SAP patched a dozen holes in its in-memory management system HANA that could have led to SQL injections, cross-site scripting (XSS) errors, and memory corruption vulnerabilities.
Browsing Category: Vulnerabilities
Two privilege escalation vulnerabilities in the last TrueCrypt build were discovered by James Forshaw of Google Project Zero, and patched in VeraCrypt.
Hilton Hotels and Resorts is reportedly looking into claims that some of its point-of-sale devices were compromised, some potentially as far back as November 2014.
Developers at Mozilla pushed out Firefox 41 this week and brought some much needed relief to AdBlockPlus users by finally fixing a 14-year old bug in the browser.
DHS CERT published an alert prompted by a paper delivered at USENIX regarding the security of browser cookies.
Cisco pushed out its usual semiannual round of patches on Wednesday for IOS, the software the company uses for most of its routers and switches.
Researchers found a weakness in XcodeGhost that puts it at risk for man-in-the-middle attacks.
A researcher at Bromium is expected at DerbyCon to disclose a memory corruption mitigation bypass of Microsoft Control Flow Guard.
HackerOne released a free model that assesses an organization’s readiness to accept outside vulnerability reports.
Apple watchOS2 arrived with a host of security patches, including fixes for more than a dozen code-execution bugs.