A new report out today from cybersecurity company Fortra LLC is warning of a vulnerability in all versions of Windows 10 and 11 that, if triggered, could cause system instability and a denial of ...

VEX helps public-sector security teams prioritize repairs by identifying which vulnerabilities affect their systems.

A critical vulnerability is affecting the NGINX UI, a widely used third-party web management tool for NGINX, the most popular web server. Unauthenticated attackers can download a full system backup ...

Root Evidence is taking a new approach to tackle the pervasive vulnerability patch management problem — and it all comes down to the math. Challenges exist because more and more vulnerabilities are ...

Security researchers from Qualys have disclosed nine vulnerabilities in the Linux kernel’s AppArmor module, collectively tracked as CrackArmor.

Qualys researchers expose ‘CrackArmor’ flaws that allow unprivileged users to escalate privileges to root, break container isolation, and crash systems, with no CVE identifiers yet assigned.

Proof-of-concept (PoC) exploits for the security flaw CVE-2023-4911, dubbed Looney Tunables, have already been developed, following last week's disclosure of the critical buffer overflow vulnerability ...

Cisco has released security updates to patch a ClamAV denial-of-service (DoS) vulnerability, which has proof-of-concept (PoC) exploit code. Tracked as CVE-2025-20128, the vulnerability is caused by a ...

A new vulnerability found in the Apache Struts 2 framework has received a critical severity rating from NIST’s national database. A new vulnerability in the Struts 2 web application framework can ...

Leading IT companies including Cisco Systems, Microsoft , and Symantec are promoting a rating system that will standardize the measurement of the severity of software vulnerabilities. A plan for the ...

While Claude already finds over 100 vulnerabilities in Firefox, OpenAI announces Codex Security, an AI vulnerability scanner.