Vulnerability Spotlight: Remote code execution bug in Antenna House Rainbow PDF Office document converter
Emmanuel Tacheau of Cisco Talos discovered this vulnerability. Executive summary A buffer overflow vulnerability exists in Antenna House’s Rainbow PDF when the software attempts to convert a PowerPoint document. Rainbow PDF has the ability to convert Microsoft Office 97-2016 d
Vulnerability Spotlight: Remote code execution vulnerabilities in Adobe Acrobat Reader
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Executive summary There are two remote code execution vulnerabilities in Adobe Acrobat Reader that could occur if a user were to open a malicious PDF on their machine using the software. Acrobat is the most wi
Vulnerability Spotlight: Multiple vulnerabilities in the Roav A1 Dashcam
Lilith >_> of Cisco Talos discovered these vulnerabilities. Executive Summary Cisco Talos is disclosing multiple vulnerabilities in the Anker Roav A1 Dashcam and the Novatek NT9665X chipset. The Roav A1 Dashcam by Anker is a dashboard camera that allows users to connect
Vulnerability Spotlight: Remote code execution bug in SQLite
Cory Duplantis of Cisco Talos discovered this vulnerability. Executive summary SQLite contains an exploitable use-after-free vulnerability that could allow an attacker to gain the ability to remotely execute code on the victim machine. SQLite is a client-sidedatabase managemen
Vulnerability Spotlight: Multiple bugs in several Jenkins plugins
Peter Adkins of Cisco Umbrella discovered these vulnerabilities. Executive summary Jenkins is an open-source automation server written in Java. There are several plugins that exist to integrate Jenkins with other pieces of software, such as GitLab. Today, Cisco Talos is disclo
Vulnerability Spotlight: Multiple vulnerabilities in Sierra Wireless AirLink ES450
Several exploitable vulnerabilities exist in the Sierra Wireless AirLink ES450, an LTE gateway designed for distributed enterprise, such as retail point-of-sale or industrial control systems. These flaws present a number of attack vectors for a malicious actor, and could allow th
Vulnerability Spotlight: Symantec Endpoint Protection kernel memory information disclosure vulnerability
Marcin Noga of Cisco Talos discovered this vulnerability. Overview Cisco Talos is disclosing an information leak vulnerability in the ccSetx86.sys kernel driver of Symantec Endpoint Protection Small Business Edition. The vulnerability exists in the driver’s control message ha
Vulnerability Spotlight: Denial of service in VMWare Workstation 15
Piotr Bania of Cisco Talos discovered this vulnerability. Executive summary VMware Workstation 15 contains an exploitable denial-of-service vulnerability. Workstation allows users to run multiple operating systems on a Linux or Windows PC. An attacker could trigger this partic
Vulnerability Spotlight: Multiple vulnerabilities in Shimo VPN's helper tool
Discovered by Tyler Bohan of Cisco Talos. Overview Cisco Talos is disclosing a series of vulnerabilities found in the Shimo VPN Helper Tool. Shimo VPN is a popular VPN client for MacOS that can be used to connect multiple VPN accounts to one application. These specific vulnera