Microsoft has released April Patch Tuesday security updates, addressing a total of 113 vulnerabilities in the family of Windows operating systems and related products. Out of these, 19 are classified as Critical and 94 as Important which includes Microsoft Office Services and Web Apps, Internet Explorer, Microsoft Windows, Edge (EdgeHTML-based and Chromium-based), Microsoft Apps […]

Read More →

Microsoft has released March Patch Tuesday security updates, addressing a total of 113 vulnerabilities in the family of Windows operating systems and related products. Out of these, 26 are classified as Critical and 86 as Important which includes Office Services and Web Apps, Internet Explorer, Microsoft Windows, Edge (EdgeHTML-based and Chromium-based), Microsoft Exchange Server, Azure […]

Read More →

Artificial intelligence and computer vision fall in the category of top 10 buzzwords of modern day computing. An opensource platform helping industries build a new era of real-time visual processing is OpenCV, a library of programming functions with over 2500 optimized computer vision and machine learning algorithms. Two< critical vulnerabilities were discovered in OpenCV libraries […]

Read More →

Microsoft rolls out October Patch Tuesday security updates today, remediating 60 common vulnerabilities and exposures (CVEs) in the family of Windows operating systems and related products. Out of these 9 are classified as “Critical“, and 51 as “Important”. There are no reported zero-days this month but there is one publicly disclosed vulnerability Windows Error Reporting […]

Read More →

Squid is an open-source web caching and Internet proxy application which is widely used for speeding up the webserver and aiding in its security. A heap buffer overflow vulnerability has been discovered in some versions of the Squid web proxy cache servers. This vulnerability is tracked as CVE-2019-12527 and could be exploited by attackers to […]

Read More →

A critical security flaw has been reported in GNU C Library. The bug discovered in glibc has been present since 2008. A huge amount of Linux software can be hijacked by miscreants from the other side of the internet. The GNU C Library (glibc) is an essential component of Linux distributions. The researchers at Google and Red Hat […]

Read More →

A critical vulnerability is discovered in GNU C Library (glibc). The GNU C Library, commonly known as glibc, is the GNU Project’s implementation of the C standard library and a core part of the Linux operating system. GNU C Library (glibc) is used in most of the Linux distributions, which is prone to a heap-based […]

Read More →

A new zero-day (CVE-2014-0515) exploit exists in the wild, and is being used to target Flash Player users on the Windows systems. The vulnerability was discovered by Kaspersky Lab in Mid April. There is a buffer overflow vulnerability in the Pixel Bender component which is designed for video and image processing that can be used […]

Read More →

what is a buffer? In general, the term buffer is a temporary storage, a space in the memory used to store the data. Memory Organization: Stack: Contains arguments which are passed to the function and local variables. Heap: Contains the dynamically allocated memory (malloc()). Data: – Initialized data segment: Contains the global, static and constant data. […]

Read More →

SecPod Research Team member (Prabhu S Angadi) has found Denial Of Service Vulnerability in Netmechanica NetDecision HTTP Server. The vulnerability is caused due to improper validation of long malicious HTTP request to web server, which allows remote attackers to crash the service. POC : Download here. More information can be found here. CVE Info : […]

Read More →