SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
Adobe Releases Critical Security Updates for Magento
As part of its August 2021 Patch Tuesday, Adobe has rolled out fixes for its e-commerce platform, Magento. These updates address 26 vulnerabilities, 20 of which have been rated as critical. On successful exploitation, most of these vulnerabilities could lead to arbitrary code execution. Apart from M...
CVE Research
Microsoft August 2021 Patch Tuesday Addresses 44 CVEs, Including Three Zero-Days
Microsoft has released August Patch Tuesday security updates with a total of 44 vulnerabilities in the family of Windows and Mac operating systems and related products. In the release by Microsoft, 7 were rated as Critical and 37 as Important. Hence, the products covered in August’s security update ...
CVE Research
SanerNow’s Extensive Coverage for Top Routinely Exploited Vulnerabilities
Cyber threats are growing in number, but the measures to prevent attacks and breaches are not getting the same attention. To educate organizations about consistent cyber hygiene measures, government agencies take responsibility for keeping companies informed about imminent threats across entire coun...
CVE Research
Arcadyan-Based Routers and Modems Under Active Exploitation
Millions of routers are exposed to a security flaw that existed for a decade in home routers with Arcadyan firmware. This actively exploited flaw tracked under CVE identifier CVE-2021-20090 has found its way into routers provided by at least 20 models across 17 different vendors and 11 countries. A ...
CVE Research
Cisco Patches Critical and High Severity Flaws in Its VPN Routers
Cisco is one of the popularly known firms for manufacturing networking products along with developing software products. Recently it addressed three vulnerabilities, one is critical, and the other two are high severity flaws in its VPN routers. These vulnerabilities are said to be a part of the web-...
CVE Research
Introducing A Fresh Perspective to Cybersecurity: Continuous Vulnerability and Exposure Management!
IT landscape is expanding and getting more complex day by day. With the growing number of cyberattacks and changing working norms, organizations are in a critical situation to protect what they have built and save themselves from the eyes of the attackers. Achieving IT security is not an easy proces...
CVE Research
The elevation of Privilege Vulnerabilities affects Windows and Linux.
There are two new vulnerabilities that were discovered on Tuesday, which affect Windows and Linux machines. An easily exploitable privilege escalation vulnerability has been identified in Windows 10 build 1809 and above, and its name is SeriousSAM, aka HiveNightmare. SeriousSAM allows a local non-ad...
CVE Research
Oracle Critical Security Updates July 2021
Oracle Critical Security Updates July 2021 has released 342 new security patches for a wide range of product families. However, these include Oracle E-Business Suite, Oracle MySQL, Oracle Java SE, Oracle Hospitality Applications, Oracle Siebel CRM, Database Server, etc. Moreover, multiple products c...
CVE Research
Severe Vulnerabilities Patched in WooCommerce and Google Chrome
A critical SQL injection vulnerability was recently fixed in the WordPress plug-in, WooCommerce. The vulnerability poses a threat to over 5 million WordPress websites and can be exploited to obtain access to information stored in the databases of online stores. On a different but related subject, a ...