Synology NAS Zero-Day Vulnerability
Executive Summary On November 1, 2024, it was publicly disclosed that Synology’s NAS devices contained a critical vulnerability which was easily exploitable. The Critical Zero-Click ...
Synology NAS Zero-Day Vulnerability
Executive Summary On November 1, 2024, it was publicly disclosed that Synology’s NAS devices contained a critical vulnerability which was easily exploitable. The Critical Zero-Click ...
Continued Exploit of SonicWall Vulnerability in Ransomware Attacks
Executive Summary On August 21, 2024, SonicWall disclosed in a security advisory a vulnerability relating to its SonicOS management access and SSLVPN services, providing threat actors with ...
VMware Heap Overflow Vulnerability
Executive Summary On October 21, 2024, VMware released an updated security advisory revealing that a vulnerability previously disclosed in September 2024, was not completely addressed as initially ...
Kubernetes Image Builder Vulnerability
Executive Summary On October 15, 2024, it was disclosed by NIST that the software application, Kubernetes, had a critical vulnerability (CVE-2024-9486) in relation to its Image Builder ...
Microsoft Management Console Remote Code Execution Vulnerability
Executive Summary On October 7, 2024, Microsoft released a security patch relating to the zero-day Microsoft Management Console Remote Code Execution (RCE) Vulnerability, CVE-2024-43572, on its ...
NVIDIA Container Toolkit Vulnerability
Executive Summary On September 25, 2024, NVIDIA released a disclosure of a vulnerability relating to its Container Toolkit (CVE-2024-0132) which had been discovered by Wiz Research. This ...
Windows Defender Vulnerability: Path Traversal
Executive Summary On April 9, 2024, CVE-2024-29053, a critical vulnerability affecting Microsoft Defender for IoT, a security solution designed for protecting internet-connected devices was found ...
MacOS Vulnerability: Use After Free
Executive Summary On March 28, 2024, CVE-2023-42950, a critical vulnerability in macOS that affects Safari and potentially other WebKit-based browsers was rediscovered. This vulnerability allows ...
Splunk Vulnerabilities Discovered
Executive Summary Recently, two vulnerabilities affecting Splunk Enterprise were discovered. Splunk is a popular software platform for data ingestion, indexing, and analysis: CVE-2024-29946 and ...
Microsoft Edge Vulnerability: Information Disclosure
Executive Summary On February 23, 2024, Microsoft disclosed a vulnerability (CVE-2024-26192) affecting Microsoft Edge (Chromium-based). This vulnerability allows attackers to potentially disclose ...