F5 TMUI RCE vulnerability [CVE-2020-5902]

CVE Number – CVE-2020-5902 This vulnerability allows for unauthenticated attackers, or authenticated users, with network access to the TMUI, through the

Read more

Microsoft Windows Codecs Library Remote Code Execution Vulnerability [CVE-2020-1425]

CVE number – CVE-2020-1425 A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects

Read more

Palo Alto – Authentication Bypass in SAML Authentication [CVE-2020-2021]

When Security Assertion Markup Language (SAML) authentication is enabled and the ‘Validate Identity Provider Certificate’ option is disabled (unchecked), improper

Read more

Multiple Netgear devices contain a stack buffer overflow in the httpd web server

Multiple Netgear devices contain a stack buffer overflow in the httpd web server’s handling of upgrade_check.cgi, which may allow for unauthenticated

Read more

Universal Plug and Play (UPnP) SUBSCRIBE can be abused to send traffic to arbitrary destinations

The Universal Plug and Play (UPnP) protocol in effect prior to April 17, 2020 can be abused to send traffic

Read more

Ripple20 Vulnerabilities Affecting Treck IP Stacks

We are aware of multiple vulnerabilities, known as Ripple20, affecting Treck IP stack implementations for embedded systems. A remote attacker

Read more

Windows SMBv3 Client/Server Information Disclosure Vulnerability [CVE-2020-1206]

CVE number – CVE-2020-1206 An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3)

Read more

Windows Now Playing Session Manager Elevation of Privilege Vulnerability [CVE-2020-1201]

CVE Number – CVE-2020-1201 An elevation of privilege vulnerability exists in the way the Windows Now Playing Session Manager handles

Read more

Zoom client application chat Giphy arbitrary file write [CVE-2020-6109]

CVE number – CVE-2020-6109 An exploitable path traversal vulnerability exists in the Zoom client, version 4.6.10 processes messages including animated

Read more

Zoom Client Application Chat Code Snippet Remote Code Execution Vulnerability [CVE-2020-6110]

CVE Number – CVE-2020-6110 An exploitable partial path traversal vulnerability exists in the way Zoom Client version 4.6.10 processes messages

Read more
%d bloggers like this: