Morning Overview on MSN
An 18-year-old heap buffer overflow in NGINX gives attackers remote code execution — billions of devices run the affected module
A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated attacker full remote code execution on the underlying server. The vulnerability, ...
A stack-based buffer overflow vulnerability in HP VoIP phones allows remote attackers to execute arbitrary code with root ...
Morning Overview on MSN
An 18-year-old flaw in NGINX just gave attackers remote code execution on millions of web servers — nobody noticed for two decades
For roughly 18 years, a chunk of code inside one of the internet’s most popular web servers quietly carried a critical security flaw. Nobody caught it. Not the open-source contributors who maintained ...
A buffer overflow or overrun is a memory safety issue where a program does not properly check the boundaries of an allocated fixed-length memory buffer and writes more data than it can hold. This ...
Researchers at IBM disclosed a serious buffer overflow vulnerability in Android 4.3 and earlier that could lead to code execution. The bug is patched in KitKat, but most users are on older versions. A ...
Developers at PHP recently patched a bug that can lead to a heap-based buffer overflow. UPDATE Developers at PHP recently pushed out a series of patches to fix a handful of vulnerabilities, including ...
Security researchers Vladimir Kiriansky and Carl Waldspurger have uncovered two buffer-overflow derivatives of the Spectre microprocessor bug. In a paper describing the flaws – dubbed Spectre 1.1 and ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results