Your search for flaw returned 641 results.

A vulnerability discovered in SCADA could grant a remote attacker control over critical infrastructure, researchers said on Wednesday.
A just discovered vulnerability in Microsoft's FTP client can allow a malicious user to crash the application via a malware-laced social engineering attack. A flaw in WordPress 2.x rated "highly critical" was posted today. An advisory group contends that the scramble over Dan Kaminsky's DNS flaw discovery proves that full disclosure is simply not feasible. An error in the way in which the Firefox and Opera browsers handle image files could allow an attacker to export a user's web history or crash the Firefox browser, a Polish researcher and US-CERT have warned. Microsoft is warning of a new vulnerability in Windows that could permit privilege escalation. Users are being urged to update their copies of Mozilla's Thunderbird and SeaMonkey email applications after the disclosure of a serious security flaw.. One in four public-facing domain name system (DNS) servers on the internet are still vulnerable to the Kaminsky flaw, according to the fourth annual survey of DNS servers by network services vendor Infoblox. Researchers have developed a browser security system that protects against the recently-revealed DNS vulnerability and other Man-in-the-Middle (MitM) attacks. A little-known cybersecurity intelligence organisation is offering US$20,000 to researchers who can provide exploitable vulnerabilities in Windows or a Windows Diffuse Application. Users who remain vulnerable to an ActiveX photo uploader vulnerability used on many websites are now being targeted in active attacks, researchers from Symantec said today. A security researcher has posted code for an exploit targeting a component of Microsoft Office.. BlackBerry has fixed a PDF distiller vulnerability in the BlackBerry Attachment Service, which runs on the BlackBerry Enterprise Server. US-CERT has warned that exploit code is publicly available for a vulnerability that affects the Microsoft Works 6 file converter -- which could permit attackers to take control of an affected system. Researchers have spotted two active attacks and a new proof-of-concept (PoC) exploit that take advantage of a still unpatched vulnerability in Apple QuickTime. The battle between Democratic presidential hopefuls Barack Obama and Hillary Rodham Clinton extended to cyberspace when a prankster over the weekend exploited a cross-site scripting (XSS) vulnerability on the website of the Illinois senator to redirect traffic to Clinton's homepage. Apple on Wednesday released a new version of its QuickTime media player, patching a flaw in the application on both Windows and Mac OS X operating systems. Apple has released a new version of its popular QuickTime application to close three holes, one of which is a particularly dangerous flaw that was being actively exploited to install malicious code on victims' machines. Security experts have warned of a new vulnerability in Microsoft's Internet Explorer 6. Security experts are warning users to be vigilant after the disclosure of a new security vulnerability in RealPlayer..