Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Careers and People

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

To InformationWeek

Network Computing Dark Reading

Advertise

Author

Profile of Chris Eng

Chief Research Officer, Veracode

News & Commentary Posts: 4

Chris Eng is Chief Research Officer at Veracode. Throughout his career, he has led projects breaking, building, and defending software for some of the world's largest companies. He is an unabashed supporter of the Oxford comma and hates it when you use the word "ask" as a noun.

Articles by Chris Eng

View Content By Month

Why Vulnerable Code Is Shipped Knowingly

11/30/2020
The business priority of speed of development and deployment is overshadowing the need for secure code.
Post a Comment

Not Every Security Flaw Is Created Equal

11/1/2018
You need smart prioritization to close the riskiest vulnerabilities. Effective DevSecOps leads the way, according to a new study.
Post a Comment

OWASP Top 10 Update: Is It Helping to Create More Secure Applications?

4/27/2017
What has not been updated in the new Top 10 list is almost more significant than what has.
Post a Comment

Finding and Fixing Application Security Vulnerabilities

9/22/2014
Speaker: Chris Eng, VP Research, Veracode

Customer databases, ERP, Big Data – the keys to your enterprise’s kingdom lie in its applications. But application security is often overlooked, both by software makers and by internal development teams. What steps can your organization take to find and repair application vulnerabilities – before your attackers discover them? A top app security expert discusses key practices for scanning and securing applications.

Submit your questions to [email protected] with the title of the session in the subject line to engage with our presenters.

Editors' Choice

FluBot Malware's Rapid Spread May Soon Hit US Phones

Kelly Sheridan, Staff Editor, Dark Reading, 4/28/2021

7 Modern-Day Cybersecurity Realities

Steve Zurier, Contributing Writer, 4/30/2021

How to Secure Employees' Home Wi-Fi Networks

Bert Kashyap, CEO and Co-Founder at SecureW2, 4/28/2021

Dark Reading June 24 Virtual Event a free, all-day online conference. LEARN MORE

Finding & Stopping Enterprise Data Breaches - June 24 - Dark Reading Virtual Event

More Informa Tech Live Events

White Papers

Hidden Costs of Endpoint Security

The Definitive Buyer's Guide for Managed Threat Detection and Response Services

Tech Insights: Detecting and Preventing Insider Data Leaks

Managed Threat Detection and Response

The InformationWeek 2021 State of ITOps and SecOps Report

More White Papers

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: Earthling...PLEASE help me! The wormhole is about to close and I do not understand... - At least 8 characters—the more characters, the ...

Cartoon Archive

Current Issue

2021 Top Enterprise IT Trends

We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

Battle for the Endpoint

Battle for the Endpoint

How to build a new cyber strategy for 2021 and beyond.

How Enterprises are Developing Secure Applications

Assessing Cybersecurity Risk in Today's Enterprises

The Malware Threat Landscape

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2021-31755
PUBLISHED: 2021-05-07

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.

CVE-2021-31756
PUBLISHED: 2021-05-07

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...

CVE-2021-31757
PUBLISHED: 2021-05-07

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.

CVE-2021-31758
PUBLISHED: 2021-05-07

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.

CVE-2021-31458
PUBLISHED: 2021-05-07

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]