Stay connected

Trending News

Heap-based buffer overflow in the glibc's syslog ()
Exploit, News

Heap-based buffer overflow in the glibc’s syslog () 

Summary -Heap-based buffer overflow in the glibc’s syslog () We discovered a heap-based buffer overflow in the GNU C Library’s __vsyslog_internal() function, which is called by both syslog() and vsyslog(). This vulnerability was introduced in glibc 2.37 (in August 2022) by the following commit:;a=commit;h=52a5be0df411ef3ff45c10c7c308cb92993d15b1…

Cisco Unified Communications Products Remote Code Execution Vulnerability
Critical vulnerabiliities, Cyber Security, IoT Security, News, Vulnerabilities

Cisco Unified Communications Products Remote Code Execution Vulnerability 

Summary Affected Products Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Workarounds Additionally, follow the best practices that are…

Passive SSH Key
White Papers

Passive SSH Key Compromise via Lattices 

ABSTRACTWe demonstrate that a passive network attacker can opportunistically obtain private RSA host keys from an SSH server that experiences a naturally arising fault during signature computation. In prior work, this was not believed to be possible for the SSH protocol because the signature included…

Critical vulnerabiliities, IoT Security, News, Vulnerabilities

Multiple Vulnerabilities in Rapid SCADA Pose Serious Threats, Urgent Mitigations Recommended 

Executive Summary: Rapid Software LLC’s industrial automation platform, Rapid SCADA, has been found susceptible to multiple critical vulnerabilities, posing significant risks of remote code execution, unauthorized access, and privilege escalation. The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory detailing the potential exploits and…