Security
Headlines
HeadlinesLatestCVEs

Tag

#CVE

Vulnerability Spotlight: Multiple vulnerabilities in ZTE MF971R LTE router

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.  Cisco Talos recently discovered multiple vulnerabilities in the ZTE MF971R LTE portable router.  The MF971R is a portable router with Wi-Fi support and works as an LTE/GSM modem. An attacker could... [[ This is only the beginning! Please visit the blog for the complete entry ]]

TALOS
Open in Source
#CVE#vulnerabilities#ZTE
Vulnerability Spotlight: Code execution vulnerabilities in Nitro Pro PDF

A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered multiple vulnerabilities in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application.  Nitro Pro PDF is part of Nitro Software’s... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Use-after-free vulnerability in Microsoft Excel could lead to code execution

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.  Cisco Talos recently discovered a use-after-free vulnerability in the ConditionalFormatting functionality of Microsoft Office Excel 2019 that could allow an attacker to execute arbitrary code on the... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, buffer overflows

Lilith >_> of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.  Cisco Talos recently discovered two vulnerabilities in the Anker Eufy Homebase.  The Eufy Homebase 2 is the video storage and networking gateway that works with Anker’s Eufy Smarthome ecosystem. All Eufy... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Information disclosure vulnerability in D-LINK DIR-3040 mesh router

Dave McDaniel of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable information disclosure vulnerability in the D-LINK DIR-3040 smart WiFi mesh router that could allow an adversary to eventually turn off the device or remove other... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Last Week’s Security news: Serious Sam in Metasploit, PetitPotam, Zimbra Hijack, Joint Advisory TOP30 CVEs

Hello everyone! Last Week’s Security News, July 26 – August 1. Serious Sam in Metasploit Last week I talked about the Serious Sam vulnerability (CVE-2021-36934), also known as HiveNightmare. The name HiveNightmare comes from the fact that Windows stores its registry data in a small number of proprietary database files called hives. Due to mismanagement […]

My thoughts on the “2021 Gartner Market Guide for Vulnerability Assessment”. What about the quality?

The Gartner Vulnerability Management Reports are one of the few marketing reports that I try to read regularly. This started back in the days when I was working for a VM vendor doing competitive analysis. Gartner is one of the few organizations that think about Vulnerability Assessment and Vulnerability Management and clearly articulate where we […]