A bug in vm2, a sandbox for testing untrusted JavaScript code, makes it possible for malicious parties to circumvent the library’s security controls and carry out remote...
A patch that was released to fix a path traversal bug in Apache HTTP Server is insufficient in protecting against the vulnerability and could allow for...
Multiple security vulnerabilities in open source status page system Cachet could allow an attacker to execute arbitrary code and steal sensitive data, researchers have warned. Cachet is a...
Opera has patched a severe cross-site scripting (XSS) to remote code execution (RCE) web browser flaw. The browser-maker runs a technical blog series on the most interesting vulnerabilities...
A zero-click vulnerability in a popular IoT security camera could allow an unauthenticated attacker to gain full access to the device and possibly internal networks, a researcher has...
Microsoft has issued additional guidance on securing Azure Linux machines impacted by recently addressed critical OMIGOD vulnerabilities. The four security flaws (allowing remote code execution and...
The Jenkins project says it has fallen prey to widespread attacks targeting a critical vulnerability in Confluence, Atlassian’s team collaboration software. Attackers compromised Jenkins’ deprecated Confluence...
A vulnerability in Node.js that could allow a remote actor to perform domain hijacking attacks has been fixed. The maintainers of the JavaScript runtime environment have released a security...
Security researchers have achieved remote code execution (RCE) on web hosting platform cPanel & WHM after bypassing CSRF protections and escalating privileges via a stored cross-site scripting (XSS)...
In a Thursday security advisory update, Cisco revealed that a remote code execution (RCE) vulnerability in the Adaptive Security Device Manager (ADSM) Launcher disclosed last month...
Recent Comments