A cross-site scripting vulnerability in Microsoft Office 365 casts attention on the need to shore up the security of cloud-based enterprise applications.
Browsing Tag: vulnerabilities
BrightBox home and small business routers are vulnerable to a number of security problems that leaving the networking gear exposed locally and remotely to attack.
Among the 144 patches released as part of Oracle’s quarterly Critical Patch Update were 36 patches for Java, a prominent reminder the Java security house is still not in order.
Google has fixed five vulnerabilities in its Chrome browser and also has activated a feature that will block malicious file downloads automatically. The change is a major security upgrade for Chrome and will help prevent users from unwittingly downloading harmful files, an attack vector that attackers count on for the success of drive-by downloads and other attacks.
Researchers have discovered two serious vulnerabilities in industrial Ethernet switches manufactured by Siemens that could enable attackers to perform unauthorized actions on the switches without authentication. One of the bugs allows attackers to hijack Web sessions and the other enables them to perform admin tasks on the switches. The vulnerabilities were discovered by researchers at[…]
A wireless gateway used in the energy and transportation industries is vulnerable to remote exploit, ICS-CERT said.
A huge number of security vulnerabilities have been fixed in Ubuntu, including a remotely exploitable font flaw that an attacker could use to run arbitrary code on vulnerable machines.
VMware patched vulnerabilities in its ESX and ESXi products that allow unauthorized local read/write access to files.
The Santander Group’s online banking and mobile banking applications have been patched against a number of SSL and certificate issues discovered by a U.K. security researcher.
The ICS-CERT is warning users about a reflected cross-site scripting vulnerability in a control interface for a wind-farm control portal manufactured by Nordex. The bug is remotely exploitable and could enable an attacker to run code on a vulnerable machine. The Nordex NC2 is a control portal for a series of wind turbines manufactured by[…]