Critical Alert: Spring Core(SpringShell) Remote Code Execution Vulnerability Exploited In The Wild

• Post author:Keshav R
• Post published:April 5, 2022
• Post category:Endpoint Security/Endpoint Security and Management/Security Research and Intelligence/Vulnerability Management
• Reading time:6 mins read

The Spring Framework is an application framework and inversion of the control container for the Java platform developed by VMware.…

Continue ReadingCritical Alert: Spring Core(SpringShell) Remote Code Execution Vulnerability Exploited In The Wild

Log4Shell-Critical Remote Code Execution Vulnerability in H2database Console

• Post author:Keshav R
• Post published:January 10, 2022
• Post category:Endpoint Security and Management/Featured Articles/Security Research and Intelligence/Vulnerability Management
• Reading time:5 mins read

JFrog has recently disclosed a remote code execution vulnerability on H2 Database consoles. This is based on a Java Naming…

Continue ReadingLog4Shell-Critical Remote Code Execution Vulnerability in H2database Console

Cisco Read-Only Path Traversal Vulnerability (CVE-2020-3452)

• Post author:Vishesh S
• Post published:July 28, 2020
• Post category:Security Research and Intelligence
• Reading time:5 mins read

Cisco has released a Security Advisory for the actively exploited worldwide CVE-2020-3452. Cisco Read-Only Path Traversal Vulnerability in the web services…

Continue ReadingCisco Read-Only Path Traversal Vulnerability (CVE-2020-3452)

Patch Tuesday: Microsoft Security Bulletin Summary for June 2020

• Post author:Vishesh S
• Post published:June 10, 2020
• Post category:Security Research and Intelligence
• Reading time:17 mins read

Microsoft Patch Tuesday June 2020 has released June Patch Tuesday, security updates with a total release of 130 vulnerabilities in…

Continue ReadingPatch Tuesday: Microsoft Security Bulletin Summary for June 2020

Patch Tuesday: Microsoft Security Bulletin Summary for April 2020

• Post author:Jithendra R
• Post published:April 15, 2020
• Post category:Security Research and Intelligence
• Reading time:18 mins read

  Microsoft Security Bulletin April 2020 has released April Patch Tuesday security updates, addressing a total of 113 vulnerabilities in…

Continue ReadingPatch Tuesday: Microsoft Security Bulletin Summary for April 2020

Patch Tuesday: Microsoft Security Bulletin Summary for March 2020

• Post author:Jithendra R
• Post published:March 11, 2020
• Post category:Security Research and Intelligence
• Reading time:22 mins read

Microsoft Patch Tuesday March 2020 has released March Patch Tuesday security updates, addressing a total of 113 vulnerabilities in the…

Continue ReadingPatch Tuesday: Microsoft Security Bulletin Summary for March 2020

BarracudaDrive Multiple XSS Vulnerabilities

• Post author:Veerendra GG
• Post published:March 25, 2014
• Post category:Security Research and Intelligence
• Reading time:1 mins read

SecPod Research Team member (Shakeel Bhat) has found Multiple Cross-Site Scripting Vulnerability in BarracudaDrive. The vulnerability is caused by improper…

Continue ReadingBarracudaDrive Multiple XSS Vulnerabilities

Adiscon LogAnalyzer ‘highlight’ Parameter Cross Site Scripting Vulnerability

• Post author:Veerendra GG
• Post published:June 20, 2012
• Post category:Security Research and Intelligence
• Reading time:1 mins read

SecPod Research Team member (Sooraj K.S) has found Cross-Site Scripting Vulnerabilities in Adiscon LogAnalyzer. The vulnerability is caused by improper…

Continue ReadingAdiscon LogAnalyzer ‘highlight’ Parameter Cross Site Scripting Vulnerability

Xataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities

• Post author:Veerendra GG
• Post published:September 7, 2011
• Post category:Security Research and Intelligence
• Reading time:1 mins read

SecPod Research Team member (Antu Sanadi) has found Multiple Vulnerabilities in Xataface WebAuction and Xataface Librarian DB. The vulnerability is…

Continue ReadingXataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities

MYRE Real Estate Software Multiple XSS and SQL Injection Vulnerabilities

• Post author:Veerendra GG
• Post published:September 7, 2011
• Post category:Security Research and Intelligence
• Reading time:1 mins read

SecPod Research Team member (Sooraj K.S) has found Multiple XSS and SQL Injection Vulnerabilities in MYRE Real Estate Software. The…

Continue ReadingMYRE Real Estate Software Multiple XSS and SQL Injection Vulnerabilities