vulnerability

Oracle has issued an emergency security update for Java to plug a critical flaw (CVE-2016-0636) that could be exploited by luring users to visit a web page hosting the …

RSA security researcher Rotem Kerner has discovered a remote code execution vulnerability that affects digital video recorders (DVRs) sold by more than 70 different vendors …

MITRE’s short-term solution to the problem of slow CVE assignment is to set up an experimental system for issuing federated CVE IDs using a new format. “(…) …

Malware developers have found another hole in Apple’s iOS defenses, and this one, according to Palo Alto researchers, will be difficult to plug. The newly discovered …

Here’s another documented instance for the “insecure Internet of Things” annals, courtesy of CoreOS security developer Matthew Garrett. Garrett, who’s …

A security vulnerability in the ReadyNAS Surveillance Application can be exploited by unauthenticated, remote attackers to gain root access to Netgear NAS systems, Sysdream …

For the last 17 years, the American not-for-profit MITRE Corporation has been editing and maintaining the list of Common Vulnerabilities and Exposures (CVEs). Researchers who …

A vulnerability in “libotr,” the C code implementation of the Off-the-Record (OTR) protocol that is used in many secure instant messengers such as ChatSecure, …

In the March 2016 security update for the Android Open Source Project (AOSP), Google has fixed 19 security issues, seven of which are considered to be critical. Among these, …

Two researchers from Michigan State University’s biometrics group have devised a method for hacking mobile phone’s fingerprint authentication by using just a color …

Cisco has released on Wednesday a bucketload of software updates for a wide variety of its products, fixing vulnerabilities of different types and severity. But one is deemed …

The US Department of Defense (DoD) has invited hackers participate in “Hack the Pentagon”, a program aimed at finding vulnerabilities in some of the …