Vulnerability Spotlight: Two vulnerabilities in Epignosis eFront
Yuri Kramarz of Security Advisory Incident Response EMEAR discovered these vulnerabilities. Cisco Talos discovered two vulnerabilities in Epignosis eFront — one of which could allow an attacker to remotely execute code on the victim system, and another that opens the victim mac
Vulnerability Spotlight: Multiple vulnerabilities in Aspose APIs
Marcin Noga of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple remote code execution vulnerabilities in various Aspose APIs. Aspose provides a series of APIs for manipulating or converting a large family of document formats. These vulnerabi
Vulnerability Spotlight: Multiple bugs in OpenWeave and Nest Labs Nest Cam IQ indoor camera
Lilith Wyatt and Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in the Nest Cam IQ Indoor camera. One of Nest Labs’ most advanced internet-of-things devices, the Nest Cam IQ Indoor integrates Security-Enh
Vulnerability Spotlight: Multiple vulnerabilities in NVIDIA Windows GPU Display Driver, VMware ESXi, Workstation and Fusion
Piotr Bania of Cisco Talos discovered these vulnerabilities. Executive summary VMware ESXi, Workstation and Fusion are affected by an out-of-bounds write vulnerability that can be triggered using a specially crafted shader file. This vulnerability can be triggered from a VMwar
Vulnerability Spotlight: Remote code execution vulnerabilities in Simple DirectMedia Layer
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Simple DirectMedia Layer contains two vulnerabilities that could an attacker to remotely execute code on the victim’s machine. Both bugs are present in the SDL2_image library, which is used for loading images
Vulnerability Spotlight: Google V8 Array.prototype memory corruption vulnerability
The V8 JavaScript engine in Google Chrome contains a memory corruption vulnerability that could allow an attacker to gain the ability to execute arbitrary code on the victim’s machine. V8 is the core JavaScript engine that runs in the Chrome browser. As part of Chrome and node.is
Vulnerability Spotlight: Two bugs in KCodes NetUSB affect some NETGEAR routers
Dave McDaniel of Cisco Talos discovered these vulnerabilities. Executive summary KCodes’ NetUSB kernel module contains two vulnerabilities that could allow an attacker to inappropriately access information on some NETGEAR wireless routers. Specific models of these routers util
Vulnerability Spotlight: Multiple vulnerabilities in Schneider Electric Modicon M580
Jared Rittle of Cisco Talos discovered these vulnerabilities. Executive summary There are several vulnerabilities in the Schneider Electric Modicon M580 that could lead to a variety of conditions, including denial of service and the disclosure of sensitive information. The Mod
Vulnerability Spotlight: Multiple vulnerabilities in Wacom Update Helper
Tyler Bohan of Cisco Talos discovered these vulnerabilities. Executive summary There are two privilege escalation vulnerabilities in the Wacom update helper. The update helper is a utility installed alongside the macOS application for Wacom tablets. The application interacts w