Tr3ee, a security researcher, has released proof-of-concept (PoC) exploit code for a Linux Kernel eBPF local privilege escalation (CVE-2022-23222) vulnerability that the Linux kernel patched in January this year. This flaw has a CVSS...
On June 7, containerd issued a risk notice for the containerd denial of service vulnerability, which was tracked as CVE-2022-31030 with the CVSS score of 5.5. The denial of service attack occurred in container...
Recently, Linux kernel maintainers issued a risk notice for the Linux Kernel privilege escalation vulnerability, the vulnerability number is CVE-2022-32250. This flaw is a use-after-free bug that was found in the Linux kernel’s net/netfilter/nf_tables_api.c....
GitLab is an open-source project for a warehouse management system. It uses Git as a code management tool to access public or private projects through a web interface. On June 1, GitLab officially issued...
On June 2, 2022, Atlassian officially issued a risk notice for Confluence Server and Data Center. The vulnerability number is CVE-2022-26134, and the vulnerability level is critical. The flaw was reported by the cybersecurity...
A new zero-day vulnerability in Microsoft Office has been publicly revealed, allowing remote code execution on affected Windows systems. A Microsoft Office Zero-Day RCE issue was identified in the ms-msdt:// URI scheme to run the...
Recently, Linux kernel maintainers issued a risk notice for the Linux perf subsystem, the vulnerability number is CVE-2022-1729, and the vulnerability level is high risk with the CVSS of 7.0. This flaw is a...
The Internet Systems Consortium (ISC) has released an advisory outlining a vulnerability that could impact the widely deployed Berkeley Internet Name Domain (BIND) server software. The Berkeley Internet Name Domain (BIND) implements a domain...
Alibaba has issued a Fastjson risk notice remote code execution vulnerability which affects versions 1.2.80 and below. The default autoType closure restriction can be bypassed under certain conditions. An attacker could exploit this vulnerability...
The three-day Pwn2Own 2022 hackathon in Vancouver has come to an end this week. Pwn2Own is the world’s most famous hacker competition with the most lucrative prize money. It is hosted by the ZDI...
