Browsing Tag
zero-day
12 posts
Wormable RPC Vulnerability Among Several Fixed In April Patch Tuesday
APRIL 14, 2022 20:32 GMT Microsoft’s Patch Tuesday for April includes a notably high volume of critical fixes.…
Spring4Shell Zero-Day RCE Affects VMWare’s Java Application Framework
A zero-day RCE vulnerability (CVE-2022-22965) affecting VMWare's Spring Java Framework has had PoC exploit code prematurely released.
Log4j New Year Wrap-Up
One month into the Log4j vulnerability, we take a look at the 3 CVEs and their fixes, known exploits being observed in the wild, and a way forward in dealing with the ubiquitous and targeted Java library.
Log4j/Log4Shell Updates and Recommended Guidance
Updates and recommended guidance for identifying vulnerable servers and mitigating exploit attempts.
Apache Log4j Zero-Day Exposes Java Applications to RCE
A high-severity zero-day has been uncovered in Apache Log4j which could allow a log injection RCE exploit.
FORCEDENTRY zero-click exploit used on Apple iOS, MacOS, and WatchOS devices
Apple’s updates to its operating systems this week contain a patch for a serious vulnerability that allowed a…
Follow-up to PrintNightmare Vulnerability
One zero-day RCE vulnerability made public in July remains unpatched. Background CVE-2021-1675 in June began a series of vulnerabilities and…
New zero-day vulnerability in SolarWinds FTP products
July 12, 2021, SolarWinds disclosed that its Serv-U Managed File Transfer and Serv-U Secure FTP products are vulnerable to…
Dell issues update to fix multiple critical privilege escalation vulnerabilities
Dell has issued an advisory to patch five high-severity zero-day vulnerabilities that have gone undetected since 2009. The flaws, linked…
macOS 11.3 Update Patches Anti-Malware Bypass Zero-Day
Apple released a software update on Monday to patch a vulnerability that allows malware to bypass the built-in protections…