SIGRed – Microsoft Windows DNS Server RCE Vulnerability (CVE-2020-1350)
A critical and wormable 17 years-old vulnerability (CVE-2020-1350) has been discovered in Microsoft Windows DNS Servers which can allow an…
1 Comment
July 16, 2020
F5 BIG-IP Devices Under Active Exploitation (CVE-2020-5902)
F5 BIG-IP is a multi-purpose networking device manufactured by F5 Networks which can be configured to work as a traffic…
Comments Off on F5 BIG-IP Devices Under Active Exploitation (CVE-2020-5902)
July 7, 2020
SaltStack Salt Critical Vulnerabilities Under Active Exploitation
SaltStack Salt is a very popular open-source remote task and configuration management framework widely used in data centers and cloud…
Comments Off on SaltStack Salt Critical Vulnerabilities Under Active Exploitation
May 4, 2020
OpenBSD Authentication Bypass and Local Privilege Escalation Vulnerabilities
OpenBSD is a free and open-source Unix-like operating system based on the Berkeley Software Distribution (BSD). It is widely regarded…
Comments Off on OpenBSD Authentication Bypass and Local Privilege Escalation Vulnerabilities
December 6, 2019
ALERT: iTerm2 Critical Remote Code Execution Vulnerability
. iTerm 2 vulnerability is causing problems as it is one of the most popular macOS terminal emulators and is…
Comments Off on ALERT: iTerm2 Critical Remote Code Execution Vulnerability
October 11, 2019
Tens of Thousands of vBulletin Forums Wildly Being Exploited (CVE-2019-16759)
A critical remote code execution (RCE) vulnerability affecting one of the widely used internet forum software vBulletin vulnerabilities has been…
Comments Off on Tens of Thousands of vBulletin Forums Wildly Being Exploited (CVE-2019-16759)
September 27, 2019
ALERT: Squid Web Proxy Cache Server Remote Code Execution Vulnerability (CVE-2019-12527)
Squid is an open-source web caching and Internet proxy application which is widely used for speeding up the webserver and…
Comments Off on ALERT: Squid Web Proxy Cache Server Remote Code Execution Vulnerability (CVE-2019-12527)
August 27, 2019
ALERT: ProFTPD Server Arbitrary File Copy Vulnerability (CVE-2019-12815)
ProFTPd is an open-source, cross-platform FTP server and is one among the most popular FTP servers used in Unix-like environments.…
Comments Off on ALERT: ProFTPD Server Arbitrary File Copy Vulnerability (CVE-2019-12815)
July 24, 2019
ALERT: HAWKBALL Backdoor exploiting Microsoft Office Vulnerabilities
A campaign targeting government organizations in Central Asia was discovered delivering a backdoor named HAWKBALL Exploit. This backdoor can collect…
Comments Off on ALERT: HAWKBALL Backdoor exploiting Microsoft Office Vulnerabilities
June 24, 2019
ALERT: Another Deserialization RCE Vulnerability in Oracle WebLogic Server (CVE-2019-2729) Exploited in the Wild
image credit: blogs.oracle.com Oracle has released an out-of-band security update to address a critical oracle weblogic server deserialization RCE. A…
Comments Off on ALERT: Another Deserialization RCE Vulnerability in Oracle WebLogic Server (CVE-2019-2729) Exploited in the Wild
June 20, 2019