Hacker News with Generative AI: Software Vulnerabilities

U.S. Government Disclosed 39 Zero-Day Vulnerabilities in 2023, First-Ever Report (zetter-zeroday.com)
In a first-of-its-kind report, the US government has revealed that it disclosed 39 zero-day software vulnerabilities to vendors or the public in 2023 for the purpose of getting the vulnerabilities patched or mitigated, as opposed to retaining them to use in hacking operations.
Cybersecurity, Government, Software Vulnerabilities, Zero-Day Vulnerabilities
221 points by jc_811 15 days ago | 148 comments
Zizmor would have caught the Ultralytics workflow vulnerability (yossarian.net)
TL;DR: zizmor would have caught the vulnerability that caused this…mostly. Read on for details.
Security, Workflow, Software Vulnerabilities
81 points by campuscodi 75 days ago | 23 comments
CVE-2024-29510 – Exploiting Ghostscript using format strings (codeanlabs.com)
Security, Software Vulnerabilities, Programming, Exploits
41 points by ThomasRinsma 234 days ago | 9 comments
"90% of Java services have critical or security vulnerabilities" (vived.substack.com)
Java, Security, Software Vulnerabilities
12 points by mihau 301 days ago | 3 comments