Security News

An out-of-bounds write bug in the E2fsprogs filesystem utility could lead to remote code execution, Cisco Talos security researchers reveal. The hash entries for the hash tree are contained within hash entry struct, while the number of hash entries is contained within num array.

Seventeen bugs could be exploited to stop electrical generation and cause malfunctions at power plants.

Vulnerabilities in document and imaging library Accusoft ImageGear could allow attackers to execute code remotely on vulnerable machines, Cisco Talos has discovered. The library, which is used by...

Cisco Talos researchers have identified two vulnerabilities in the GoAhead embedded web server, including a critical flaw that can be exploited for remote code execution. read more

The flaw can be trivially exploited.

A security vulnerability in WhatsApp that was made public last week could be abused to execute arbitrary code remotely on affected devices. read more

Popular ecommerce platform Magento is advising users to apply patches for a remote code execution flaw that could allow unauthenticated attackers to deliver malicious payloads. read more

Flaws in Das U-Boot affect third-party hardware that uses the universal bootloader as an underlying component.

The network configuration management utility has two unpatched critical remote code execution vulnerabilities.

CVE-2019-11043 is trivial to exploit -- and a proof of concept is available.