Browsing Tag
zero-day
12 posts
Wormable RPC Vulnerability Among Several Fixed In April Patch Tuesday
APRIL 14, 2022 20:32 GMT Microsoft’s Patch Tuesday for April includes a notably high volume of critical fixes.…
April 14, 2022 18:31 GMT
Spring4Shell Zero-Day RCE Affects VMWare’s Java Application Framework
A zero-day RCE vulnerability (CVE-2022-22965) affecting VMWare's Spring Java Framework has had PoC exploit code prematurely released.
March 31, 2022 23:27 GMT
Log4j New Year Wrap-Up
One month into the Log4j vulnerability, we take a look at the 3 CVEs and their fixes, known exploits being observed in the wild, and a way forward in dealing with the ubiquitous and targeted Java library.
January 7, 2022 01:15 GMT
Log4j/Log4Shell Updates and Recommended Guidance
Updates and recommended guidance for identifying vulnerable servers and mitigating exploit attempts.
December 13, 2021 20:18 GMT
Apache Log4j Zero-Day Exposes Java Applications to RCE
A high-severity zero-day has been uncovered in Apache Log4j which could allow a log injection RCE exploit.
December 10, 2021 18:45 GMT
FORCEDENTRY zero-click exploit used on Apple iOS, MacOS, and WatchOS devices
Apple’s updates to its operating systems this week contain a patch for a serious vulnerability that allowed a…
September 15, 2021 16:04 GMT
Follow-up to PrintNightmare Vulnerability
One zero-day RCE vulnerability made public in July remains unpatched. Background CVE-2021-1675 in June began a series of vulnerabilities and…
August 19, 2021 21:55 GMT
New zero-day vulnerability in SolarWinds FTP products
July 12, 2021, SolarWinds disclosed that its Serv-U Managed File Transfer and Serv-U Secure FTP products are vulnerable to…
July 14, 2021 21:40 GMT
Dell issues update to fix multiple critical privilege escalation vulnerabilities
Dell has issued an advisory to patch five high-severity zero-day vulnerabilities that have gone undetected since 2009. The flaws, linked…
May 7, 2021 22:41 GMT
macOS 11.3 Update Patches Anti-Malware Bypass Zero-Day
Apple released a software update on Monday to patch a vulnerability that allows malware to bypass the built-in protections…
April 28, 2021 18:45 GMT