SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
Oracle Releases Critical Security Updates January 2025 – Patch Now!
Oracle has released its Critical Patch Update (CPU) for January 2025, addressing 318 new security patches across various product families, including Oracle Database Server, Oracle MySQL, Oracle Communications, Oracle E-Business Suite, Oracle Fusion Middleware, and more. This update mitigates vulnera...
CVE Research
Critical Code Execution Vulnerability (CVE-2025-0411) Detected in 7-Zip
A critical security vulnerability identified as CVE-2025-0411 has been detected in 7-Zip, a widely used file archiver. With a CVSS score of 7.0, this vulnerability allows attackers to bypass the Windows “Mark-of-the-Web” (MotW) security feature. If exploited, it could lead to the execution of malici...
CVE Research
Reducing R&D Costs and Speeding Up Time-to-Market – How Integrating SecPod Can Help Businesses
When it comes to product development, Technology Vendors are under immense pressure to innovate rapidly, reduce costs, and maintain end-to-end security. This trifecta of challenges often strains resources, delays launches and impacts customer satisfaction. However, integrating SecPod’s advanced tech...
CVE Research
Critical Path Traversal Vulnerabilities (CVE-2024-10811, CVE-2024-13161, CVE-2024-13160, and CVE-2024-13159) in Ivanti Endpoint Manager
Ivanti, an IT management solutions, has identified and addressed four critical vulnerabilities in its Endpoint Manager (EPM) software. These vulnerabilities, identified as CVE-2024-10811, CVE-2024-13161, CVE-2024-13160, and CVE-2024-13159, have been assigned a CVSS score of 9.8, indicating their hig...
CVE Research
Cloud Security Best Practices That Every User Should Implement
The cloud has become a foundational element of modern business operations due to its far-reaching scalability, adaptability, and cost-effectiveness. However, as more companies adopt cloud computing, they should also implement cloud security best practices to avoid the increasing dangers of modern cy...
CVE Research
Critical Vulnerability Uncovered: CVE-2025-0282 Puts Ivanti Systems at Risk
Ivanti has disclosed a critical vulnerability identified as CVE-2025-0282, affecting several of its products, including Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways. With a CVSS Score of 9.0, this stack-based buffer overflow vulnerability allows remote, unauthenticated attacker...
CVE Research
How New Year Traffic Stresses Your Cloud Security (And What to Do About It)
The New Year is here — a time for fresh beginnings, renewed goals, and ambitious business plans. However, it’s also a period where cybercriminals remain active, exploiting vulnerabilities that arise during high-traffic events and transitions into the new calendar year.
CVE Research
Palo Alto PAN-OS Severe Vulnerability (CVE-2024-3393) Exploited
Palo Alto announced a critical security vulnerability affecting its PAN-OS software. PAN-OS is the operating system developed by Palo Alto Networks for its network security devices, which is used to provide advanced security features.The vulnerability tracked as CVE-2024-3393 can cause a denial of s...