News

A serious vulnerability in Apache Commons, a library that contains a widely used set of Java components maintained by the Apache Software Foundation, puts thousands of Java applications and servers at risk of remote code execution attacks.

A critical vulnerability that can be exploited remotely without authentication has been discovered in Drupal 7.

A major flaw, dubbed POODLE, has been discovered by Google in the design of SSL version 3.0.

A remotely exploitable flaw has been discovered in GNU Bash that allows code execution through specially-crafted environment variables.

A critical information disclosure flaw dubbed "Heartbleed" has been discovered in the OpenSSL library.