The Industrial Control System CERT released two advisories warning of serious vulnerabilities in Schneider Electric and Emerson industrial gear. Public exploits are available for one flaw. Industrial ...

The Morris worm of 1988 was one of those industry-shaking experiences that revealed how quickly a worm could spread using a vulnerability known as a buffer overflow or buffer overrun. Around 6,000 of ...

A recently fixed vulnerability in WhatsApp allowed attackers to spread spyware to mobile devices with just a phone call. The attackers exploited a vulnerability known as buffer overflow, a type of ...

The federal directive forbids vendors from shipping software with such flaws, and flags recent Microsoft, and Ivanti zero-days as examples. FBI and CISA have issued a joint advisory to warn software ...

Internet Security Systems Inc. has spotted what’s believed to be the first known buffer-overflow vulnerability associated with remote-access servers, which could allow a hacker to gain control of an ...

Bottom line: The US Cybersecurity and Infrastructure Security Agency is once again reminding IT manufacturers and developers that buffer overflow vulnerabilities must be eradicated from software. In ...

Curl maintainer calls the buffer overflow vulnerability one of the worst for the tool, but no exploits have been found. The developers of the curl open-source software application and library have ...

A malicious worm named Code Red that exploits a buffer overflow vulnerability in certain configurations of Microsoft Corp.’s Windows NT and Windows 2000 operating systems has spread rapidly over the ...

Adobe Systems on Wednesday said it has released a patch to stave off stack buffer overflow exploits in its free and widely used Adobe Reader software. The patch comes after security researcher Core ...

A likely China-nexus cyber-espionage group is actively exploiting a vulnerability in certain versions of Ivanti's Connect Secure, Policy Secure, and ZTA gateway products to drop two dangerous new ...