Headline
CVE-2023-36710
Windows Media Foundation Core Remote Code Execution Vulnerability
Related news
A researcher found two Microsoft vulnerabilities which could be combined to achieve zero-click remote code execution.
Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to achieve remote code execution on the Outlook email service sans any user interaction. "An attacker on the internet can chain the vulnerabilities together to create a full, zero-click remote code execution (RCE) exploit against Outlook clients," Akamai security
Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker could potentially exploit this vulnerability to read arbitrary files from the target system.