CVE-2016-6797
The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those...
Read MoreAuthor: Cyberthreat Blog
CVE-2017-3130
An information disclosure vulnerability in Fortinet FortiOS 5.6.0, 5.4.4 and below versions allows attacker to get FortiOS version info by inspecting FortiOS IKE VendorID packets.
Read MoreCVE-2017-7737
An information disclosure vulnerability in Fortinet FortiWeb 5.8.2 and below versions allows logged-in admin user to view SNMPv3 user password in cleartext in webui via the HTML source code.
Read MoreMaldoc Analysis with ViperMonkey, (Thu, Aug 10th)
We received another Emotet maldoc, but this time the analysis with VBA emulator ViperMonkey will have to be done differently. ViperMonkey is still under development, and for this maldoc, it does not manage to execute the code...
Read MoreCVE-2017-8518
Microsoft Edge allows a remote code execution vulnerability due to the way it accesses objects in memory, aka “Scripting Engine Memory Corruption Vulnerability”.
Read More