SecurityWeek

High-Severity Remote Code Execution Vulnerability Patched in OpenSSL

OpenSSL updates released on Tuesday patch a dozen vulnerabilities, including a high-severity remote code execution flaw.
Bleeping Computer

Ivanti Avalanche impacted by critical pre-auth stack buffer overflows

Two stack-based buffer overflows collectively tracked as CVE-2023-32560 impact Ivanti Avalanche, an enterprise mobility management (EMM) solution designed to manage, monitor, and secure a wide range ...
Threat Post

New Spectre-Level Flaw Targets Return Stack Buffer

The most recent Spectre-class flaw targets a component in CPUs called the return stack buffer. Researchers have discovered yet another speculative execution side-channel flaw enabling attackers to ...
ZDNet

SpectreRSB: New attack targets CPU return stack buffers

A team of security experts from the University of California, Riverside (UCR), disclosed the new attack last week in a paper published on Arxiv (.PDF), documenting their findings on the new exploit ...
Bleeping Computer

How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11

Kernel-mode Hardware-enforced Stack Protection is a security feature introduced in Windows 11 22H2 that protects systems from various memory attacks, such as stack buffer overflows. Microsoft added ...
Threat Post

Honeywell PoS Software Vulnerable to Stack Buffer Overflows

There are stack buffer overflows in two components of a Honeywell point-of-sale software package that can allow attackers to run arbitrary code on vulnerable systems. The vulnerabilities lie in the ...