Slándáil Research:
Feeds
Feeds
Search
Search Engine
Feed: Cisco Talos - Vulnerabilities
Link
Threat Advisory: Microsoft warns of actively exploited vulnerabilities in Exchange Server
Vulnerability Spotlight: Vulnerabilities in WWBN AVideo web app could lead to command injection, authentication bypass
Vulnerability Spotlight: Three vulnerabilities in HDF5 file format could lead to remote code execution
Microsoft Patch Tuesday for August 2022 — Snort rules and prominent vulnerabilities
Vulnerability Spotlight: Vulnerabilities in Alyac antivirus program could stop virus scanning, cause code execution
Vulnerability Spotlight: How misusing properly serialized data opened TCL LinkHub Mesh Wi-Fi system to 17 vulnerabilities
Vulnerability Spotlight: How a code re-use issue led to vulnerabilities across multiple products
Vulnerability Spotlight: Issue in Accusoft ImageGear could lead to memory corruption, code execution
Vulnerability Spotlight: Use-after-free condition in Google Chrome WebGPU
Vulnerability Spotlight: Adobe Acrobat DC use-after-free issues could lead to arbitrary code execution
Vulnerability Spotlight: Adobe Acrobat DC use-after-free issue could lead to arbitrary code execution
Vulnerability Spotlight: Command injection vulnerabilities in Robustel cellular router
Avos ransomware group expands with new attack arsenal
Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, authentication bypass
Microsoft Patch Tuesday for June 2022 — Snort rules and prominent vulnerabilities
Threat Advisory: Zero-day vulnerability in Microsoft diagnostic tool MSDT could lead to code execution
Threat Advisory: Atlassian Confluence zero-day vulnerability under active exploitation
Threat Roundup for May 27 to June 3
Threat Roundup for May 20 to May 27
Vulnerability Spotlight: Vulnerabilities in Open Automation Software Platform could lead to information disclosure, denial of service
Threat Roundup for May 13 to May 20
Vulnerability Spotlight: Multiple memory corruption vulnerabilities in NVIDIA GPU driver
Threat Roundup for May 6 to May 13
Vulnerability Spotlight: How an attacker could chain several vulnerabilities in an industrial wireless router to gain root access
Microsoft Patch Tuesday for May 2022 — Snort rules and prominent vulnerabilities
Threat Advisory: Critical F5 BIG-IP Vulnerability
Vulnerability Spotlight: Vulnerability in Alyac antivirus program could stop virus scanning, cause denial of service
Threat Roundup for April 29 to May 6
Vulnerability Spotlight: Two vulnerabilities in Accusoft ImageGear could lead to DoS, arbitrary free
Threat Roundup for April 22 to April 29
Threat Roundup for April 15 to April 22
Threat Roundup for April 8 to April 15
Microsoft Patch Tuesday includes most vulnerabilities since Sept. 2020
Threat Roundup for April 1 to April 8
Threat Roundup for March 25 to April 1
Threat Advisory: Spring4Shell
Threat Roundup for March 18 to March 25
Vulnerability Spotlight: Heap overflow in Sound Exchange libsox library
Threat Roundup for March 11 to March 18
Threat Roundup for March 4 to March 11
Microsoft Patch Tuesday for March 2022 — Snort rules and prominent vulnerabilities
Deep dive: Vulnerabilities in ZTE router could lead to complete attacker control of the device
Threat Roundup for February 25 to March 4
Vulnerability Spotlight: Vulnerabilities in Lansweeper could lead to JavaScript, SQL injections
Vulnerability Spotlight: Vulnerabilities in Gerbv could lead to code execution, information disclosure
Threat Roundup for February 18 to February 25
Vulnerability Spotlight: Buffer overflow vulnerabilities in Accusoft ImageGear could lead to code execution
Threat Roundup for February 11 to February 18
Vulnerability Spotlight: Vulnerability in Hancom Office could lead to memory corruption, code execution
Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login
Threat Roundup for February 4 to February 11
Microsoft Patch Tuesday for Feb. 2022 — Snort rules and prominent vulnerabilities
Vulnerability Spotlight: Use-after-free in Google Chrome could lead to code execution
Threat Roundup for January 28 to February 4
Vulnerability Spotlight: Multiple vulnerabilities in Sealevel SeaConnect
Vulnerability Spotlight: Memory corruption and use-after-free vulnerabilities in Foxit PDF Reader
Threat Roundup for January 21 to January 28
Vulnerability Spotlight: WiFi-connected security camera could be manipulated to spy on communications, among other malicious actions
Vulnerability Spotlight: Vulnerability in Apple iOS, iPad OS and MacOS could lead to disclosure of sensitive memory data
Threat Roundup for January 14 to January 21
Threat Roundup for January 7 to January 14
Vulnerability Spotlight: Two vulnerabilities in Adobe Acrobat DC could lead to arbitrary code execution
Vulnerability Spotlight: Heap buffer overflow condition in Google Chrome could lead to code execution
Vulnerability Spotlight: Buffer overflow vulnerability in AnyCubic Chitubox plugin
Threat Roundup for December 31 to January 7
Vulnerability Spotlight: Vulnerabilities in DaVinci Resolve video editing software could lead to code execution
Vulnerability Spotlight: Vulnerabilities in metal detector peripheral could allow attackers to manipulate security devices
Threat Roundup for December 3 to December 10
Threat Advisory: Critical Apache Log4j vulnerability being exploited in the wild
Threat Roundup for November 26 to December 3
Vulnerability Spotlight: Use-after-free condition in Google Chrome could lead to code execution
An Azure Sphere kernel exploit — or how I learned to stop worrying and love the IoT
Attackers exploiting zero-day vulnerability in Windows Installer — Here’s what you need to know and Talos’ coverage
A review of Azure Sphere vulnerabilities: Unsigned code execs, kernel bugs, escalation chains and firmware downgrades
Vulnerability Spotlight: PHP deserialize vulnerability in CloudLinux Imunity360 could lead to arbitrary code execution
Threat Roundup for November 12 to November 19
Vulnerability Spotlight: Use-after-free vulnerability in Google Chrome could lead to code execution
Vulnerability Spotlight: Multiple code execution vulnerabilities in LibreCAD
Vulnerability Spotlight: User-after-free vulnerability in Google Chrome could lead to code execution
Vulnerability Spotlight: Vulnerabilities in Lantronix PremierWave 2050 could lead to code execution, file deletion
Threat Roundup for November 5 to November 12
Microsoft Patch Tuesday for Nov. 2021 — Snort rules and prominent vulnerabilities
Cisco Talos finds 10 vulnerabilities in Azure Sphere’s Linux kernel, Security Monitor and Pluton
Threat Roundup for October 29 to November 5
Microsoft Exchange vulnerabilities exploited once again for ransomware, this time with Babuk
Threat Roundup for October 22 to October 29
Threat Roundup for October 15 to October 22
Vulnerability Spotlight: Multiple vulnerabilities in ZTE MF971R LTE router
Threat Roundup for October 8 to October 15
Vulnerability Spotlight: Code execution vulnerabilities in Nitro Pro PDF
Vulnerability Spotlight: Use-after-free vulnerability in Microsoft Excel could lead to code execution
Microsoft Patch Tuesday for Oct. 2021 — Snort rules and prominent vulnerabilities
Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, buffer overflows
Threat Roundup for October 1 to October 8
Threat Roundup for September 24 to October 1
Threat Roundup for September 17 to September 24
Vulnerability Spotlight: Information disclosure vulnerability in D-LINK DIR-3040 mesh router
Threat Roundup for September 10 to September 17
Microsoft Patch Tuesday for Sept. 2021 — Snort rules and prominent vulnerabilities
Vulnerability Spotlight: Code execution vulnerability in Nitro Pro PDF
Threat Roundup for September 3 to September 10
Vulnerability Spotlight: Heap buffer overflow vulnerability in Ribbonsoft dxflib library
Threat Roundup for August 27 to September 3
Vice Society leverages PrintNightmare in ransomware attacks
Threat Roundup for August 20 to August 27
Threat Roundup for August 13 to August 20
Vulnerability Spotlight: Memory corruption vulnerability in Daemon Tools Pro
Vulnerability Spotlight: Multiple integer overflow vulnerabilities in GPAC Project on Advanced Content
Threat Roundup for August 6 to August 13
Vulnerability Spotlight: Multiple vulnerabilities in AT&T Labs’ Xmill utility
Vulnerability Spotlight: Code execution vulnerability in Mozilla Firefox
Threat Roundup for July 30 to August 6
Vulnerability Spotlight: Use-after-free vulnerability in tinyobjloader
Threat Roundup for July 23 to July 30
Vulnerability Spotlight: Use-after-free vulnerabilities in Foxit PDF Reader
Vulnerability Spotlight: Unsafe deserialization vulnerabilities in CODESYS Development System
Threat Roundup for July 16 to July 23
Threat Roundup for July 9 to July 16
Vulnerability Spotlight: Multiple vulnerabilities in D-LINK DIR-3040
Vulnerability Spotlight: Multiple vulnerabilities in Advantech R-SeeNet
Microsoft Patch Tuesday for July 2021 — Snort rules and prominent vulnerabilities
Threat Roundup for July 2 to July 9
Vulnerability Spotlight: Information disclosure, privilege escalation vulnerabilities in IOBit Advanced SystemCare Ultimate
Threat Roundup for June 25 to July 2