Latest Security Vulnerabilities – JAN 2020

Oracle – Quarterly Critical Patch Update   Description: Oracle’s Critical Patch Update released in January 2020 contains 334 new security patches across most of its product families. Threat: Affected products include Oracle Database Server, Oracle communication...

Latest Security Vulnerabilities – NOV 2019

Microsoft Office Excel – Security Feature Bypass   Description: To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Microsoft Office software. Threat: A security feature bypass...

Latest Security Vulnerabilities – OCT 2019

Mozilla Firefox – Memory Safety Bugs   Description: Multiple memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2. Threat: An attacker who exploited the vulnerability could potentially be able to execute arbitrary code in the browser of victims....

Latest Security Vulnerabilities – SEP 2019

WordPress – Cross-Site Scripting (XSS) in Shortcode Previews   Description: WordPress before version 5.2.3 allows XSS in shortcode previews, which gives attackers chances to compromise the victim’s web server. Threat: An attacker who exploited the vulnerability could...

Latest Security Vulnerabilities – AUG 2019

Bluetooth – Encryption Key Negotiation of Bluetooth Vulnerability   Description: Bluetooth BR/EDR key negotiation vulnerability exists at the hardware specification level of any BR/EDR Bluetooth device. An attacker would need specialized hardware and would be limited...