Exploitation is underway CVE-2022-26138, one of a trio of critical Atlassian vulnerabilities affecting the company's on-premises products. | Continue reading
On June 2, 2022, Atlassian published an advisory for CVE-2022-26134, a critical unauthenticated RCE vulnerability in Confluence Serve and Data Center. | Continue reading
Our goal for Open Data has been to enable others to participate in these efforts, increasing the positive impact across the community. | Continue reading
In our analysis of CVE-2021-21551, we found that Dell’s update didn’t fix the write-what-where condition but only limited access to administrative users. | Continue reading
On December 10, 2021, Apache released a fix for CVE-2021-44228, a critical RCE vulnerability affecting Log4j that is being exploited in the wild. | Continue reading
This research report explores how JSOs can be vulnerable to unsafe deserialization vulnerabilities, how Metasploit Framework can help validate, and more. | Continue reading