#rce

[ follow ]
#vulnerabilities
Zero Day Initiative
1 week ago
JavaScript

Zero Day Initiative - Exploiting Exchange PowerShell After ProxyNotShell: Part 2 - ApprovedApplicationCollection

The blog post details two significant vulnerabilities in Microsoft Exchange related to RCE and a path traversal issue in a Windows utility. [ more ]
ComputerWeekly.com
6 months ago
Information security

March Patch Tuesday throws up two critical Hyper-V flaws | Computer Weekly

Two critical vulnerabilities in Windows Hyper-V were fixed, notably with a decrease in total fixed vulnerabilities from the previous month.
The slimline update this Patch Tuesday did not include any zero-day vulnerabilities or PoCs, leading to a moment of relative calm in the cybersecurity landscape. [ more ]
Zero Day Initiative
1 week ago
JavaScript

Zero Day Initiative - Exploiting Exchange PowerShell After ProxyNotShell: Part 2 - ApprovedApplicationCollection

The blog post details two significant vulnerabilities in Microsoft Exchange related to RCE and a path traversal issue in a Windows utility. [ more ]
ComputerWeekly.com
6 months ago
Information security

March Patch Tuesday throws up two critical Hyper-V flaws | Computer Weekly

Two critical vulnerabilities in Windows Hyper-V were fixed, notably with a decrease in total fixed vulnerabilities from the previous month.
The slimline update this Patch Tuesday did not include any zero-day vulnerabilities or PoCs, leading to a moment of relative calm in the cybersecurity landscape. [ more ]
morevulnerabilities
The Hacker News
1 month ago
Information security

Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE

Four medium-severity security flaws in OpenVPN disclosed by Microsoft can lead to RCE and LPE, requiring user authentication and advanced knowledge of OpenVPN.
The vulnerabilities could result in full control over targeted endpoints, data breaches, system compromise, and unauthorized access to sensitive information. [ more ]
Theregister
3 months ago
Information security

Critical Fluent Bit bug affects all major cloud providers

Fluent Bit has a critical vulnerability (CVE-2024-4323) that can lead to DoS, information leakage, and potentially RCE, affecting versions 2.0.7 through 3.0.3. [ more ]
Theregister
3 months ago
Information security

Microsoft fixes hack-me-via-Wi-Fi Windows security hole

Patch Tuesday updates include 49 CVE-tagged flaws, critical vulnerability in wireless networking, and publicly disclosed bug in DNSSEC. [ more ]
[ Load more ]