Security News

Oracle has released an out-of-band fix for CVE-2019-2729, a critical deserialization vulnerability in a number of versions of Oracle WebLogic Server, and is urging customers to apply the security...

The two CVEs allow bypasses to get around NTLM relay attack mitigations.

Bug allows for a remote attacker to execute arbitrary code on industrial, enterprise tools.

You know the drill Cisco Talos researchers have uncovered a SQLite use-after-free vulnerability that could allow an attacker to remotely execute code on an affected device.…

Taking advantage of newly disclosed and even patched vulnerabilities has become common among cybercriminals, which makes it one of the primary attack vectors for everyday-threats, like...

The wireless gateways are used in PoS, industrial IoT and distributed enterprise settings.

Attackers looking to compromise Oracle WebLogic servers for their own needs have a new zero-day RCE flaw at their disposal. “Oracle WebLogic wls9_async and wls-wsat components trigger...

Magento patched 37 flaws Thursday, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site.

Researchers have released a proof-of-concept showing how a XXE vulnerability can be exploited to attack Ghidra project users.

Not on 5.1.1? You should be A newly revealed vuln in the open-source CMS WordPress allows an unauthenticated website attacker to remotely execute code – potentially letting naughty folk delete or...