Vulners weekly digest #11

4 sections:VulnerabilitiesToolsNewsResearches (red teaming, threat hunting, malware) Vulnerabilities June's "the second Tuesday patch" has become the largest in the history of Microsoft. The patches fix 129 vulnerabilities – the maximum number of security issues ever closed by Microsoft in a single "fix Tuesday". However, despite the number of vulnerabilities, none of them is a zero-day … Continue reading Vulners weekly digest #11

Vulners weekly digest #10

Default 4 sections:VulnerabilitiesToolsNewsThreat hunting and malware research Vulnerabilities Apple has released updates to fix a CVE-2020-9859 that was used to jailbreak an iPhone with iOS 13.5. The vulnerability affects the iOS kernel and can allow an application to execute arbitrary code with kernel privileges. https://vulners.com/apple/APPLE:HT211214 CVE-2020-2883 in the Oracle WebLogic Server product of Oracle Fusion … Continue reading Vulners weekly digest #10

Vulners weekly digest #9

Four NO traditional sections in our weekly digest. Enjoy! Vulnerabilities and additional info LPE Windows CVE-2019-0880 Detailed research CVE-2019-0880 without exploit. Zero day? https://byteraptors.github.io/windows/exploitation/2020/05/24/sandboxescape.html According to my tests, this bug seems to be still working against a full-patched Windows 7 system and for this reason I chose not to publish the exploit code. Research story … Continue reading Vulners weekly digest #9

Monthly Vulners Review #2

Vulners eventsThe most interesting vulnerabilities of the monthVery few toolsNews with almost no attacks Vulners events There have been several events for Vulners this month: Intergated with project: https://attackerkb.com which we mentioned at Vulners weekly digest #5;Vullners integrated with data about Apple vulnerabilities. Mentioned at Vulners weekly digest #7;Update our contacts 🙂 Anyone can contact … Continue reading Monthly Vulners Review #2

Jailbreak for any IOS devices

Last weekend, a team of information security experts and reverse engineers introduced a new version of the Unc0ver jailbreak (5.0.0). This tool works for almost any iPhone, even with the latest iOS 13.5 on board. Unc0ver authors say it exploits a zero kernel vulnerability in the iOS kernel, which Apple experts are not yet aware … Continue reading Jailbreak for any IOS devices

Vulners weekly digest #8

Three traditional sections in our weekly digest. Enjoy! Vulnerabilities and attacks Last week, Microsoft released its monthly update - 'the second Tuesday patch', which we haven't mentioned yet, but it was done by Aleksendr Leonov in his blog. On his blog, he gave a brief overview of this update. Various researches have been published this … Continue reading Vulners weekly digest #8

Vulners weekly digest #7

+1 integration for Vulners: Old and fresh vulnerabilitiesToolsVarious news This week Vullners integrated with data about Apple vulnerabilities! Already available at Vulners DB: https://vulners.com/search?query=type:apple Vulnerabilities Update news on vulnerabilities from our latest digest and sth new! Gitlab exploit Automation to exploit one of the latest vulnerabilities in gitlab. Of course, it's possible to exploit it … Continue reading Vulners weekly digest #7

Vulners weekly digest #6

This review is more about exploiting vulnerabilities in attacks on various areas. We also gave examples of why security updates should not be ignored. The most interesting vulnerabilities If you use any tools / systems that are mentioned in this section, it is recommended to install security updates. Gitlab multiple vulnerabilities Many companies use such … Continue reading Vulners weekly digest #6

Vulners weekly digest #5

+1 integration for VulnersReview fresh vulnerabilities without MicrosoftToolsNews without COVID-19 and ZOOM This week the Vullners integrated with a new great project: https://attackerkb.com It is already available: https://vulners.com/search?query=type:attackerkb Vulnerabilities, exploits or PoCs Is it possible to make a digest without vulnerabilities in microsoft products? Let's try to do it! Multiple vulnerabilities in the IQrouter Information … Continue reading Vulners weekly digest #5

Monthly Vulners Review #1

The first monthly vulners review.Main Vulners events.Only critical and important vulnerabilities.Some intersting tools.The most entertaining and flashy news. Vulners events There have been several events for Vulners this month: The revival of the blog;Translation of research Hidden Threat - Vulnerability Analysis using the news graph from Lydia Khramova;Intergated with Exploit Pack collection, which we mentioned … Continue reading Monthly Vulners Review #1