Vulnerability Spotlight: Denial of service in AMD ATIKMDAG.SYS driver
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Cisco Talos recently discovered a denial-of-service vulnerability in the ATIKMDAG.SYS driver for some AMD graphics cards. An attacker could send the victim a specially crafted D3DKMTCreateAllocation API
Vulnerability Spotlight: Information leak vulnerability in Google Chrome WebGL
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Google Chrome web browser contains a vulnerability that could be exploited by an adversary to carry out a range of malicious actions. Chrome is one of the most popular web browsers currently a
Vulnerability Spotlight: Denial-of-service vulnerabilities in Allen-Bradley Flex I/O
Jared Rittle of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. The Allen-Bradley Flex input/output system contains multiple denial-of-service vulnerabilities in its ENIP request path data segment. These bugs exist specifically in the 1794-AENT FLEX I/O modula
Vulnerability Spotlight: DoS vulnerability in ATIKMDAG.SYS AMD graphics driver
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Cisco Talos recently discovered a denial-of-service vulnerability in the ATIKMDAG.SYS driver for some AMD graphics cards. An attacker could send the victim a specially crafted D3DKMTCreateAllocation API
Vulnerability Spotlight: Remote code execution vulnerability Apple Safari
Marcin "Icewall" Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Apple Safari web browser contains a remote code execution vulnerability in its Webkit feature. Specifically, an attacker could trigger a use-after-free condition in WebCore, th
Vulnerability Spotlight: Remote code execution, privilege escalation bugs in Microsoft Azure Sphere
Claudio Bozzato, Lilith >_> and Dave McDaniel of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Update (Sept. 17, 2020): This post has been updated to reflect the status of Microsoft assigning CVEs to these issues. Cisco Talos researchers recently disc
Vulnerability Spotlight: Use-after-free vulnerability in Google Chrome WebGL could lead to code execution
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Google Chrome web browser contains a use-after-free vulnerability in its WebGL component that could allow a user to execute arbitrary code in the context of the browser process. This vulnerabi
Vulnerability Spotlight: Internet Systems Consortium BIND server DoS
Emanuel Almeida of Cisco Systems discovered this vulnerability. Blog by Jon Munshaw. The Internet Systems Consortium’s BIND server contains a denial-of-service vulnerability that exists when processing TCP traffic through the libuv library. An attacker can exploit this vulnerabi
Vulnerability Spotlight: Microsoft issues security update for Azure Sphere
Claudio Bozzato, Lilith >_> and Dave McDaniel of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Update (Sept. 17, 2020): This post has been updated to reflect the status of Microsoft assigning CVEs to these issues. Cisco Talos researchers recently dis