vulnerability

MITRE’s short-term solution to the problem of slow CVE assignment is to set up an experimental system for issuing federated CVE IDs using a new format. “(…) …

Malware developers have found another hole in Apple’s iOS defenses, and this one, according to Palo Alto researchers, will be difficult to plug. The newly discovered …

Here’s another documented instance for the “insecure Internet of Things” annals, courtesy of CoreOS security developer Matthew Garrett. Garrett, who’s …

A security vulnerability in the ReadyNAS Surveillance Application can be exploited by unauthenticated, remote attackers to gain root access to Netgear NAS systems, Sysdream …

For the last 17 years, the American not-for-profit MITRE Corporation has been editing and maintaining the list of Common Vulnerabilities and Exposures (CVEs). Researchers who …

A vulnerability in “libotr,” the C code implementation of the Off-the-Record (OTR) protocol that is used in many secure instant messengers such as ChatSecure, …

In the March 2016 security update for the Android Open Source Project (AOSP), Google has fixed 19 security issues, seven of which are considered to be critical. Among these, …

Two researchers from Michigan State University’s biometrics group have devised a method for hacking mobile phone’s fingerprint authentication by using just a color …

Cisco has released on Wednesday a bucketload of software updates for a wide variety of its products, fixing vulnerabilities of different types and severity. But one is deemed …

The US Department of Defense (DoD) has invited hackers participate in “Hack the Pentagon”, a program aimed at finding vulnerabilities in some of the …

A vulnerability in servers programmed with Schneider Electric’s StruxureWare Building Operation software can be exploited by a low-skilled, remote attacker to gain access to …

There’s a new attack that breaks the communication encryption provided by SSL and TLS and can therefore lead to theft of extremely sensitive data exchanged between users …