Threat Advisory: ISC BIND 9.18.0 < 9.18.3 Assertion Failure (CVE-2022-1183)

Threat Denial of Service via TLS Assertion Failure Vulnerability ISC BIND 9.18.0 < 9.18.3 Assertion Failure (CVE-2022-1183)1 CVSS – 7.0 HIGH Vulnerability Publication Date 05/18/2022 Exploitable – Remotely Description BIND is the most used DNS server software in use.2 CVE-2022-1183 allows for a TLS session to be terminated early, resulting in an assertion failure. BIND […]

Threat Advisory: Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2022-26809)

Threat Remote Code Execution through Microsoft RPC Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2022-26809)1  CVSS – 9.8 CRITICAL Vulnerability Publication Date – 4/12/2022 Exploits Available – Most Likely Description Of the 128 vulnerabilities in Microsoft’s April patch, 10 have a critical severity but CVE-2022-26809 is raising the most concern. The vulnerability affects […]

Threat Advisory: Spring Framework Spring4Shell Vulnerability (CVE-2022-22965)

Threat Remote Code Execution (RCE) in the Java Spring Framework Vulnerability Spring Framework Spring4Shell (CVE-2022-22965)1 CVSS – 9.8 CRITICAL Vulnerability Publication Date – 3/31/2022 Exploits Available Description The Spring4Shell Remote Code Execution vulnerability affects Apache Tomcat servers running JDK9+ with Spring library versions prior to 5.2.20 or 5.3.x prior to 5.3.18. After 26 years of […]