Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell Wyse ThinLinux HAgent versions prior to 5.4.55 00.10 contain a buffer overflow vulnerability. An unauthenticated attacker may potentially exploit …
CVE-2018-11783 (traffic_server)
sslheaders plugin extracts information from the client certificate and sets headers in the request based on the configuration of the plugin. The plugin doesn’t strip the headers from the request …
Android Security Improvement update: Helping developers harden their apps, one thwarted vulnerability at a time
Posted by Patrick Mutchler and Meghan Kelly, Android Security & Privacy Team [Cross-posted from the Android Developers Blog] Helping Android app developers build secure apps, free of known vulnerabilities, means …
CVE-2019-1674 (webex_meetings, webex_meetings_online, webex_productivity_tools)
A vulnerability in the update service of Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools for Windows could allow an authenticated, local attacker to execute arbitrary commands as …
Google Play Protect in 2018: New updates to keep Android users secure
Posted by Rahul Mishra and Tom Watkins, Android Security & Privacy Team [Cross-posted from the Android Developers Blog] In 2018, Google Play Protect made Android devices running Google Play some …