The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...

Apache Commons Text is used for processing character strings in Java apps. A critical vulnerability allows the injection of ...

ESET researchers discovered a code execution vulnerability in WPS Office for Windows (CVE⁠-⁠2024⁠-⁠7262), as it was being exploited by APT-C-60, a South Korea-aligned cyberespionage group. Upon ...

In HPE's OneView, malicious actors can inject malicious code from the network without authentication. An update is available.

The Wikimedia Foundation patched a critical remote code execution vulnerability in its MediaWiki software used to power wiki and collaboration sites on the Internet, including Wikipedia. A serious ...

Elegant Themes announced that several of their products contained a code injection vulnerability and should be updated right away. The vulnerability allows an untrustworthy user to execute PHP ...

Researchers recently discovered a Windows code-execution vulnerability that has the potential to rival EternalBlue, the name of a different Windows security flaw used to detonate WannaCry, the ...

The Python Software Foundation (PSF) has rushed out Python 3.9.2 and 3.8.8 to address two notable security flaws, including one that is remotely exploitable but in practical terms can only be used to ...

Creating secure, reliable applications is an important aspect of any developer's job. The hard part, of course, is learning what practices lead to building secure, reliable applications from the ...

Another day, another vulnerability. Discovered by [Kevin Backhouse], CVE-2018-4407 is a particularly serious problem because it is present all throughout Apple’s ...