389 matches found
About Remote Code Execution โ Erlang/OTP (CVE-2025-32433) vulnerability
About Remote Code Execution - Erlang/OTP CVE-2025-32433 vulnerability. Erlang is a programming language used to build massively scalable soft real-time systems with requirements for high availability. Used in telecom, banking, e-commerce, telephony, and messaging. OTP is a set of Erlang libraries...
Aggregators of actively discussed vulnerabilities
Aggregators of actively discussed vulnerabilities. Alexander Redchits updated his list of services that highlight TOP CVE vulnerabilities and uploaded it with descriptions to teletype in Russian. Now there are 11 of them: 1. Intruder's Top CVE Trends & Expert Vulnerability Insights 2. Cytidel Top...
On November 13, NIST NVD finally admitted the obvious: they had failed to process the CVE analysis backlog before the end of the fiscal year (September 30)
On November 13, NIST NVD finallyadmittedthe obvious: they had failed to process the CVE analysis backlog before the end of the fiscal year September 30. This is actually visible in their own statistics. At the moment, there are 19860 identifiers in the backlog. This week, 1136 new CVEs were...
About Elevation of Privilege - Linux Kernel "Copy Fail" (CVE-2026-31431) vulnerability
About Elevation of Privilege - Linux Kernel "Copy Fail" CVE-2026-31431 vulnerability. A local privilege escalation vulnerability in the Linux kernel AFALG component, which is caused by a memory handling flaw, allows an unprivileged user to escalate privileges to root. By exploiting this...
March "In the Trend of VM" (#25): once again, vulnerabilities are only in Microsoft products
March "In the Trend of VM" 25: once again, vulnerabilities are only in Microsoft products. I present the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. As in February, it turned out to be quite compact and focused on a single vendor. ๐ Post on Habr rus...
About Remote Code Execution โ Microsoft Office (CVE-2026-21509) vulnerability
About Remote Code Execution - Microsoft Office CVE-2026-21509 vulnerability. The vulnerability was urgently fixed on January 26, outside the regular Microsoft Patch Tuesday. Microsoft classified it as a Security Feature Bypass, but in fact, it is more of a Remote Code Execution. The vulnerability...
About Information Disclosure โ MongoDB โMongoBleedโ (CVE-2025-14847) vulnerability
About Information Disclosure - MongoDB "MongoBleed" CVE-2025-14847 vulnerability. MongoDB is a popular NoSQL database that stores data as JSON-like documents with an optional schema. The project is licensed under the SSPL. A flaw in MongoDBโs handling of the data length parameter during zlib...
About Elevation of Privilege โ Windows Remote Access Connection Manager (CVE-2025-59230) vulnerability
About Elevation of Privilege - Windows Remote Access Connection Manager CVE-2025-59230 vulnerability. A vulnerability from the October Microsoft Patch Tuesday. The Windows Remote Access Connection Manager RasMan service is a core Windows component that manages dial-up and Virtual Private Network...
About Remote Code Execution โ Windows LNK File (CVE-2025-9491) vulnerability
About Remote Code Execution - Windows LNK File CVE-2025-9491 vulnerability. A vulnerability in the Microsoft Windows shortcut .LNK handling mechanism allows malicious command-line arguments to be hidden in the Target field using whitespace characters, making them invisible to standard tools...
About Elevation of Privilege โ Windows Agere Modem Driver (CVE-2025-24990) vulnerability
About Elevation of Privilege - Windows Agere Modem Driver CVE-2025-24990 vulnerability. The vulnerability is from Microsoft's October Patch Tuesday. Agere Modem Driver ltmdm64.sys is a software component that allows a computer to communicate with an Agere or LSI modem for dialโup or fax...
About Elevation of Privilege vulnerability - Linux Kernel "Dirty Frag" (CVE-2026-43284, CVE-2026-43500) vulnerability
About Elevation of Privilege vulnerability - Linux Kernel "Dirty Frag" CVE-2026-43284, CVE-2026-43500 vulnerability. According to information from researcher Hyunwoo Kim @v4bel, Dirty Frag is a vulnerability a class of vulnerabilities that allows a local unprivileged attacker to obtain root...
About Remote Code Execution โ Microsoft Word (CVE-2026-21514) vulnerability
About Remote Code Execution - Microsoft Word CVE-2026-21514 vulnerability. This vulnerability is from February Microsoft Patch Tuesday. Reliance on Untrusted Inputs in a Security Decision CWE-807 in Microsoft Office Word allows an unauthenticated attacker to bypass OLE security features when...
February โIn the Trend of VMโ (#24): vulnerabilities in Microsoft products
February "In the Trend of VM" 24: vulnerabilities in Microsoft products. A traditional monthly roundup of trending vulnerabilities. This time, compact and all-Microsoft. ๐ Post on Habr rus ๐ Digest on the PT website rus In total, two vulnerabilities: ๐ป RCE - Microsoft Office CVE-2026-21509 ๐ป...
About Information Disclosure โ Desktop Window Manager (CVE-2026-20805) vulnerability
About Information Disclosure - Desktop Window Manager CVE-2026-20805 vulnerability. Desktop Window Manager is a compositing window manager that has been part of Windows since Windows Vista. Exploitation of the vulnerability, which was addressed in the January Microsoft Patch Tuesday, allows a loc...
About Remote Code Execution โ WinRAR (CVE-2025-6218, CVE-2025-8088) vulnerabilities
About Remote Code Execution - WinRAR CVE-2025-6218, CVE-2025-8088 vulnerabilities. A crafted file path inside an archive may cause the extraction process to move into unintended directories including the Startup directories , which can result in archive extraction leading to the execution of...
๐ Vulners Lookup โ augmented CVE reality
Vulners Lookup โ augmented CVE reality. Yesterday, VulnCheck unveiled a prototype Chrome/Chromium plugin that highlights CVE identifiers on any website and shows a popup with vulnerability details, including whether the vulnerability is in the VulnCheck KEV an extended CISA KEV. The Vulners team...
Statistics on 2024 trending vulnerabilities were featured in the OIC-CERT annual report
Statistics on2024 trending vulnerabilitieswere featured in the OIC-CERT annual report. The Organisation of Islamic Cooperation OIC is the largest and most influential official intergovernmental Muslim international organization. It currently unites 57 countries with a population of about 2 billio...
I transformed my English-language site avleonov.com
I transformed my English-language siteavleonov.com. While my Russian-language site avleonov.ru was intended as a mirror of my Telegram channel @avleonovrus, I wasn't sure how to move forward with the English-language site. I've been running it since 2016. For a long time, it was my main VM blog...
About Remote Code Execution - Adobe Reader (CVE-2026-34621) vulnerability
About Remote Code Execution - Adobe Reader CVE-2026-34621 vulnerability. Adobe Acrobat Reader from 2003 to 2015, "Adobe Reader" is a free PDF viewer developed by Adobe. Versions are available for Windows, macOS, Android, and iOS. The remote code execution vulnerability in Adobe Acrobat for Window...
About the Remote Code Execution Vulnerability - n8n (CVE-2025-68613)
About Remote Code Execution Vulnerability - n8n CVE-2025-68613. n8n is a workflow automation platform available under a fair-code license. Improper Control of Dynamically-Managed Code Resources CWE-913 in the n8n workflow expression evaluation system allows a remote authenticated attacker without...
About Authentication Bypass โ GNU Inetutils (CVE-2026-24061) vulnerability
About Authentication Bypass - GNU Inetutils CVE-2026-24061 vulnerability. GNU Inetutils is a collection of common network programs, including, among other things, a Telnet server telnetd. A vulnerability in GNU Inetutils telnetd allows a remote attacker to obtain a root shell on the host without...
About Remote Code Execution โ Redis โRediShellโ (CVE-2025-49844) vulnerability
About Remote Code Execution - Redis "RediShell" CVE-2025-49844 vulnerability. Redis is a popular in-memory keyโvalue database, used as a distributed cache and message broker, with optional durability. This vulnerability allows a remote authenticated attacker to execute arbitrary code via a...
August Linux Patch Wednesday
AugustLinux Patch Wednesday. Iโm late with this LPW since I was improving the generation of LPW bulletin lists and the operation of Vulristics. In August, Linux vendors addressed 867 vulnerabilities, nearly twice Julyโs total, including 455 in the Linux Kernel. One vulnerability is confirmed...
Qualys has introduced Agentic AI, a solution for autonomous cyber risk management
Qualys hasintroducedAgentic AI, a solution for autonomous cyber risk management. As part of this solution, Qualys provides ready-to-use Cyber Risk Agents that operate autonomously and act as an additional skilled digital workforce. Agentic AI not only detects issues and provides analytics but als...
Impressions from PHDays Fest
Impressions from PHDays Fest. The scale was just insane. You walk and walk - and there's action everywhere, and all of it is PHDays, every bit of it. It totally blew my mind, I saw just a tiny fraction of everything that was going on. In the public area, I was impressed by the university pavilion...
Qualys released QScanner โ a console vulnerability scanner for container images
QualysreleasedQScanner - a console vulnerability scanner for container images. Feed it an image and get a list of vulnerabilities a la Trivy. It supports: " Local Runtimes: Scan images from Docker, Containerd, or Podman. Local Archives: Analyze Docker images or OCI layouts from local files. Remot...
June "In the Trend of VM" (#28): Linux kernel, Microsoft Defender, and Palo Alto Networks device vulnerabilities
June "In the Trend of VM" 28: Linux kernel, Microsoft Defender, and Palo Alto Networks device vulnerabilities. Presenting the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. In the previous May edition, we covered four vulnerabilities. This time, there...
June Microsoft Patch Tuesday
June Microsoft Patch Tuesday. Last week I was on vacation in Veliky Novgorod, so I'm publishing this overview only now. A total of 202 vulnerabilities were addressed, approximately twice as many as in May. There are currently no vulnerabilities marked as exploited in the wild. However, there are...
About Remote Code Execution - Microsoft SharePoint (CVE-2026-20963) vulnerability
About Remote Code Execution - Microsoft SharePoint CVE-2026-20963 vulnerability. This vulnerability was fixed in the January MSPT. At the time of the MSPT release on January 13, VM vendors did not highlight this vulnerability in their reviews, and Microsoft reported no evidence of exploitation in...
I released Vulristics 1.0.11: added Server-Side Request Forgery (SSRF) as a distinct vulnerability type
I releasedVulristics 1.0.11: added Server-Side Request Forgery SSRF as a distinct vulnerability type. I try to use a very small set of base vulnerability types around 20 in Vulristics and map everything else to them. With a few exceptions, these are the same types Microsoft uses - and Microsoft...
About Elevation of Privilege โ Linux Kernel (CVE-2025-38001) vulnerability
About Elevation of Privilege - Linux Kernel CVE-2025-38001 vulnerability. It affects the Linux HFSC network scheduler module. An authenticated attacker can exploit this flaw to gain root privileges. This vulnerability is from the June Linux Patch Wednesday. In the Vulristics report, it was no...
I added support for ALT Linux OVAL content in Linux Patch Wednesday
I added support forALT Linux OVAL contentin Linux Patch Wednesday. Now I track when specific CVEs were fixed in ALT Linux packages and take that into account when generating the monthly bulletins. The more data sources on patched vulnerabilities in Linux distributions are used, the more accurate...
I checked out the European vulnerability database, EUVD, which was officially launched yesterday
I checked out the European vulnerability database,EUVD, which was officiallylaunchedyesterday. Its usefulness is questionable for now. !๐คทโโ๏ธhttps://s.w.org/images/core/emoji/15.1.0/72x72/1f937-200d-264...
Our PR team awarded me the โThe Best Positive Speaker 2025โ metal pin for public speaking, articles, and media commentary
Our PR team awarded me the โThe Best Positive Speaker 2025โ metal pin for public speaking, articles, and media commentary. Huge thanks to my colleagues for this! Iโm very pleased. ๐ The collection is growing. ๐ This time, the pin is styled like the Friends sitcom logo. Itโs made of metal, coated...
Should a VM specialist be aware of what is happening in the Darknet?
Should a VM specialist be aware of what is happening in the Darknet? Of course. At least roughly. Otherwise, he'll fall for the "nobodyโs attacking us" myth. The reality is that every organization is under attack all the time. It's like commercial fishing with trawlers. Anything that gets caught ...
June Linux Patch Wednesday
June Linux Patch Wednesday. A total of 1,888 vulnerabilities 324 in the Linux kernel, and a whopping 728 in Chromium โ๏ธ. For comparison, there were 1,638 vulnerabilities in May. The increase isn't as dramatic as it was from April to May, but it's still a new record. One of the vulnerabilities has...
Iโm done preparing the slides for my talk about Vulristics at PHDays
I 'm done preparing the slides for my talk about Vulristics at PHDays. I'll be speaking on the last day of the festival - Saturday, May 24, at 16:00 in Popov Hall 25. If you're there at that time, I'd be glad to see you. If not - join online! I'll have an hour to dive into Vulristics, vulnerabili...
About Cross Site Scripting - Microsoft Exchange (CVE-2026-42897) vulnerability
About Cross Site Scripting - Microsoft Exchange CVE-2026-42897 vulnerability. The vulnerability was fixed on May 14 outside the regular Microsoft Patch Tuesday cycle. Improper neutralization of input during web page generation CWE-79, XSS in Microsoft Exchange Server allows an unauthorized attack...
About Elevation of Privilege - Microsoft Defender "RedSun" (CVE-2026-41091) vulnerability
About Elevation of Privilege - Microsoft Defender "RedSun" CVE-2026-41091 vulnerability. Microsoft Defender is a built-in security solution developed by Microsoft to protect the Windows operating system and user data from viruses, malware, and other cyber threats in real time. An improper link...