0-day

This blog was authored by Pierre Cadieux, Colin Grady, Jaeson Schultz and Matt Valites Attackers are actively exploiting a recently disclosed vulnerability in Oracle WebLogic to install a new variant of ransomware called “Sodinokibi.” Sodinokibi attempts to encrypt data in a user’s…

Discovered by Aleksandar Nikolic of Cisco Talos Overview Today, Talos is releasing details of a new vulnerability within Adobe Acrobat Reader DC. Adobe Acrobat Reader is the most popular and most feature-rich PDF reader. It has a big user base, is usually a default PDF reader on systems and integrat…

Talos is disclosing two denial-of-ervice vulnerabilities in Pixar’s Renderman application. Renderman is a rendering application used in animation and film production. It is widely used for advanced rendering and shading in many large-scale environments. Both vulnerabilities are due to the lack of pr…

Talos is disclosing a remote code execution vulnerability in the Microsoft wimgapi library. The wimgapi DLL is used in the Microsoft Windows operating system to perform operations on Windows Imaging Format (WIM) files. WIM is a file-based disk image format created by Microsoft to simplify the deploy…

Talos is disclosing a denial-of-service vulnerability in the Ocularis Recorder. Ocularis is a video management software (VMS) platform used in a variety of settings, from convenience stores, to city-wide deployments. An attacker can trigger this vulnerability by crafting a malicious network packet t…

Vulnerabilities discovered by Tyler Bohan from Talos Overview Talos is disclosing three remote code execution vulnerabilities in the NASA CFITSIO library. CFITSIO is a library of C and Fortran subroutines for reading and writing data files in the Flexible Image Transport System (FITS) data format. F…

Discovered by Lilith Wyatt of Cisco Talos Overview Talos is disclosing several vulnerabilities identified in Simple DirectMedia Layer’s SDL2_Image library that could allow code execution. Simple DirectMedia Layer is a cross-platform development library designed to provide low level access to a…

Discovered by Tyler Bohan of Cisco Talos Overview Today, Cisco Talos is disclosing a vulnerability within Computerinsel PhotoLine’s PSD-parsing functionality. Photoline is an image processing tool used to modify and edit images, as well as other graphic-related material. This product has a lar…

Cisco Talos is disclosing several vulnerabilities identified in Circle with Disney. Circle with Disney is a network device designed to monitor the Internet use of children on a given network. Circle pairs wirelessly, with your home Wi-Fi and allows you to manage every device on the network, tablet,…