Security Vulnerabilities

The latest Security Vulnerabilities

NewsSecurity Vulnerabilities

Java Spring Framework vulnerabilities [CVE-2022-22963 and CVE-2022-22965]

Jason Davies 3120 Views 0 Comments 0 min read

We are aware of two remote code execution vulnerabilities affecting the Java Spring Framework. The Spring Framework is an open

Read More
NewsSecurity Vulnerabilities

RCE vulnerability in Sophos Firewall (CVE-2022-1040)

Luke Simmonds 3688 Views 0 Comments 1 min read

An authentication bypass vulnerability allowing remote code execution was discovered in the User Portal and Webadmin of Sophos Firewall and

Read More
NewsSecurity Vulnerabilities

Multiple vulnerabilities in VMware Carbon Black App Control [CVE-2022-22951 and CVE-2022-22952]

Jason Davies 3416 Views 0 Comments 2 min read

CVE numbers – CVE-2022-22951 and CVE-2022-22952 Multiple vulnerabilities in VMware Carbon Black App Control were privately reported to VMware. Updates are available to remediate

Read More
NewsSecurity Vulnerabilities

Drupal core – Improper Input Validation in guzzlehttp/psr7 [CVE-2022-24775]

Jason Davies 3662 Views 0 Comments 0 min read

CVE number = CVE-2022-24775 Drupal uses the third-party Guzzle library for handling HTTP requests and responses to external services. Guzzle

Read More
NewsSecurity Vulnerabilities

Microsoft Office Visio Untrusted Pointer Dereference Remote Code Execution Vulnerability [CVE-2022-24509]

Jason Davies 3866 Views 0 Comments 0 min read

CVE number – CVE-2022-24509 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio.

Read More
NewsSecurity Vulnerabilities

MyBB Admin Control Panel Code Injection Remote Code Execution Vulnerability [CVE-2022-24734]

Jason Davies 4188 Views 0 Comments 0 min read

CVE number = CVE-2022-24734 This vulnerability allows remote attackers to execute arbitrary code on affected installations of MyBB. Authentication is

Read More
NewsSecurity Vulnerabilities

Linux Kernel Privilege Escalation Vulnerability – Dirty Pipe  [CVE-2022-0847]

Luke Simmonds 3615 Views 0 Comments 0 min read

CVE number = CVE-2022-0847 A flaw has been found in the way the “flags” member of the new pipe buffer

Read More
NewsSecurity Vulnerabilities

Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities [CVE-2022-20754 and CVE-2022-20755]

Jason Davies 4363 Views 0 Comments 2 min read

CVE numbers – CVE-2022-20754 and CVE-2022-20755 Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and

Read More
NewsSecurity Vulnerabilities

Cisco IOS XE SD-WAN Software Command Injection Vulnerability [CVE-2021-1529]

Luke Simmonds 8060 Views 0 Comments 1 min read

CVE number – CVE-2021-1529 A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local

Read More
NewsSecurity Vulnerabilities

Cisco IOS XR Software Arbitrary File Read and Write Vulnerability [CVE-2021-34718]

Jason Davies 3072 Views 0 Comments 0 min read

CVE number = CVE-2021-34718 A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated,

Read More