ZDI-22-1467: (0Day) IronCAD STP File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IronCAD. User interaction is required to exploit this vulnerability in that the...
ZDI-22-1468: (0Day) Corel CorelDRAW Graphics Suite GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Corel CorelDRAW Graphics Suite. User interaction is required to exploit this vulnerability...
ZDI-22-1463: GnuPG libksba CMS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GnuPG libksba. Interaction with this library is required to exploit this vulnerability...
ZDI-22-1464: GnuPG libksba CMS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GnuPG libksba. Interaction with this library is required to exploit this vulnerability...
ZDI-22-1465: GnuPG libksba CRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GnuPG libksba. Interaction with this library is required to exploit this vulnerability...
ZDI-22-1466: TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N routers. Although authentication is required to exploit this vulnerability, the...
Ransomware Masquerading as Microsoft Update Targets Home Computers
A new ransomware threat is currently sweeping its way across home computers. And what’s making it extra tricky is that it’s disguised as an operating...
Seven months after it found out, FamilySearch tells users their personal data has been breached
Shouldn't affected users have been told sooner? Read More
Protect yourself from scams this Diwali
It’s Diwali, a time of light, a time of togetherness, and, of course, a time of celebration. Along with Diwali comes the traditional acts of...
Car dealer group Pendragon refuses to pay $60 million to ransomware extortionists
Pendragon - the car dealership group which owns Evans Halshaw, CarStore, and Stratstone, and operates around 160 showrooms across the UK - has confirmed that...