Five vulnerabilities exist in Siemens RUGGEDCOM gear; the vendor has made a number of workarounds available, but it’s unknown whether patches will be made available.

Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses.

Open source webmail provider Roundcube was patched against a vulnerability that could be trivially exploited to run code on servers or access email accounts.

The libarchive programming library was recently patched against three critical memory-related vulnerabilities that could be abused to execute code on computers running the vulnerable software. As is the case with most open source software packages, patching the core library is only half the battle; admins must now ensure that third-party software running the library is...