Researcher releases PoC rooting app that exploits recent Android zero-day
Late last month Google Project Zero researcher Maddie Stone detailed a zero-day Android privilege escalation vulnerability (CVE-2019-2215) and revealed that it is actively …
Late last month Google Project Zero researcher Maddie Stone detailed a zero-day Android privilege escalation vulnerability (CVE-2019-2215) and revealed that it is actively …
Hot on the heels of a patch for a critical RCE Exim flaw comes another one that fixes a denial of service (DoS) condition (CVE-2019-16928) that could also be exploited by …
The Exim mail transfer agent (MTA) is impacted by a critical vulnerability that may allow local or unauthenticated remote attackers to execute programs with root privileges on …
Palo Alto Networks has silently patched a critical remote code execution vulnerability in its enterprise GlobalProtect SSL VPN, which runs on Palo Alto Networks’ …
A researcher has released proof-of-concept code for a critical code execution vulnerability (CVE-2019-11580) in Atlassian Crowd, a centralized identity management solution …
CVE-2019-0604, a critical vulnerability opening unpatched Microsoft SharePoint servers to attack, is being exploited by attackers to install a web shell. The web shell allows …
Dell computer owners should update the Dell SupportAssist software as soon as possible to close a high-risk remote code execution vulnerability. What is Dell SupportAssist? …
Charles Fol, the security engineer that unearthed the Carpe Diem Apache HTTP Server bug (CVE-2019-0211), has released an exploit for it. “This is between a POC and a …
A recently patched SQL injection flaw affecting the popular open-source e-commerce platform Magento is being actively exploited by attackers, so if you haven’t …
A vulnerability affecting all versions of WinRAR, the popular file archiver utility for Windows, could be exploited by attackers to deliver malware via specially crafted ACE …
A low-skilled, remote attacker could use publicly available exploits to gain access to and mess with a power monitor by Rockwell Automation that is used by energy companies …
A vulnerability affecting Snapd – a package installed by default in Ubuntu and used by other Linux distributions such as Debian, OpenSUSE, Arch Linux, Fedora and Solus …