Google released to all users and partners its November security bulletin for the Android operating system, with fixes for critical remote code execution (RCE) and privilege escalation vulnerabilities.
In an advisory yesterday, the Apache Software Foundation reiterates its recommendation for users of Struts to make sure their installations run a version of the Commons FileUpload library newer than 1.3.2, lest they expose their projects to possible remote code execution attacks.
A vulnerability discovered in Icecast streaming media server could be leveraged by an attacker to kill the broadcast of online radio stations that rely on it to reach their audience.
FreeRTOS, the open-source operating system that powers most of the small microprocessors and microcontrollers in smart homes and critical infrastructure systems has 13 vulnerabilities, a third of them allowing remote code execution.
Windows JET Database Engine continues to be vulnerable to remote code execution bug after Microsoft released a patch in the October security updates rollout.
The flurry of security bugs Microsoft addressed with its latest rollout of updates includes a remote code execution vulnerability in Edge web browser. The glitch relies on abusing URI schemes and scripts in Windows that can run with user-defined parameters.
A critical vulnerability in software from a global vendor of video surveillance equipment puts at risk the security of video feeds from over 100 camera brands and more than 2,500 camera models.
The maintainers of Packagist, the PHP ecosystem's largest package repository, have fixed a critical vulnerability on their official website that could have allowed an attacker to hijack their service.
After last week a security researcher revealed a vulnerability in Apache Struts, a piece of very popular enterprise software, active exploitation attempts have started this week.
Valve developers have recently patched a severe security flaw that affected all versions of the Steam gaming client released in the past ten years.The vulnerability would have allowed an attacker to execute malicious code on any of Steam's 15 million gaming clients.