Researcher Paulos Yibelo said that Dashlane elected not to patch a vulnerability he disclosed more than a year ago in all versions of the password manager application.
Cisco patched three vulnerabilities in three products this week that if exploited, could have resulted in a denial of service, crash and in some instances, arbitrary and remote code execution.
Router manufacturer TP-Link recently fixed a vulnerability in a discontinued line of routers that if exploited could have been used to execute code on the device.
Apple fixed 66 vulnerabilities – many found at March’s Pwn2Own competition – across seven product lines, including Safari, iTunes, macOS, and iOS, on Monday.
Existing mitigations and limitations around a newly disclosed Linux kernel vulnerability in the DCCP module mute the potential impact of local attacks.
A local, race condition vulnerability in the af_packet implementation in Linux was patched this week. The bug allows a local attacker to execute code or crash a server.