Windows Defender Vulnerability: Path Traversal
Executive Summary On April 9, 2024, CVE-2024-29053, a critical vulnerability affecting Microsoft Defender for IoT, a security solution designed for protecting internet-connected devices was found ...
Posts for category: Vulnerabilities Weekly Summaries
MacOS Vulnerability: Use After Free
Executive Summary On March 28, 2024, CVE-2023-42950, a critical vulnerability in macOS that affects Safari and potentially other WebKit-based browsers was rediscovered. This vulnerability allows ...
Splunk Vulnerabilities Discovered
Executive Summary Recently, two vulnerabilities affecting Splunk Enterprise were discovered. Splunk is a popular software platform for data ingestion, indexing, and analysis: CVE-2024-29946 and ...
Microsoft Edge Vulnerability: Information Disclosure
Executive Summary On February 23, 2024, Microsoft disclosed a vulnerability (CVE-2024-26192) affecting Microsoft Edge (Chromium-based). This vulnerability allows attackers to potentially disclose ...
Zoom Vulnerability: Escalation of Privileges
Executive Summary On February 8th, 2024, Zoom disclosed a critical vulnerability (CVE-2024-24691) affecting their Windows desktop client, VDI client, Rooms client, and Meeting SDK. This ...
Microsoft Exchange Vulnerability
Executive Summary Microsoft Exchange 2019 Cumulative Update 23 and earlier versions are vulnerable to a server-side request forgery (SSRF) attack and remote code execution. An authenticated attacker ...
#AttachMe Oracle Cloud Vulnerability
Executive Summary On September 20, Wiz security researcher Elad Gabay publicly disclosed the security flaw, found in June of 2022 following an examination of Oracle Cloud Infrastructure (OCI). ...
Zero-Day Vulnerability in WordPress Plugin
Executive Summary On September 8, 2022 a threat intelligence team for the company WordFence became aware of a zero-day vulnerability that exists within WordPress [1]. WordPress is a popular ...
Apple IO Mobile Frame Buffer Vulnerability
(By Frank Wood on October 22, 2021) Executive Summary One of the leading competitors in the mobile device industry, Apple is no stranger to zero-day vulnerabilities and releases updates to ...
(By: Frank Wood on October 7, 2021) Executive Summary Honeywell products are widely adopted globally in various applications within the energy and manufacturing industries. More ...