Your search for vulnerabilities returned 1322 results.

You have probably heard by now that the root cause of most security vulnerabilities is in the software we run, and that these vulnerabilities are introduced into the software during the development process. That much has been well understood for several years. What hasn't been well understood is the solution to the problem. Red Hat has patched nine vulnerabilities in its Enterprise Linux 5 kernel that could cause denial of service and unauthorised system access if exploited by a malicious attacker the vendor announced on Monday. Oracle released patches for 45 flaws, 13 of which allow an attacker to exploit various Oracle products remotely without proper access credentials, in its latest round of quarterly Critical Patch Updates on Tuesday. Due to the interactive nature and required access to exploit, local privilege escalation vulnerabilities have traditionally been thought to have a minimal impact on the strategies enterprise IT departments incorporate to protect networks when compared to other code execution vulnerabilities. Apple patched 40 vulnerabilities in its latest security update for the Mac OS X. Mozilla's Firefox 3.0.2, released late Tuesday, corrects 12 vulnerabilities, seven that are deemed "critical." Security researchers should stop publishing vulnerabilities in the traditional way because cyber-criminals are using the code to generate zero-day exploits at record speeds, says a recent report. June 30 marks an important date for any company that takes online credit card payments. Microsoft fixed six vulnerabilities, three of them rated critical, with four patches in its May Patch Tuesday round this week. All were file-format vulnerabilities impacting client-side Windows machines rather than servers. Apple on Wednesday patched eight flaws in its QuickTime media player. Google has released an update for its Chrome browser that fixes confirmed security vulnerabilities. Surprise, surprise. Researchers have discovered vulnerabilities in Google's latest innovation, the Chrome browser. In its largest security update in 18 months, Microsoft on Tuesday delivered 11 patches to resolve 26 vulnerabilities in its operating system and related components. Sun Microsystems has issued fixes for a number of vulnerabilities in its Java offerings, while six flaws in Apple TV were patched. Three vulnerabilities in Cisco products are open to exploitation, warned the SANS Internet Storm Center. Application Security's DbProtect 2007 is a suite of enterprise database security products that helps organisations discover and manage database vulnerabilities. For the second time this year, a security researcher has found websites certified as McAfee HackerSafe that contain vulnerabilities. A Linux v Microsoft security debate at this year’s RSA Conference ended in a draw despite the two opposing experts failing to agree on a concurrent metrics system. Cisco has corrected five vulnerabilities in its Internetwork Operating System (IOS), used to manage its routers, with patches covering vulnerabilities that could be exploited to manipulate data, expose sensitive information and launch denial-of-service (DoS) attacks, according to Secunia. Microsoft released six patches covering 11 vulnerabilities on July's monthly Patch Tuesday, including "critical" fixes impacting Active Directory on Windows 2000 and 2003 Server and its .Net Framework products. In all, Microsoft rated eight of the 11 vulnerabilities as critical.