Weekly Digest Week 48 – 2024
Featured Story Critical 7-Zip Vulnerability Let Attackers Execute Arbitrary Code A severe vulnerability (CVE-2024-11477) in 7-Zip, the popular file compression utility, allows attackers to execute malicious code through specially crafted archives. Rated 7.8 on the CVSS scale, the flaw lies in the Zstandard decompression implementation, where improper validation of user-supplied data results in an integer […]
Weekly Digest Week 47 – 2024
Featured Story Critical RCE Bug in VMware vCenter Server Now Exploited in Attacks Broadcom warned that attackers are actively exploiting two VMware vCenter Server vulnerabilities, including a critical remote code execution flaw (CVE-2024-38812) discovered at China’s 2024 Matrix Cup hacking contest. The flaw is due to a heap overflow in the DCE/RPC protocol implementation. The […]
