Security Bulletin: Content Manager Enterprise Edition for June 2026 - Multiple CVEs

Summary Content Manager Enterprise Edition is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-342...

EUVD-2026-11224

A vulnerability in the handling of an Egress Packet Network Interface EPNI Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System NCS 5500 Series with NC57 line cards and Cisco NCS 5700 Routers and Cisco IOS XR Software for Third Party Software could allow an...

CVE-2026-20118

A vulnerability in the handling of an Egress Packet Network Interface EPNI Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System NCS 5500 Series with NC57 line cards and Cisco NCS 5700 Routers and Cisco IOS XR Software for Third Party Software could allow an...

Jailbreaking the F-35 Fighter Jet

Countries around the world are becoming increasingly concerned about their dependencies on the US. If you've purchase US-made F-35 fighter jets, you are dependent on the US for software maintenance. The Dutch Defense Secretary recently said that he could jailbreak the planes to accept third-party...

Security Bulletin: IBM Automation Decision Services for Jan 2026- Multiple CVEs addressed

Summary IBM Automation Decision Services is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-7783...

CVE-2025-65319

When using the attachment interaction functionality, Blue Mail 1.140.103 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software...

CVE-2025-65318

When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software...

CVE-2025-65319

When using the attachment interaction functionality, Blue Mail 1.140.103 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software...

Mapping Attack Surface for Enterprises: A 5-Step Guide

An attacker doesn’t see your company the way you do. They don’t see departments, projects, or business units. They see a collection of potential entry points—a web of digital assets they can probe for a single weakness. Their goal is to find the one unlocked door you forgot about. This is why...

EUVD-2019-4600

Malware in sbrugna...

EUVD-2017-16162

Malware in sbrugna...

[R2] Security Center Version 6.6.0 Fixes Multiple Vulnerabilities

R2 Security Center Version 6.6.0 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 05/06/2025 - 09:44 Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components sqlite, ua-parser-js were found to contain vulnerabilities, and updat...

[R2] Sensor Proxy Version 1.2.0 Fixes Multiple Vulnerabilities

R2 Sensor Proxy Version 1.2.0 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 04/30/2025 - 12:50 Sensor Proxy leverages third-party software to help provide underlying functionality. Several of the third-party components OpenSSL, Go were found to contain vulnerabilities, and updated versions hav...

[R1] Nessus Version 10.8.4 Fixes Multiple Vulnerabilities

R1 Nessus Version 10.8.4 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 04/17/2025 - 11:58 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components libxml2, expat were found to contain vulnerabilities, and updated versions have been...

Security Bulletin: IBM Automation Decision Services for Jan 2025 - Multiple CVEs addressed

Summary IBM Automation Decision Services is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed Vulnerability Details CVEID:CVE-2024-3596...

[R1] Security Center Version 6.5.1 Fixes Multiple Vulnerabilities

R1 Security Center Version 6.5.1 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 12/10/2024 - 11:22 Security Center leverages third-party software to help provide underlying functionality. One of the third-party components PHP was found to contain vulnerabilities, and an updated version has been...

[R2] Security Center Version 6.5.0 Fixes Multiple Vulnerabilities

R2 Security Center Version 6.5.0 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 12/05/2024 - 09:54 Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components OpenSSL, PHP, Apache Portable Runtime were found to contain...

[R1] Nessus Network Monitor 6.5.0 Fixes Multiple Vulnerabilities

R1 Nessus Network Monitor 6.5.0 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 09/24/2024 - 11:43 Nessus Network Monitor leverages third-party software to help provide underlying functionality. Several of the third-party components OpenSSL, expat, curl, and libxml2 were found to contain...

Tenable Nessus Multiple Vulnerabilities (TNS-2024-15, TNS-2024-16)

Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...

Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide

Nearly 1.3 million Android-based TV boxes running outdated versions of the operating system and belonging to users spanning 197 countries have been infected by a new malware dubbed Vo1d aka Void. "It is a backdoor that puts its components in the system storage area and, when commanded by attacker...