Cyber Security
Researchers are trialing methods to scale up the ability to roll out security fixes for vulnerable components across the open source ecosphere. Tools such as CodeQL (GitHub’s code...
Hi, what are you looking for?
Researchers are trialing methods to scale up the ability to roll out security fixes for vulnerable components across the open source ecosphere. Tools such as CodeQL (GitHub’s code...
A newly-discovered vulnerability in Apache Pulsar allows a remote attacker to carry out a manipulator-in-the-middle (MitM) attack due to improper certificate validation. Apache Pulsar...
A recently resolved vulnerability in Sophos Firewall has been abused by attackers in targeted attacks, the vendor warns. The critical vulnerability (CVE-2022-3236) poses a remote code execution (RCE)...
Java templating engine Pebble was vulnerable to a bug that could allow attackers to bypass its security mechanisms and conduct command injection attacks against host servers....
A vulnerability in Netlify could allow an attacker to achieve either persistent cross-site scripting (XSS) or full-response server-side request forgery on any supported website. Netlify is...
A prototype pollution bug in the Chromium project allowed attackers to bypass Sanitizer API, a built-in browser library for removing potentially malicious code from...
A security flaw in Parse Server that enabled brute-force guessing of sensitive user data on the API server module for Node.js and the Express...
The maintainers of venerable open source content management system (CMS) TYPO3 have fixed a cross-site scripting (XSS) flaw with a raft of software updates. The XSS...
Multiple vulnerabilities in the WAPPLES web application firewall (WAF) created a means to commandeer vulnerable devices and run arbitrary commands, a researcher warns. Another set of...
A vulnerability in Xalan-J, an Apache project used by multiple SAML implementations, could allow arbitrary code execution, researchers warn. XSLT (Extensible Stylesheet Language Transformations)...
Recent Comments