16 matches found
We Made Luigi Mangione’s 3D-Printed Gun—and Fired It
In the wake of Luigi Mangione’s alleged killing of a health care CEO with a partially 3D-printed pistol, we built and tested the exact same model of weapon ourselves. And it was entirely legal...
NSA Chief Ousted Amid Trump Loyalty Firing Spree
Plus: Another DOGE operative allegedly has a history in the hacking world, and Donald Trump’s national security adviser apparently had way more Signal chats than previously known...
SUSE CVE-2015-1299
Use-after-free vulnerability in the shared-timer implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging erroneous timer firing, related to ThreadTimers.cpp and Timer.cpp...
Firing Christopher Krebs Crosses a Line—Even for Trump
The president dismissed the widely respected cybersecurity agency director Tuesday night for pushing back against election disinformation...
kernel: Integer overflow in the alarm_timer_nsleep function
A flaw was found in the alarmtimernsleep function in kernel/time/alarmtimer.c in the Linux kernel. The ktimeaddsafe function is not used and an integer overflow can happen causing an alarm not to fire or possibly a denial-of-service if using a large relative timeout...
CVE-2017-5387
CVE-2017-5387 affects Mozilla Firefox (pre-51). Root cause: local-file existence can be inferred via double firing of onerror when a TRACK tag references a non-existent source loaded locally. Impact: disclosure of local file existence; no explicit exploitation details provided in the sources. Aff...
CVE-2017-5387
The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "" tag refers to a file that does not exist if the source page is loaded locally. This vulnerability affects Firefox 51...
Mozilla: Use-after-free working with events in FontFace objects (MFSA 2017-06)
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-976)
This update for java-170-openjdk fixes the following issues : - Update to 2.6.7 - OpenJDK 7u111 - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection...
CVE-2015-1299
Use-after-free vulnerability in the shared-timer implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging erroneous timer firing, related to ThreadTimers.cpp and Timer.cpp...
CVE-2015-1299
Removed by vendor...
chromium-browser: Use-after-free in Blink
Use-after-free vulnerability in the shared-timer implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging erroneous timer firing, related to ThreadTimers.cpp and Timer.cpp...
UBUNTU-CVE-2015-1299
Use-after-free vulnerability in the shared-timer implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging erroneous timer firing, related to ThreadTimers.cpp and Timer.cpp...
Firing Range — Open Source Web App Vulnerability Scanning Tool From Google
Google on Tuesday launched a Security testing tool "Firing Range", which aimed at improving the efficiency of automated Web application security scanners by evaluating them with a wide range of cross-site scripting XSS and a few other web vulnerabilities seen in the wild. Firing Range basically...
Google Releases Open Source XSS Web App Scanner
UPDATE: A previous version of this story incorrectly reported that Firing Range is a scanner when in reality Firing Range is a tool that tests Web application security scanners. Google today released to open source tool called Firing Range, which is designed as a test bed for Web application...
Former Penn CSO Dishes on His Firing
Former State of Pennsylvania CISO Robert Maley has been watching all the news about his firing for talking about a security incident without permission at last month’s RSA conference. He began a talk on application security at CSO Perspectives 2010 by going off topic and addressing the controvers...