Common Vulnerabilities & Exposures
Vulnerability 1: Printnightmare Windows Spooler Service (9.0 Critical) Description: The Windows Spooler Service (WSS) holds a Remote Code Execution vulnerability. The WSS is used to implement the print roles for clients and servers, by enabling each connected system to act as a print client, administrative client or print server for printer services. A remote code execution (RCE) […]
Common Vulnerabilities and Exposures August 2021
Vulnerability 1: ManageEngine ADSelfService Plus CSV Injection Vulnerability (9.3 Critical) Description: A CSV injection vulnerability lies within ManageEngine AD Self Service Plus system. A CSV injection attack involves an attacker exploiting improper validation techniques used by websites and web applications and by doing this they can execute applications and code. These types of attacks can be exploited […]
Common Vulnerabilities and Exposures – October 2022
Critical Zoho ManageEngine RCE Vulnerability On the 22nd September 2022, the US Cybersecurity and Infrastructure Security Agency (CISA) added a critical unauthenticated Remote Code Execution (RCE) vulnerability affecting Zoho ManageEngine products to their Known Exploited Vulnerabilities catalog. This vulnerability has a CVSS score of 9.8 and exploits a java deserialisation vulnerability that allows an unauthenticated […]