Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

An unpatched vulnerability in ChromaDB could be exploited without authentication for remote code execution and server ...

They're serious. Notices about arbitrary code execution (ACE) vulnerabilities appear just about every week in alerts from US-CERT — the United States Computer Emergency Readiness Team, a part of the ...

A new vulnerability has been discovered in the R programming language that allows arbitrary code execution upon deserializing specially crafted RDS and RDX files. R is an open-source programming ...

Fortinet has released security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could ...

A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated ...

For roughly 18 years, a chunk of code inside one of the internet’s most popular web servers quietly carried a critical ...

Barracuda Networks Inc. has patched a vulnerability in its Email Security Gateway appliances that was found to be being exploited by an alleged Chinese hacking group. Tracked as CVE-2023-7102, the ...

A critical vulnerability in Gemini CLI led to remote code execution and supply chain attacks via indirect prompt injections.

Critical SEPPmail vulnerabilities expose email gateways to remote code execution and unauthorized mail access attacks.