Vulnerabilities Vulnerabilities

Continuous news on hardware and software vulnerabilities from proof of concept to zero day, the dangerous to the novel. Follow the patching topic to narrow your news to emerging fixes.

Gatekeeper bypass exposes Macs to malware

Gatekeeper bypass exposes Macs to malware

Microsoft researcher discovered access control list bug.
Richard Chirgwin Dec 21 2022 11:15AM Security
New Fortinet bug under active exploitation

New Fortinet bug under active exploitation

Overflow may allow remote code execution.
Richard Chirgwin Dec 13 2022 8:52AM Security
Dell patches virtual storage software against OpenSSL, Apache bugs

Dell patches virtual storage software against OpenSSL, Apache bugs

Text4Shell among the bug-fixes.
Richard Chirgwin Nov 25 2022 11:54AM Security
Aruba Networks patches 13 EdgeConnect vulnerabilities

Aruba Networks patches 13 EdgeConnect vulnerabilities

Arbitrary code execution and more.
Richard Chirgwin Nov 23 2022 11:40AM Security
AWS discloses AppSync vulnerability

AWS discloses AppSync vulnerability

Researcher found “confused deputy” bug.
Richard Chirgwin Nov 22 2022 11:40AM Security
Atlassian patches critical bugs in Bitbucket, Crowd

Atlassian patches critical bugs in Bitbucket, Crowd

Buggy environment variables, security misconfiguration fixed.
Richard Chirgwin Nov 21 2022 6:50AM Security
Cisco's patch day plugs six vulnerabilities

Cisco's patch day plugs six vulnerabilities

Network giant also launched OpenSSL 3.x investigation.
Richard Chirgwin Nov 3 2022 11:49AM Security
UK's Royal Mail pauses access to online service after glitch

UK's Royal Mail pauses access to online service after glitch

Customers could read each others' orders.
Staff Writer Nov 2 2022 6:53AM Security
Juniper upgrades open source tools to wipe out huge number of bugs

Juniper upgrades open source tools to wipe out huge number of bugs

Vulnerabilities in NSS, libexpat, OpenSS, libxml2 and more.
Richard Chirgwin Oct 14 2022 11:50AM Security
Aruba orchestrator could be attacked via web interface

Aruba orchestrator could be attacked via web interface

Patches shipped this week.
Staff Writer Oct 14 2022 7:01AM Networking
Fortinet serves up six more fixes

Fortinet serves up six more fixes

Company confirms recent bug has been exploited.
Richard Chirgwin Oct 11 2022 12:00PM Security
Fortinet issues emergency patch for authentication bypass

Fortinet issues emergency patch for authentication bypass

'Selected' customers advised last week.
Richard Chirgwin Oct 10 2022 12:14PM Security
ID service Dex patches token-stealing bug

ID service Dex patches token-stealing bug

Attackers could access downstream apps.
Richard Chirgwin Oct 7 2022 12:51PM Security
Network vendors inherit VLAN implementation bug

Network vendors inherit VLAN implementation bug

Cisco, Juniper Networks vulnerable to traffic blackholing bug, others may follow.
Richard Chirgwin Sep 29 2022 7:05AM Networking
CISA issues warning about data centre PDUs

CISA issues warning about data centre PDUs

Dataprobe firmware update needed to protect networks.
Staff Writer Sep 21 2022 11:42AM Security
Aruba Networks patches management software

Aruba Networks patches management software

Policy manager needs fixes.
Richard Chirgwin Sep 9 2022 11:47AM Security
Microsoft turned up a critical bug in TikTok client

Microsoft turned up a critical bug in TikTok client

One-click account takeover.
Richard Chirgwin Sep 1 2022 11:59AM Security
Google attracting bounty hunters to open source projects

Google attracting bounty hunters to open source projects

Better security for products like Golang.
Richard Chirgwin Aug 31 2022 12:07PM Security
Buggy routers are all over the internet, say researchers

Buggy routers are all over the internet, say researchers

Home, SOHO units don't need DNS.
Richard Chirgwin Aug 30 2022 12:08PM Security
Atlassian's Bitbucket buggy, needs patch

Atlassian's Bitbucket buggy, needs patch

Remote code execution vulnerability disclosed.
Richard Chirgwin Aug 25 2022 4:27PM Security

Log In

  |  Forgot your password?