Researchers at ERPScan today disclosed details and a proof-of-concept exploit for a SAP GUI remote code execution vulnerability patched last week.
Browsing Tag: vulnerabilities
A severe vulnerability has been disclosed in libpurple, the library used in the development of a number of popular instant messaging clients, including Adium for the macOS platform.
Mozilla patched a zero day uncovered at Pwn2Own in Firefox in 22 hours on Friday.
Researchers at SEC Consult disclosed a command injection vulnerability in Ubiquiti Networks gear for ISPs after a private disclosure to the vendor in November went unresolved.
Mike Mimoso and Chris Brook discuss the news of the week, including Pwn2Own 2017, Microsoft’s silence around February’s Patch Tuesday, and a nasty SAP bug.
On the first day of Pwn2Own 2017 hackers poked holes in Adobe Reader, Apple Safari, Microsoft Edge, and Ubuntu Linux.
Intel and Microsoft announced bug bounties, paying $30,000 and $15,000 respectively for critical vulnerabilities.
Double Robotics telepresence robots were patched against vulnerabilities that leaked device data and session keys and tokens.
Schneider Electric patched a vulnerability in the Tableau Server running in its Wonderware analytics and visualization platform that could allow an attacker to elevate privileges.
The news of the week is recapped, including the fallout around CloudBleed, the CloudPets breach, and a Slack token bug. The life of Howard Schmidt is also remembered.