Mayhem Blog

CVE-2020-10029 Vulnerabilities in the glibc functions cosl, sinl, sincosl, and tanl are due to an underlying common function. They ar fixed in glibc 2.32.

In a TechRepublic Whiteboard video, host Bill Detwiler speaks to Dr. David Brumley, Carnegie Mellon University professor and CEO of ForAllSecure, about the ways organizations can benefit by using DevSecOps.

In 2014, two independent teams used fuzz testing to discover the Heartbleed vulnerability which affected systems providing banking, online retail, and other secure transactions.

Last month Guido Vranken hosted a successful Reddit AMA , sharing insight on his experience as a professional vulnerability researcher.

Mel Llaguno raises six challenges to Static Application Security Testing (SAST) analysis, raising questions on the efficacy of SAST for organizations focused on immediate benefits.

Learn about the quality assurance technique that uncovers coding errors and security loopholes during software vulnerability testing and assurance processes.

Fuzz testing is an effective technique for uncovering serious defects in software. From the Heartbleed vulnerability in 2014 to the infamous Jeep Cherokee hacking in 2015, fuzz testing is the technique that has made many high-profile discoveries possible. Consistently, fuzzing is proven to be a powerful tool for ensuring the ...

ForAllSecure researcher, Guido Vranken, uncovers critical memory issue in cereal, a common component within automotive software.

ForAllSecure Engineer, Tyler Nighswander, uncovers vulnerabilities in two popular cryptographic libraries, MatrixSSL and WolfSSL, utilizing Mayhem, a next-generation fuzzer.