USN-5346-1: Linux kernel (OEM) vulnerability
It was discovered that the ICMPv6 implementation in the Linux kernel did not properly deallocate memory in certain situations. A remote attacker could possibly use...
ZDI-22-536: (0Day) Electronic Arts Origin Web Helper Service Link Following Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Electronic Arts Origin. An attacker must first obtain the ability to execute low-privileged...
ZDI-22-537: (0Day) Epic Games Launcher Link Following Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Epic Games Launcher. An attacker must first obtain the ability to...
ZDI-22-538: (0Day) Epic Games Launcher Link Following Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Epic Games Launcher. An attacker must first obtain the ability to...
Smashing Security podcast #267: Virtual kidnapping, two helipads, and a naughty Apple employee
A Russian bank tells its customers to stop installing security updates, an Apple employee ends up in hot water, and learn our tips to avoid...
DSA-5108 tiff – security update
Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service if malformed image files are...
DSA-5107 php-twig – security update
Marlon Starkloff discovered that twig, a template engine for PHP, did not correctly enforce sandboxing. This would allow a malicious user to execute arbitrary code....
Simplify your security with Forcepoint ONE
Graham Cluley Security News is sponsored this week by the folks at Forcepoint. Thanks to the great team there for their support! Remember the days...
USN-5345-1: Thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could...
CVE-2020-20096
Whatsapp iOS 2.19.80 and prior and Android 2.19.222 and prior user interface does not properly represent URI messages to the user, which results in URI...