Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
0patch.com
Micropatches Released For Microsoft Office Security Feature Bypass (CVE-2023-33150) - Plus a Small 0day
In July 2023, Microsoft released a patch for CVE-2023-33150, a vulnerability in Microsoft Office that allowed an attacker to create a malicious Word document which would not open in Protected View eve ... Read more
-
Google
Government-backed actors exploiting WinRAR vulnerability
K Kate Morgan Threat Analysis Group In recent weeks, Google’s Threat Analysis Group’s (TAG) has observed multiple government-backed hacking groups exploiting the known vulnerability, CVE-2023-38831, i ... Read more
-
cert.pl
Vulnerability in SmodBIP software
CVE ID CVE-2023-4837 Publication date 10 October 2023 Vendor Jan Syski Product SmodBIP Vulnerable versions All Vulnerability type (CWE) Cross-Site Request Forgery (CWE-352) Report source Own research ... Read more
-
0patch.com
Micropatches Released For Two Windows CNG Key Isolation Service Vulnerabilities (CVE-2023-28229, CVE-2023-36906)
Last month, security researcher @k0shl of Cyber Kunlun published a proof-of-concept for CVE-2023-28229, an elevation of privilege vulnerability in CNG Key Isolation Service. The same POC also demonstr ... Read more
-
cert.pl
Vulnerability in UptimeDC software
CVE ID CVE-2023-4997 Publication date 04 October 2023 Vendor ProIntegra S.A Product UptimeDC Vulnerable versions All below 2.0.0.33940 Vulnerability type (CWE) Missing Authorization (CWE-862) Report s ... Read more
-
0patch.com
Micropatches Released For Windows Error Reporting Service Elevation of Privilege (CVE-2023-36874)
With July 2023 Windows Updates, Microsoft brought a fix for CVE-2023-36874, a local privilege escalation vulnerability in Windows Error Reporting Service that was found both by Google TAG and CrowdStr ... Read more
-
0patch.com
Micropatches Released For Windows Search Remote Code Execution (CVE-2023-36884)
Alongside July 2023 Windows Updates, Microsoft revealed the existence of a 0day that was detected in the wild and assigned it CVE-2023-36884. Without issuing a patch, they titled their original adviso ... Read more
-
cert.pl
Vulnerability in lua-http library
CVE ID CVE-2023-4540 Publication date 05 September 2023 Vendor Daurnimator Product lua-http Vulnerable versions All including 0.4 before ddab283 commit Vulnerability type (CWE) Improper Handling of Ex ... Read more
-
0patch.com
Micropatches Released For Denial of Service in Microsoft Message Queuing (CVE-2023-28302, CVE-2023-21769)
April 2023 Windows Updates brought fixes for a number of vulnerabilities in Microsoft Message Queuing Service. We first issued patches for the "Queuejumper" remote code execution vulnerability (CVE-20 ... Read more
-
0patch.com
Micropatches Released For DHCP Server Service Remote Code Execution (CVE-2023-28231)
April 2023 Windows Updates brought a fix for CVE-2023-28231, a remote code execution vulnerability in DHCP Server service. The vulnerability was reported to Microsoft by security researcher YanZiShuan ... Read more