Security Research

CVE Research

What is Continuous Vulnerability and Exposure Management?

CVE Research

Microsoft June 2022 Patch Tuesday Addresses 55 Vulnerabilities Including 1 Zero-Day

Microsoft has released June 2022 Patch Tuesday security updates, addressing 55 vulnerabilities. Three are classified as critical, and 52 as important. Additionally, the products covered in the May security update include Windows Hyper-V, Windows LDAP, Windows Network File System, Visual Studio, Azur...

CVE Research

Atlassian Confluence Server and Data Center Zero Day Vulnerability Under Active Exploitation. Patch Now!

OGNL Injection Vulnerability was discovered in Atlassian Confluence Server and Data Center, and it is tracked with CVE-2022-26134. This Atlassian Zero-Day vulnerability is actively exploited in the wild. Confluence is a wiki-based collaboration platform that enables teams to interact and share infor...

CVE Research

Follina: Microsoft Support Diagnostic Tool RCE Vulnerability Under Active Exploitation

A remote code execution vulnerability was discovered in MSDT (Microsoft Support Diagnostic Tool), which is tracked with CVE-2022-30190. Vulnerability exploitation is active in the wild. MSDT is a Windows 11/10/8.1/7 and Windows Server service. Microsoft support personnel can use the tool to evaluate...

CVE Research

Cisco IOS XR Zero Day Vulnerability Being Actively Exploited in the Wild

A medium severity zero-day vulnerability has been found in the health check RPM of Cisco IOS XR – An Internetwork Operating System (IOS) that is shipped with Cisco’s networking equipment. This vulnerability (CVE-2022-20821) allows an unauthenticated, remote attacker to access the Redis instance runn...

CVE Research

Microsoft May 2022 Patch Tuesday Addresses 75 Vulnerabilities Including 3 Zero-Days

Microsoft May 2022 Patch Tuesday has released security updates addressing a total of 75 detected vulnerabilities. On the other hand, 8 are classified as critical, 66 as important, and 1 as low severity. Microsoft may 2022 patch Tuesday products covered in the May security update include Remote Deskt...

CVE Research

F5 BIG-IP Critical Remote Code Execution Vulnerability Getting Exploited. Patch Now!

A Remote Code Execution vulnerability was detected (CVE-2022-1388) in F5 BIG-IP. This flaw affects the BIG-IP iControl REST authentication component. Successful exploitation allows remote attackers to bypass authentication and execute commands on the vulnerable device with the highest privileges. Va...

CVE Research

Oracle Releases Critical Security Updates for April 2022 – Patch Now!

Oracle has released critical security updates for April 2022, containing 520 security patches for a wide range of product families, including Oracle E-Business Suite, Oracle MySQL, Oracle Java SE, etc. This advisory covers multiple products which are prone to many vulnerabilities using patch managem...

CVE Research

Vulnerability Scanning Software: Inspections of Your Endpoints’ Infections

Every security admins’ nightmare is detecting the vulnerabilities lurking within the network. Whether its potentially dangerous malware to hidden backdoor programs with the systems, it is important to discover these vulnerabilities and remediate them using vulnerability management tool. But to carry...