ZDI-22-505: Autodesk AutoCAD PCX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that...
ZDI-22-506: Cisco Nexus Dashboard Fabric Controller AMF Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Nexus Dashboard Fabric Controller. Authentication is not required to exploit this...
ZDI-22-507: Cisco Nexus Dashboard Fabric Controller Improper Privilege Management Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Cisco Nexus Dashboard Fabric Controller. An attacker must first obtain the ability to...
ZDI-22-508: Cisco Nexus Dashboard Fabric Controller XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Cisco Nexus Dashboard Fabric Controller. Authentication is not required to exploit this...
WordPress 5.9.2 Security and Maintenance Release
WordPress 5.9.2 is now available! This security and maintenance release features 1 bug fix in addition to 3 security fixes. Because this is a security release,...
New: Free Trials for CIS Hardened Images in AWS Marketplace
CIS now offers free trials for several CIS Hardened Images, pre-configured virtual machine images, in the AWS Marketplace. Try a hardened VM today. Read More
SEC plans four-day cybersecurity breach notification requirement
The US Securities and Exchange Commission today proposed legal changes that would require publicly traded companies to disclose material cybersecurity incidents within four days of...
USN-5322-1: Subversion vulnerability
Thomas Akesson discovered that Subversion incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Read More
Alleged REvil ransomware hacker extradited and arraigned in Texas
A man accused of being connected to the Russia-linked REvil ransomware group responsible for cyberattacks on organizations including US-based software company Kaseya, has been extradited...
Come Join the Scam Party
Authored by Oliver Devane, Vallabh Chole, and Aayush Tyagi McAfee has recently observed several malicious Chrome Extensions which, once installed, will redirect users to phishing...