According to an advisory released yesterday, Samba software released in the last seven years is vulnerable to a remote code execution vulnerability that allows an attacker to upload and execute code on the user's machine. Depending on the attacker's skill, he can easily take over vulnerable devices.
A vulnerability in how video players load and parse subtitle files allows an attacker to execute code on a target's PC and effectively take over the device.
Yahoo's engineering staff have retired the ImageMagick library from active duty after a security researcher found a bug that would have allowed an attacker to expose server memory, which, due to the library's nature, leaked image data from users' inboxes.
Security researchers from SEC Consult have found eight vulnerabilities in the firmware of Western Digital TV Media Player that allow hackers a multitude of ways to hack and take over the device.
Argentinian security researcher Manuel Caballero has discovered another vulnerability in Microsoft's Edge browser that can be exploited to bypass a security protection feature and steal data such as passwords from other sites, or cookie files that contain sensitive information.
In an emergency out-of-band update released late last night, Microsoft fixed a vulnerability in the Microsoft Malware Protection Engine discovered by two Google security experts over the weekend, and which the two described as "crazy bad" and "the worst Windows remote code exec in recent memory."
Two Google security experts have found a severe remote code execution (RCE) bug in the Windows OS, which they've described as "crazy bad."
A severe security flaw in the implementation of the SNMP protocol allows an attacker to take over at least 58 cable modem models, according to a team of researchers.
Security researchers from Neseso are sounding the alarm on a vulnerability they've discovered in Samsung smart TVs that Samsung declined to fix.
A vulnerability in the Microsoft Edge browser can be exploited and allow an attacker to obtain a user's password and cookie files for various online accounts.
One of the vulnerabilities used to spread the Stuxnet virus was 2016's most popular exploit, according to telemetry data gathered by Russia cyber-security firm Kaspersky Labs.
Vulnerabilities found in Bosch Drivelog Connect car dongles allow an attacker to bypass authentication on the device and issue commands to cars, stopping their engines.