CVE Advisory

Introduction   On August 19th, CISA added a new vulnerability to its catalog of Known Exploited Vulnerabilities (KEV). Being tracked as CVE-2024-23897 with a…

Overview On Monday, July 1st, researchers from OpenSSH released a security update for a newly identified vulnerability which is being tracked as CVE-2024-6387, and…

On Friday, March 29th, a Microsoft researcher disclosed that he had found malicious code embedded in XZ Utils versions 5.6.0 and 5.6.1. This vulnerability…

On Dec 7th, open-source web server software provider Apache disclosed a new vulnerability with a CVSS score of 9.8, which is currently being tracked…

On Oct 27th, open-source web server software provider Apache disclosed a new vulnerability with a CVSS score of 10, which is currently being tracked…

Updated on 27/07/2023 On July 11th, Microsoft announced they had uncovered a zero-day bug found in numerous Windows and Office products with a criticality…

XM Cyber’s Research team is closely observing the emergence of a zero-day vulnerability in Progress Software’s popular managed file transfer solution, MOVEit Transfer. On…

On March 14, Microsoft released the regular Patch tuesday. During this patch Tuesday, Microsoft released 74 new patches addressing CVEs within Microsoft products. Exploiting…

Overview On March 5, a security researcher named Joshua J.Drake shared details about CVE-2023-21716, a Microsoft Word vulnerability that was patched during February 2023…

On December 12th, Fortinet, one of the foremost players in the firewall, AV, intrusion prevention systems, and endpoint security ecosystem, announced the discovery of…

On May 27, a new zero day critical vulnerability called Follina was discovered by the nao_sec security research team. The vulnerability resides in malicious…

Overview Last Thursday, December 9, the Log4Shell vulnerability, CVE-2021-44228 (CVSS score 10), was discovered. This remote code execution (RCE) vulnerability was being exploited in…