CVE-2024-20709 New Edge T5 MSRC Case [DCMSFT-1081]

Acrobat Reader T5 MSFT Edge versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue...

We’re Excited to Announce the Launch of Comms Hub!

We are excited to announce the launch of Comms Hub to the Researcher Portal submission experience! With this launch, security researchers will be able to streamline communication with MSRC case SPMs case managers, attach additional files, track case and bug bounty status all in the Researcher...

We’re Excited to Announce the Launch of Comms Hub!

We are excited to announce the launch of Comms Hub to the Researcher Portal submission experience! With this launch, security researchers will be able to streamline communication with MSRC case SPMs case managers, attach additional files, track case and bug bounty status all in the Researcher...

Microsoft DirectX SDK - Xact.exe Remote Code Execution

Microsoft DirectX SDK - Xact.exe Remote Code Execution + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DIRECTX-SDK-XACT.EXE-TROJAN-FILE-CODE-EXECUTION.txt + ISR: Apparition Security Greetz: indoushka | Eduardo...

two browser mem disclosure bugs (CVE-2014-1580 and CVE-something-or-other)

First of all, CVE-2014-1580 MSFA 2014-78 is a bug that caused Firefox prior to version 33 released today to leak bits of uninitialized memory when rendering certain types of truncated images onto canvas. Mozilla's advisory is here: https://www.mozilla.org/security/announce/2014/mfsa2014-78.html B...