Library

New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices

Mar 3, 2023 by iHash Leave a Comment

Mar 03, 2023Ravie LakshmananEnterprise Security / IoT A pair of serious security defects has been disclosed in the Trusted Platform Module (TPM) 2.0 reference library specification that could potentially lead to information disclosure or privilege escalation. One of the vulnerabilities, CVE-2023-1017, concerns an out-of-bounds write, while the other, CVE-2023-1018, is … [Read more...] about New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices

22-Year-Old Vulnerability Reported in Widely Used SQLite Database Library

Oct 25, 2022 by iHash Leave a Comment

A high-severity vulnerability has been disclosed in the SQLite database library, which was introduced as part of a code change dating all the way back to October 2000 and could enable attackers to crash or control programs. Tracked as CVE-2022-35737 (CVSS score: 7.5), the 22-year-old issue affects SQLite versions 1.0.12 through 3.39.1, and has been addressed in version 3.39.2 … [Read more...] about 22-Year-Old Vulnerability Reported in Widely Used SQLite Database Library

High-Severity RCE Vulnerability Reported in Popular Fastjson Library

Jun 16, 2022 by iHash Leave a Comment

Cybersecurity researchers have detailed a recently patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution. Tracked as CVE-2022-25845 (CVSS score: 8.1), the issue relates to a case of deserialization of untrusted data in a supported feature called "AutoType." It was patched by the project … [Read more...] about High-Severity RCE Vulnerability Reported in Popular Fastjson Library

Ripple20: 19 vulnerabilities in the TCP/IP library

Jun 19, 2020 by iHash Leave a Comment

Experts at Israeli company JSOF have discovered 19 zero-day vulnerabilities, some critical, affecting hundreds of millions of Internet of Things (IoT) devices. The worst part is that some devices will never receive updates. All of the vulnerabilities were found in the TCP/IP library of Treck Inc., which the company has been developing for more than two decades. The set of … [Read more...] about Ripple20: 19 vulnerabilities in the TCP/IP library

Zero-day RCE vulnerabilities in Windows Adobe Type Manager Library actively exploited

Jun 15, 2020 by iHash Leave a Comment

Updated on April 14. Microsoft has issued a warning about two new vulnerabilities in the Adobe Type Manager Library. Moreover, according to their information, some attackers are already exploiting them in targeted attacks. On April 14, Microsoft released security updates that address these vulnerabilities. What is Adobe Type Manager Library and how is it vulnerable There were … [Read more...] about Zero-day RCE vulnerabilities in Windows Adobe Type Manager Library actively exploited

Save Over 75% on SitePoint Premium Tech E-Learning Library

Aug 20, 2015 by iHash Leave a Comment

Upskill to Your Dream Job with 5,350+ Cutting-Edge Videos & eBooks on Coding, UX Design & More … [Read more...] about Save Over 75% on SitePoint Premium Tech E-Learning Library

Prism Drive Secure Cloud Storage: Lifetime Subscription (10TB) for $89

Mashvisor: Lifetime Subscription (Professional Plan) for $199

Beducated: Lifetime Subscription for $99

Amysen Wi-Fi Smart Plug (4-Pack) for $23

Refurbished Apple iPad 4 (2012) WiFi Black / 16GB / Grade A for $76