Vulnerability Spotlight: Information disclosure vulnerability in Microsoft Media Foundation
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Media Foundation contains an information disclosure vulnerability that could allow an attacker to eventually remotely execute code on the victim machine. Media Foundation is a COM-
Vulnerability Spotlight: Intel Raid Web Console 3 denial-of-service bugs
Geoff Serrao of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two denial-of-service vulnerabilities in the web API functionality of Intel RAID Web Console 3. The Raid Web Console is a web-based application that provides severa
Vulnerability Spotlight: Multiple vulnerabilities in Videolabs libmicrodns
Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. A specific library in the Videolabs family of software contains multiple vulnerabilities that could lead to denial of service and code execution. Videolabs is a company founded by VideoLAN memb
Vulnerability Spotlight: Denial-of-service vulnerability in GStreamer
Peter Wang of Cisco ASIG discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a denial-of-service vulnerability in GStreamer, a pipeline-based multimedia framework. GStreamer contains gst-rtsp-server, an open-source library that allows the user to
Vulnerability Spotlight: Information disclosure in Windows 10 Kernel
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an information disclosure vulnerability in the Windows 10 kernel. An attacker could exploit this vulnerability by tricking the victim into opening a specially craft
Vulnerability Spotlight: WAGO products contain remote code execution, other vulnerabilities
Patrick DeSantis, Carl Hurd, Kelly Leuschner and Lilith [-_-]; of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered several vulnerabilities in multiple products from the company WAGO. WAGO produces a line of automation software cal
Vulnerability Spotlight: Memory corruption, DoS vulnerabilities in CoTURN
Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. CoTURN contains denial-of-service and memory corruption vulnerabilities in the way its web server parses POST requests. CoTURN is a TURN server implementation that can be used as a general- pur
Vulnerability Spotlight: Remote code execution vulnerability in Apple Safari
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Apple Safari web browser contains a remote code execution vulnerability in its Fonts feature. If a user were to open a malicious web page in Safari, they could trigger a type confusion, result
Vulnerability Spotlight: Code execution vulnerability in Microsoft Excel
Marcin Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Excel contains a code execution vulnerability. This specific bug lies in the component of Excel that handles the Microsoft Office HTML and XML file types, first introduced in Office 2000. M