SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
Oracle Releases Critical Security Updates October 2024 – Patch Now!
Oracle has released its Critical Patch Update (CPU) for October 2024, containing 334 new security patches across various product families, including Oracle Database Server, Oracle MySQL, Oracle Communications, Oracle E-Business Suite, Oracle Fusion Middleware, and more. This update addresses vulnera...
CVE Research
Critical Vulnerabilities in Windows, CERT-In Warns Users
Microsoft Windows, the world’s most widely used desktop OS, is at risk! The Indian Computer Emergency Response Team (CERT-In) has issued a high-severity alert, warning Windows users in India of several vulnerabilities in Microsoft products and urging them to update their systems immediately.
CVE Research
Adobe Rolls Out Critical Security Updates Across Multiple Products – October 2024
In October 2024, Adobe issued security updates to fix several vulnerabilities in Adobe Substance 3D Painter, Adobe Commerce, Adobe Dimension, Adobe Animate, Adobe Lightroom, Adobe InCopy, Adobe InDesign, Adobe Substance 3D Stager, and Adobe FrameMaker. Cyber attackers could exploit these flaws to ga...
CVE Research
Microsoft Fixes 118 Flaws, 5 Zero Days in October 2024 Patch Tuesday
This month, Microsoft released security updates addressing 118 vulnerabilities, of which 5 were publicly disclosed zero days, and 3 were critical RCE flaws. Two of the zero days are known to have been actively exploited. The chart below offers some insight into the types of vulnerabilities found.
CVE Research
Zimbra Fixes Actively Exploited CVE-2024-45519 Flaw Allowing Unauthorised Code Execution
Zimbra has issued an advisory regarding a critical vulnerability identified as CVE-2024-45519, found in its postjournal service. This flaw has been classified as having a high severity level, allowing unauthenticated users to execute arbitrary commands on vulnerable systems. The vulnerability was f...
CVE Research
A Cup Half Empty: Linux RCE Flaws Discovered In CUPS
It’s been a rough year for Linux! The XZ Utils bug caused tremors worldwide in March, and with the recent discovery of a potential chain attack on the CUPS open-source printing system, Linux seems to be caught in a veritable maelstrom of vulnerabilities.
CVE Research
Vulnerability Management Framework: A 5-Step Blueprint for Cyber Defense
How can you consistently identify and patch security risks while improving your cybersecurity posture. The answer lies in strong vulnerability management framework. 50% of organizations around the world experienced a breach caused by unpatched vulnerabilities. Without a structured approach to manage...
