Vulnerabilities Vulnerabilities

Continuous news on hardware and software vulnerabilities from proof of concept to zero day, the dangerous to the novel. Follow the patching topic to narrow your news to emerging fixes.

IBM workflow analysis software beset by bugs

IBM workflow analysis software beset by bugs

One product, 57 vulnerabilities.
Richard Chirgwin Jun 10 2022 12:54PM Security
Apple defeats class action over Meltdown, Spectre vulns

Apple defeats class action over Meltdown, Spectre vulns

Judge dismisses class action lawsuit.
Jonathan Stempel Jun 9 2022 11:55AM Security
IBM sprays Log4j bugs in security products

IBM sprays Log4j bugs in security products

Apache Struts utility still causing headaches for admins.
Staff Writer May 12 2022 1:09PM Security
Intel memory firmware bug hits hundreds of products

Intel memory firmware bug hits hundreds of products

Dell and HP first to ship fixes.
Richard Chirgwin May 11 2022 12:30PM Security
Aruba publishes patches for 21 security bugs

Aruba publishes patches for 21 security bugs

Three allow remote takeover of management systems.
Richard Chirgwin May 6 2022 12:49PM Security
Aruba, Avaya switches susceptible to remote takeover, patches on the way

Aruba, Avaya switches susceptible to remote takeover, patches on the way

TLStorm 2.0 could hit millions of devices.
Richard Chirgwin May 4 2022 12:19PM Security
Password vulnerability fixed in Dell storage firmware

Password vulnerability fixed in Dell storage firmware

Failed to block brute force attacks.
Staff Writer May 3 2022 6:22AM Security
SA gov to create bug bounty program

SA gov to create bug bounty program

Looks to replace “ad hoc” vulnerability reporting from July.
Justin Hendry Apr 28 2022 11:44AM Security
Cisco Umbrella users urged to close bug

Cisco Umbrella users urged to close bug

Static SSH key lets miscreants steal admin credentials.
Richard Chirgwin Apr 22 2022 12:01PM Security
Atlassian patches auth bypass in Seraph

Atlassian patches auth bypass in Seraph

Third-party apps also affected.
Richard Chirgwin Apr 22 2022 11:05AM Security
Java 15 introduced a cryptographic vulnerability

Java 15 introduced a cryptographic vulnerability

One of 500+ in Oracle's April patch-fest.
Richard Chirgwin Apr 20 2022 12:57PM Security
Cisco offers a bumper haul of vulnerability fixes

Cisco offers a bumper haul of vulnerability fixes

Spring4Shell still keeping engineers busy.
Richard Chirgwin Apr 14 2022 11:02AM Security
Senior EU officials were targeted with Israeli spyware

Senior EU officials were targeted with Israeli spyware

Sources tell Reuters NSO software used.
Raphael Satter and Christopher Bing Apr 12 2022 6:32AM Security
VMware admins asked to patch eight vulnerabilities

VMware admins asked to patch eight vulnerabilities

Authentication bypass, remote code execution, and more.
Richard Chirgwin Apr 7 2022 4:40PM Security
Cisco next to turn up Spring4Shell-vulnerable products

Cisco next to turn up Spring4Shell-vulnerable products

Eight identified, 70 under investigation.
Richard Chirgwin Apr 6 2022 12:10PM Security
Dell ships patch for vulnerable filesystem

Dell ships patch for vulnerable filesystem

Telemetry loss, account takeover, and more.
Staff Writer Apr 6 2022 6:25AM Security
Third-party bugs squashed in IBM database software

Third-party bugs squashed in IBM database software

Apache Log4j rears its head.
Richard Chirgwin Mar 31 2022 12:11PM Security
'Back from vacation' - Lapsus$ hackers claim breach of Globant

'Back from vacation' - Lapsus$ hackers claim breach of Globant

Boasts it hauled 70GB of source code.
Staff Writer Mar 31 2022 6:43AM Security
Atlassian data centre products impacted by third-party bug

Atlassian data centre products impacted by third-party bug

Update if you can, remediate if you can't.
Richard Chirgwin Mar 28 2022 11:44AM Security
VMware ships patches to AppC vulnerabilities

VMware ships patches to AppC vulnerabilities

Found by HackerOne bounty hunter.
Richard Chirgwin Mar 25 2022 5:03PM Security

Log In

  |  Forgot your password?