Category Archives: information disclosure

Apache Guacamole Opens Door for Total Control of Remote Footprint

Posted on July 2, 2020 by Tara Seals

Several vulnerabilities can be chained together for a full exploit. Continue reading Apache Guacamole Opens Door for Total Control of Remote Footprint→

Unpatched Bugs in Oracle iPlanet Open Door to Info-Disclosure, Injection

Posted on May 11, 2020 by Tara Seals

CVE-2020-9315 and CVE-2020-9314 in iPlanet version 7 will not receive patches. Continue reading Unpatched Bugs in Oracle iPlanet Open Door to Info-Disclosure, Injection→

Cisco Fixes High-Severity Flaws In Firepower Security Software, ASA

Posted on May 7, 2020 by Lindsey O'Donnell

Cisco has fixed 12 high-severity flaws in its Adaptive Security Appliance software and Firepower Threat Defense software. Continue reading Cisco Fixes High-Severity Flaws In Firepower Security Software, ASA→

Critical Adobe Illustrator, Bridge and Magento Flaws Patched

Posted on April 28, 2020 by Lindsey O'Donnell

Adobe fixed critical flaws in Illustrator, Magento and Bridge in an out-of-band security update. Continue reading Critical Adobe Illustrator, Bridge and Magento Flaws Patched→

Critical VMware Bug Opens Up Corporate Treasure to Hackers

Posted on April 10, 2020 by Tara Seals

The bug — rated 10 in severity — potentially affects large numbers of corporate VMs and hosts. Continue reading Critical VMware Bug Opens Up Corporate Treasure to Hackers→

Dropbox Passes $1M Milestone for Bug-Bounty Payouts

Posted on February 6, 2020 by Tara Seals

The file-sharing service also disclosed details of past notable bugs for the first time. Continue reading Dropbox Passes $1M Milestone for Bug-Bounty Payouts→

TikTok Riddled With Security Flaws

Posted on January 8, 2020 by Lindsey O'Donnell

The video sharing app has fixed several flaws allowing partial account takeover and information exposure. Continue reading TikTok Riddled With Security Flaws→

Microsoft Issues Out-of-Band Update for SharePoint Bug

Posted on December 18, 2019 by Tara Seals

An attacker could exploit CVE-2019-1491 to obtain sensitive information that could be used to mount further attacks. Continue reading Microsoft Issues Out-of-Band Update for SharePoint Bug→

Modern Intel CPUs Plagued By Plundervolt Attack

Posted on December 11, 2019 by Lindsey O'Donnell

The Intel attack uses a similar technique that gamers commonly use to overclock their CPUs. Continue reading Modern Intel CPUs Plagued By Plundervolt Attack→

Intel Warns of Critical Info-Disclosure Bug in Security Engine

Posted on November 12, 2019 by Tara Seals

The issue is in an Intel chip used for remote management. Continue reading Intel Warns of Critical Info-Disclosure Bug in Security Engine→