eWeek

Buffer Overflows Patched in Cyrus Mail Server

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. The Carnegie Mellon University has released a new version ...
Threat Post

Siemens ICS Switches Hit With Buffer Overflow, Authentication Bugs

There are a number of serious vulnerabilities in the Siemens Ruggedcom WIN switches, including a remotely exploitable buffer overflow and a flaw that could allow an attacker to take actions on the ...
ZDNet

Android SDK suffers from buffer overflow and lack of hardening

A classic buffer overflow exploit has been discovered in the Android software development kit (SDK) that impacts all versions of the Android Debug Bridge on Linux x86_64. The exploit scenario involved ...
Ars Technica

Two big holes in Oracle (Remote access + buffer overflows in Apache mod)

http://www.nextgenss.com/advisories/oraplsbos.txt<P><BLOCKQUOTE><font size="-1">quote:</font><HR>There are multiple buffer overflows in the PL/SQL module for Oracle ...
CSOonline

CISA, FBI call software with buffer overflow issues ‘unforgivable’

The federal directive forbids vendors from shipping software with such flaws, and flags recent Microsoft, and Ivanti zero-days as examples. FBI and CISA have issued a joint advisory to warn software ...
Ars Technica

OpenSSL 3 patch, once Heartbleed-level “critical,” arrives as a lesser “high”

An OpenSSL vulnerability once signaled as the first critical-level patch since the Internet-reshaping Heartbleed bug has just been patched. It ultimately arrived as a “high” security fix for a buffer ...