Top

Tag: vulnerabilities


Vulnerabilities

Android Developer Tools Contain Vulnerabilities

December 6, 2017

Via: Dark Reading

Several of the most popular cloud-based and downloadable tools Android developers use are affected. Android application developer tools Android Studio, Eclipse, and Intellij-IDEA contain vulnerabilities, Check Point researchers revealed in a report today. Android Application Package Tool (APKTool), Cuckoo-Droid service, […]


Vulnerabilities

Critical Apple Login Bug Puts macOS High Sierra Systems at Risk

November 29, 2017

Via: Threat Post

A major bug in Apple’s macOS gives anyone with physical access to a computer running the latest version of the High Sierra operating system admin access simply by putting “root” in the user name field. The bug was publicized Tuesday […]


Vulnerabilities

Device Manufacturers Working on Patches for Intel Chip Flaws

November 24, 2017

Via: Security Week

Acer, Dell, Fujitsu, HPE, Lenovo, Intel and Panasonic are working on releasing patches for the recently disclosed vulnerabilities affecting Intel CPUs, but it could take a while until firmware updates become available to all customers. After external researchers identified several […]


Vulnerabilities

Intel Patches CPU Bugs Impacting Millions of PCs, Servers

November 22, 2017

Via: Threat Post

Intel released patches on Monday to protect millions of PCs and servers from vulnerabilities found in its Management Engine, Trusted Execution Engine and Server Platform Services that could allow local attackers elevate privileges, run arbitrary code, crash systems and eavesdrop […]


Vulnerabilities

Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks

November 20, 2017

Via: Threat Post

Researchers have identified seven vulnerabilities in the LibXL C library, used to read Excel files. Each of the vulnerabilities are rated 8.8 in severity on the Common Vulnerability Scoring System scale. Attackers could exploit each of the vulnerabilities and perform […]


Vulnerabilities, Wireless security

Apple Patches Dangerous KRACK Wi-Fi Vulnerabilities

November 1, 2017

Via: Security Week

Apple on Tuesday released a new set of security patches for its products, including fixes for Wi-Fi vulnerabilities disclosed in mid October. The security flaws can be exploited as part of a novel attack technique called KRACK, short for Key […]


Threats & Malware, Vulnerabilities

Google Bug Database Flaws Expose Severe Vulnerabilities

October 31, 2017

Via: Dark Reading

A security researcher was able to view some of Google’s most severe vulnerabilities due to flaws in the company’s internal bug tracking system, he said. The Issue Tracker, or Buganizer, as it’s known internally, is used among researchers and bug […]


Vulnerabilities

Code Execution Flaws Patched in Apache OpenOffice

October 30, 2017

Via: Security Week

Researchers at Cisco Talos have discovered three vulnerabilities in Apache OpenOffice that can be exploited by malicious actors for remote code execution using specially crafted document files. Talos has classified the flaws as “high severity” with a CVSS score of […]


Vulnerabilities

Linux kernel affected by a local privilege escalation vulnerability

October 16, 2017

Via: Security Affairs

On Friday, Cisco issued a security advisory on a local privilege escalation vulnerability in the Advanced Linux Sound Architecture (ALSA). The vulnerability in the Linux Kernel, tracked as CVE-2017-15265, is due to a use-after-free memory error in the ALSA sequencer […]


Vulnerabilities

Microsoft Patches Critical Windows DNS Client Vulnerabilities

October 11, 2017

Via: Threat Post

Three critical Windows DNS client vulnerabilities were patched today by Microsoft, closing off an avenue where an attacker could relatively simply respond to DNS queries with malicious code and gain arbitrary code execution on Windows clients or Windows Server installations. […]