a number of unpatched vulnerabilities in a popular WordPress ecommerce plugin called CartPress were disclosed.
A potentially dangerous XSS vulnerability has existed in eBay for more than a year and it doesn’t appear the company is a rush to fix the issue.
Heartbleed made the world notice what kind of shape OpenSSL development was in from a financial and resources standpoint. In the year since, the project has been funded enough to hire full-time engineers and a crucial refactoring of the codebase has the project in the right direction.
WordPress quickly turned around a patch for a stored cross-site scripting zero-day vulnerability in the CMS’ core engine.
The manufacturer of a popular projector found primarily in classrooms is neglecting to address several authentication bugs that exist in the device that could open it up to hacks.
A Finnish researcher has disclosed details on an unpatched stored cross-site scripting vulnerability in the WordPress core engine.
A few weeks after the developers of the AFNetworking library that’s popular among iOS and OS X app developers patched a serious bug in the library that enabled man-in-the-middle attacks, another, similar flaw has surfaced. The new vulnerability is related to how the AFNetworking library handles domain name validation for certificates. As it turns out, the library[…]
Siemens has released an update for some of its ICS products that are affected but the glibc Ghost vulnerability that was disclosed in January. The vulnerability affected both the Siemens Sinumerik and Simatic HMI Basic applications, which are used in a variety of industrial situations. “The affected products, SINUMERIK, SIMATIC HMI Basic, and Ruggedcom, are used as an[…]