.NET 5.0 Update

.NET 5.0 Update .NET 5.0 has been refreshed with the latest update as of August 10, 2021. This update contains reliability and other non-security fixes. See the release notes for details on updated packages. .NET 5.0 servicing updates are upgrades. The latest servicing update for 5.0 will remove...

Rockstar Games: Stored XSS on support.rockstargames.com

In this report, the researcher demonstrated an AngularJS injection that allowed them to leave Stored XSS attacks on Support Community threads. We were able to resolve this issue and others by updating the version of AngularJS we run on the Support site...

Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack

The Atmel AT91SAM7XC series of microprocessors contain a crypto co-processor which is DES and AES capable. They include a write-only memory for key storage and multiple physical security measures to prevent decapping etc. However, due to poor memory management, in certain circumstances it is...

PivotX -- administrator password reset vulnerability

US CERT reports: PivotX contains a vulnerability that allows an attacker to change the password of any account just by guessing the username. Version 2.2.4 has been reported to not be affected. This vulnerability is being exploited in the wild and users should immediately upgrade to 2.2.5 or late...