Yik Yak, an application that allows users to share purportedly anonymous status updates with others near them, has fixed a critical privacy vulnerability in the iOS version of its app.
Browsing Tag: vulnerabilities
Adobe released security updates for Flash Player, Reader, Acrobat and ColdFusion. The Flash vulnerability is being exploited in the wild, Adobe said.
VMware released patches late last week to fix several vulnerabilities, including a cross-site scripting issue, in one of its server virtualization platforms.
A group of security researchers in Poland say they have discovered a long list of vulnerabilities in the Google App Engine, some of which enable an attacker to escape the Java sandbox.
There is an easily exploitable remote code execution vulnerability in a popular WordPress plugin that helps manage file downloads and researchers say the bug could be used by even a low-level attacker to run arbitrary code on a vulnerable site.
Elipse, a Brazilian SCADA software developer, patched a serious denial-of-service vulnerability in the DNP Master Driver deployed in its SCADA web-based application.
Details and exploit code for a vulnerability in Adobe Reader have surfaced and the bug can be used to break out of the Reader sandbox and execute arbitrary code. The bug was discovered earlier this year by a member of Google’s Project Zero and reported to Adobe, which made a change to Reader that made it[…]
The ICS-CERT is warning users about a stack buffer overflow in the Advantech WebAccess SCADA product that could lead to arbitrary code execution.
Drupal has released a patched a denial of service and account hijacking vulnerability, details of which were disclosed by the researchers who discovered the issue.
The people behind the Angler exploit kit are already exploiting one of the Flash bugs patched last week in the kit’s arsenal.