Vulners Blog

Non-hype vulnerabilities and news in Vulners monthly review

Posted on September 6, 2021September 6, 2021 by Dmitry Uchakin

Microsoft in our weekly digests of this month. Traditionally, it was collected underestimated and unmentioned vulnerabilities with the news of the past month. There will be vulnerabilities in Kindle and Trend Micro, and news about hackers in white hat and new trends in attacking guys.*All information was harvested by the author's hands via Vulners DB … Continue reading Non-hype vulnerabilities and news in Vulners monthly review →

RCE with exploit in Confluence Server and Confluence Data Center (CVE-2021-26084)

Posted on September 1, 2021September 1, 2021 by Dmitry Uchakin

On August 25, Atlassian reported a critical Remote Code Execution vulnerability in Confluence Server and Confluence Data Center. The vulnerability allows an authenticated user, and in some cases an unauthenticated user, to execute arbitrary code in Confluence Server and Confluence Data Center. Today, September 1, an article was published with a research of the vulnerability … Continue reading RCE with exploit in Confluence Server and Confluence Data Center (CVE-2021-26084) →

Ripple20 zero-day vulnerabilities in IOT devices

Posted on June 22, 2020 by Dmitry Uchakin

The U.S. Department of Homeland Security and CISA ICS-CERT have published security notices about recently discovered vulnerabilities, collectively referred to as Ripple20. Ripple20 includes 19 vulnerabilities affecting billions of Internet-connected devices from 500 vendors around the world. The problems were found in the Treck TCP/IP library and with their help an attacker can remotely gain … Continue reading Ripple20 zero-day vulnerabilities in IOT devices →

Vulners weekly digest #6

Posted on May 4, 2020May 8, 2020 by Dmitry Uchakin

This review is more about exploiting vulnerabilities in attacks on various areas. We also gave examples of why security updates should not be ignored. The most interesting vulnerabilities If you use any tools / systems that are mentioned in this section, it is recommended to install security updates. Gitlab multiple vulnerabilities Many companies use such … Continue reading Vulners weekly digest #6 →

Vulners weekly digest #4

Posted on April 13, 2020 by Dmitry Uchakin

Your Exchange server stills sweety and other vulnerabilities. Serious boost for pentest frameworks. ZOOM continues to smoke and we continue write about it in our digest.

Vulners weekly digest #2

Posted on March 30, 2020March 30, 2020 by Dmitry Uchakin

Weekly overview of new vulnerabilities, exploits, tools and other news from the world of information security