Zephyrnet Logo

Tag: use-after-free

ISAs and the Dawning Hardware Security Revolution

The eternal cat-and-mouse game pitting IT security improvements against evolving attacker exploits is usually framed as an arms race of rising software sophistication. Security...

Top News

S3 Ep121: Can you get hacked and then prosecuted for it? [Audio + Text]

by Paul Ducklin CAN YOU GET HACKED AND THEN PROSECUTED FOR IT? Cryptocurrency crimelords. Security patches for VMware, OpenSSH and OpenSSL....

OpenSSL fixes High Severity data-stealing bug – patch now!

by Paul Ducklin OpenSSL, probably the best-known if not the most widely-used encryption library in the world, has just release...

VMWare user? Worried about “ESXi ransomware”? Check your patches now!

by Paul Ducklin Cybersecurity news, in Europe at least, is currently dominated by stories about “VMWare ESXi ransomware” that is...

Critical “10-out-of-10” Linux kernel SMB hole – should you worry?

by Paul Ducklin Just before the Christmas weekend – in fact, at about the same time that beleaguered password management...

Shift to Memory-Safe Languages Gains Momentum

The software industry is making headway against a group of pernicious vulnerabilities that are responsible for the vast majority of critical, remotely exploitable, and...

Chrome patches 24 security holes, enables “Sanitizer” safety system

by Paul Ducklin Google’s latest Chrome browser, version 105, is out, though the full version number is annoyingly different depending on whether you are on Windows,...

Critical Firefox Zero-Day Bugs Allow RCE, Sandbox Escape

Both vulnerabilities are use-after-free issues in Mozilla's popular web browser.

Emergency Firefox Update Patches Two Actively Exploited Zero-Day Vulnerabilities

Mozilla over the weekend issued an emergency security update for Firefox to address two zero-day vulnerabilities that have been exploited in attacks.

read more

2 New Mozilla Firefox 0-Day Bugs Under Active Attack — Patch Your Browser ASAP!

Mozilla has pushed out-of-band software updates to its Firefox web browser to contain two high-impact security vulnerabilities, both of which it says are being actively exploited in the wild. Tracked as CVE-2022-26485 and CVE-2022-26486, the zero-day flaws have been described as use-after-free issues impacting the Extensible Stylesheet Language Transformations (XSLT) parameter processing and the

Firefox patches two in-the-wild exploits – update now!

Firefox just published a double-zero-day patch - "remote code execution" combined with "sandbox escape". Update now!

Google Paid Out Over $100,000 for Vulnerabilities Patched by Chrome 99

Google this week released Chrome 99 to the stable channel with a total of 28 security fixes inside, including 21 for vulnerabilities reported by external researchers.

read more

Critical Vulnerabilities Impact Widely Used Printed Circuit Board File Viewer

Security researchers with Cisco’s Talos division this week disclosed six critical-severity vulnerabilities affecting Gerbv, an open source file viewer for printed circuit board (PCB) designs.

read more

Latest Intelligence

spot_img
spot_img