![]() ![]() As always, zero details on who’s exploiting it. We have expanded the integration of Antimalware Scan Interface (AMSI) with Office 365 to include the runtime scanning of Excel 4.0 (XLM) macros to help antivirus solutions tackle the increase in attacks that use malicious XLM macros Ĭhrome 89 was released today. If properly exploited, an attacker could tri… ĭidn’t you forget Google Play Security Rewards program? You can submit vulnerability reports for apps with 100M+ installs in Google Play 1. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. ĬVE-2020-25647 A flaw was found in grub2 in versions prior to 2.06. ĬVE-2021-22670 An uninitialized pointer may be exploited in Fatek FvDesigner Version 1.5.76 and prior while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. This was my first userland Windows heap exploit and I hope a deep dive into the process will help others. My first ever blog post: Anatomy of an Exploit: RCE CVE-2020-1350 #SIGRed. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently… ![]() CVE-2020-10519 A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |