Rapid7 disclosed that Advantech EKI industrial control gear remains vulnerable to Shellshock and Heartbleed, in addition to a host of other vulnerabilities.
Browsing Category: Vulnerabilities
Google released Chrome 47 this week and announced that it will end Chrome support for older, 32-bit Linux distributions early next year.
Thousands of embedded devices share cryptographic keys and certificates, exposing millions of connections to man-in-the-middle attacks.
Lenovo has patched two serious vulnerabilities in Lenovo System Update that can allow hackers elevate privileges and guess admin passwords.
A vulnerability reported to United Airlines that could have been exploited to manipulate flight reservations and customer data sat unpatched for almost six months before it was fixed.
Two more self-signed root certificates and corresponding private keys were found on Dell computers.
Thousands of cable modems manufactured by the Georgia-based telecom Arris suffer from a series of issues: XSS and CSRF vulnerabilities, hard-coded passwords, and what a researcher is calling a backdoor in a backdoor.
Different models of Dell computers have shipped with a preinstalled root certificate and private key, opening the machines up to man-in-the-middle attacks.
VMware patched a number of its products vulnerability to an XML External Entities vulnerability in the Apache Flex BlazeDS product integrated into VMware.
The German government published the results of its audit of open source disk encryption package TrueCrypt and gave it a relative clean bill of health.