Connect with us
A high-risk bug in the Gatsby Cloud Image CDN service allowed attackers to stage server-side request forgery (SSRF) and cross-site scripting (XSS) attacks against some cloud-hosted Gatsby websites. Gatsby is...
A much-anticipated security update from OpenSSL landed today (November 1) but its impact appears to be considerably less than developers initially feared. OpenSSL 3.0.7 tackles two vulnerabilities...
The maintainers of the SQLite database engine have patched a high severity vulnerability that attackers could exploit to crash or control programs that rely on the software. Developers...
Developers of the OpenSSL cryptography library have taken the unusual step of pre-warning that an update due to land next Tuesday (November 1) will fix a critical vulnerability....
VMWare has patched a critical vulnerability in the management service for NSX, its network virtualization and security platform. The vulnerability, caused by an old deserialization bug...
A flaw in GitHub’s namespace retirement feature could have allowed attackers to potentially access another user’s repository. Coined ‘repojacking’ by researchers from Checkmarx, the technique could...
A pair of vulnerabilities patched in Jira Align could in the “worst-case scenario” be combined by low-privileged malicious users to target Atlassian’s cloud infrastructure, a security...
Fortinet is urging customers to patch a critical authentication bypass vulnerability that has already been exploited in the wild. Earlier this month, the networking vendor patched the bug, CVE-2022-40684,...
Security researchers have discovered a serious vulnerability in HyperSQL DataBase (HSQLDB) that poses a remote code execution (RCE) risk. HSQLDB offers a Java-based SQL relational database...
A researcher netted a $10,000 bug bounty reward from GitHub after discovering a way to spoof the platform’s login interface. Saajan Bhujel found a bypass that...
Recent Comments