July 22, 2016
Via: Threat PostGoogle has patched a high-risk vulnerability in its Chrome browser that allows an attacker to escape the Chrome sandbox. That vulnerability is one of 48 bugs fixed in version 52 of Chrome released Wednesday. Four dozen of those flaws are […]
Mobile security, Vulnerabilities
July 8, 2016
Via: Help Net SecurityGoogle has released an unusually hefty Android Security Bulletin for July. In fact, so many vulnerabilities have been fixed – 108 in all – that the patches come in two levels. The first one, 2016-07-05, includes patches for vulnerabilities found […]
December 8, 2015
Via: Help Net SecurityGoogle’s December security update for Android has been pushed out to Nexus devices on Monday, and it contains fixes for 19 vulnerabilities, four of which are deemed “critical”. Among these is an elevation of privilege vulnerability (CVE-2015-6619) in the system […]
November 9, 2015
Via: CIOThe most serious software flaws ever have been found in SAP’s HANA platform, the in-memory database platform that underpins many of the German company’s products used by large companies. Eight of the flaws are ranked critical, the highest severity rating, […]
Mobile security, Vulnerabilities
November 4, 2015
Via: ThreatpostGoogle’s Nexus Android devices are considered the most secure by default since they’re guaranteed to receive all security patches for vulnerabilities found internally and those disclosed by third parties. Google’s Project Zero research team, however, decided to expand its reach […]
September 6, 2015
Via: network-security#mozilla said an unknown #attacker accessed its #bugzilla bug-and-change tracking database, stole information about 53 critical security #vulnerabilities, and used at least one of those flaws to attack #firefox #users. Bugzilla is the open-source #tracker that Mozilla’s developers — both […]
August 5, 2015
Via: vulnerabilitiesThe most scandalous threat is tickling the nerves of Android phones owners: Zimperium zLabs reported six gaping hole in Google OS in April 2015. They also told Forbes that while Google sent out patches to its partners, unbelievably, most manufacturers […]
July 25, 2015
Via: network-securityHP’s Zero Day Initiative (ZDI) Monday disclosed four unpatched zero-day vulnerabilities in Internet Explorer Mobile that can enable a remote attacker to execute arbitrary code. Three of the bugs are use-after-free vulnerabilities that exist within the handling of CTreePos objects, […]
June 19, 2015
Via: threats-and-malwareThe Drupal Security Team has released a Critical software update for the Drupal CMS (Content Management System). Users with websites running either Drupal 6 or Drupal 7 are urged to upgrade immediately. The advisory that explains what’s been fixed, DRUPAL-SA-CORE-2015-002, […]
June 18, 2015
Via: network-securityLinkedIn plans to continue closely vetting researchers for its bug bounty rewards program, saying it reduces the number of distracting erroneous and irrelevant reports. The decision to keep its program private “gives our strong internal application security team the ability […]
April 23, 2024
April 18, 2024