SecurityWeek

High-Severity Remote Code Execution Vulnerability Patched in OpenSSL

OpenSSL updates released on Tuesday patch a dozen vulnerabilities, including a high-severity remote code execution flaw.
Bleeping Computer

Ivanti Avalanche impacted by critical pre-auth stack buffer overflows

Two stack-based buffer overflows collectively tracked as CVE-2023-32560 impact Ivanti Avalanche, an enterprise mobility management (EMM) solution designed to manage, monitor, and secure a wide range ...
ZDNet

NetUSB flaw leaves 'millions' of routers, IoT devices vulnerable to hacking

Potentially millions of routers and Internet-of-Things devices have been placed at risk of hijacking due to a stack buffer overflow security flaw. According to researcher Stefan Viehbock from SEC ...
Network World

Google discloses serious Linux stack-buffer overflow bug in widely used C library

A Google security engineer studying an SSH connection to a host unexpectedly discovered a deeper, darker secret in the GNU C Library (glibc). Google later proved that a bug in this library could be ...
Ars Technica

Serious flaw that lurked in sudo for 9 years hands over root privileges

Sudo, a utility found in dozens of Unix-like operating systems, has received a patch for a potentially serious bug that allows unprivileged users to easily obtain unfettered root privileges on ...
Threat Post

Patched Code Execution Bug Affects Most Android Users

Researchers at IBM disclosed a serious buffer overflow vulnerability in Android 4.3 and earlier that could lead to code execution. The bug is patched in KitKat, but most users are on older versions. A ...
CNET

Haxie-based fix for QuickTime buffer overflow vulnerability

Developer Landon Fuller has created a a runtime fix for the stack buffer overflow in the QuickTime Streaming component reported yesterday. This flaw could theoretically lead to malicious code ...