Collaborate Disseminate
The bugs rate 10 out of 10 on the vulnerability-severity scale, thanks to the ease of exploitation. Continue reading Critical Bugs in Dell Wyse Thin Clients Allow Code Execution, Client Takeovers
Four security vulnerabilities in an open-source medical records management platform allow remote code execution, patient data theft and more. Continue reading Electronic Medical Records Cracked Open by OpenClinic Bugs
The vulnerable version of the app, which has 100 million users, uses easily predictable URLs to link to private content. Continue reading GO SMS Pro Android App Exposes Private Photos, Videos and Messages
The shopping cart application contains a PHP object-injection bug. Continue reading WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug
The critical-severity Adobe Acrobat and Reader vulnerabilities could enable arbitrary code execution and are part of a 14-CVE patch update. Continue reading Adobe Warns Windows, MacOS Users of Critical Acrobat and Reader Flaws
The most-rewarded flaw is XSS, which is among those that are relatively cheap for organizations to identify. Continue reading Bug-Bounty Awards Spike 26% in 2020
The most serious bugs are elevation-of-privilege issues in the Android System component (CVE-2020-0215 and CVE-2020-0416). Continue reading Google Rolls Out Fixes for High-Severity Android System Flaws
Five critical cross-site scripting flaws were fixed by Adobe in Experience Manager as part of its regularly scheduled patches. Continue reading Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers
A patch has been issued for the flaw in a widely-used module, and researchers are urging IoT manufacturers to update their devices ASAP. Continue reading Researchers Warn of Flaw Affecting Millions of IoT Devices
Admins should patch their Citrix ADC and Gateway installs immediately. Continue reading Citrix Bugs Allow Unauthenticated Code Injection, Data Theft