A group of security researchers in Poland say they have discovered a long list of vulnerabilities in the Google App Engine, some of which enable an attacker to escape the Java sandbox.
Browsing Tag: vulnerabilities
There is an easily exploitable remote code execution vulnerability in a popular WordPress plugin that helps manage file downloads and researchers say the bug could be used by even a low-level attacker to run arbitrary code on a vulnerable site.
Elipse, a Brazilian SCADA software developer, patched a serious denial-of-service vulnerability in the DNP Master Driver deployed in its SCADA web-based application.
Details and exploit code for a vulnerability in Adobe Reader have surfaced and the bug can be used to break out of the Reader sandbox and execute arbitrary code. The bug was discovered earlier this year by a member of Google’s Project Zero and reported to Adobe, which made a change to Reader that made it[…]
The ICS-CERT is warning users about a stack buffer overflow in the Advantech WebAccess SCADA product that could lead to arbitrary code execution.
Drupal has released a patched a denial of service and account hijacking vulnerability, details of which were disclosed by the researchers who discovered the issue.
The people behind the Angler exploit kit are already exploiting one of the Flash bugs patched last week in the kit’s arsenal.
A bug was recently fixed in Android Lollipop that could allow an attacker to bypass ASLR and run arbitrary code on a target device under certain circumstances.
Google has released Chrome 39, fixing 42 security vulnerabilities and removing support for the fallback to SSLv3, the component that was the target of the POODLE attack revealed last month.
Microsoft on Tuesday released a rare out-of-band patch for a critical vulnerability in several versions of Windows and Windows Server, including Windows 8 and 8.1.