Security News

A vulnerabilitiy recently patched by Google in Chrome for Android was an information disclosure bug that was originally reported in 2015, but not patched until the release of Chrome 70 in October...

Almost since its inception in October 2016, the UK's National Cyber Security Centre (NCSC) has been considering how to formalize its vulnerability disclosure process. While the agency has a wider...

Almost since its inception in October 2016, the UK's National Cyber Security Centre (NCSC) has been considering how to formalize its vulnerability disclosure process. While the agency has a wider...

A vulnerability in Cisco Adaptive Security Appliance (ASA) Software could allow an attacker to retrieve files or replace software images on a device.  read more

SAP this week released its December 2018 set of security updates to address a dozen vulnerabilities in its products, including a Critical flaw in Hybris Commerce.  read more

Microsoft’s Patch Tuesday updates for December 2018 address nearly 40 vulnerabilities, including a zero-day flaw affecting the Windows kernel. read more

Some of Rockwell Automation’s MicroLogix controllers and ControlLogix communications modules are affected by a potentially serious vulnerability that can be exploited for denial-of-service (DoS)...

The vulnerability could lead to arbitrary code execution.

Developers around the world depend on open source components to build their software products. According to industry estimates, open source components account for 60-80% of the code base in modern...

Gjoko Krstic, an Applied Risk researcher, has discovered a vulnerability in Pilz PNOZmulti Configurator software that allows a local attacker to read sensitive data in clear-text. The software is...