ZDI-24-963: Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that...
ZDI-24-964: Autodesk AutoCAD STEP File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that...
DSA-5734-1 bind9 – security update
Several vulnerabilities were discovered in BIND, a DNS server implementation, which may result in denial of service. To mitigate CVE-2024-1737 two new configuration statements have...
Smashing Security podcast #382: CrowdStrike, Dark Wire, and the Paris Olympics
Computers blue-screen-of-death around the world! The Paris Olympics is at risk of attack! And the FBI pull off the biggest sting operation in history by...
USN-6915-1: poppler vulnerability
It was discovered that poppler incorrectly handled certain malformed PDF. An attacker could possibly use this issue to cause a denial of service. Read More
USN-6914-1: OCS Inventory vulnerability
Filip Hejsek discovered that the phpCAS library included in OCS Inventory was using HTTP headers to determine the service URL used to validate tickets. A...
USN-6913-1: phpCAS vulnerability
Filip Hejsek discovered that phpCAS was using HTTP headers to determine the service URL used to validate tickets. A remote attacker could possibly use this...
Robot Dog Internet Jammer
Supposedly the DHS has these: The robot, called “NEO,” is a modified version of the “Quadruped Unmanned Ground Vehicle” (Q-UGV) sold to law enforcement by...
CrowdStrike Shares How a Rapid Response Content Update Caused Global Outage
CrowdStrike has published a preliminary Post Incident Review into the global IT outage on July 19, revealing the issue came from a Rapid Response Content...
North Korean Hackers Targeted Cybersecurity Firm KnowBe4 with Fake IT Worker
KnowBe4 revealed it was duped into hiring a fake IT worker from North Korea resulting in attempted insider threat activity Read More