Want to know how to write and distribute #SecurityAdvisories that can be parsed and processed automatically?
Freshly announced are this years workshops for the Common Security Advisory Framework (#CSAF). They will be held in Nuremberg, Germany, November 10th to 12th.
See https://www.csaf.io/workshops/2025/
(right after this are the CSAF Community-Days).
Unauthenticated RCE in Agorum Core Open!
During their regular security analyses, our pentest professionals from #usdHeroLab examined the open source software #AgorumCoreOpen.
They discovered multiple #vulnerabilities that, when chained together, allow an unauthenticated attacker to achieve full remote code execution with root privileges. This critical flaw enables complete system compromise without prior authentication.
๐ฐ๐ Detailed information on the published #SecurityAdvisories can be found here: https://www.usd.de/en/security-advisories-on-agorum-core-open/
#Pentest #Pentesting #moresecurity #RCE #CyberSecurity #InfoSec
๐ Our professionals at the usd HeroLab have closely examined the software #Vtiger. They discovered two vulnerabiltiies that allow low-privileged authorized users to upload files and thereby execute arbitrary code.
๐ You can find more information in the full security advisories: https://www.usd.de/en/security-advisories-vtiger/
#SecurityAdvisories #Pentest #Pentesting #moresecurity
Hereโs a collection of the #SecurityAdvisories that Iโve published over the years:
https://github.com/0xdea/advisories
If youโre interested in #VulnerabilityResearch and #ExploitDevelopment, on @github and on the @hnsec blog you can also find a trilogy of talks on these topics that I delivered between 2019 and 2021:
https://github.com/0xdea/raptor_infiltrate19
https://github.com/0xdea/raptor_infiltrate20
https://github.com/0xdea/raptor_romhack21
I hope youโll enjoy them!
Does anyone know if it's possible to sign up to get CISA's Directives? I'm already signed up for the daily Advisories and weekly Bulletins, but there are lots of them, and I'd like to get a separate feed of just industry-wide critical responses.
#cisa #incidentresponse #SecurityAdvisories
๐ข#CVE202237955: The #usdHeroLab analysts identified a vulnerability in Microsoft Windows Group Policy Updates that leads to Improper Link Resolution Before File Access (Privilege Escalation CWE-59)
๐โ๐ปโ
https://herolab.usd.de/security-advisories/usd-2022-0034/
#itsecurity #cve #SecurityAdvisories #zeroday #Microsoft #cybersecurity
Hello Fediverse! We protect companies against Hacker and Criminals. Our work is as dynamic and diverse as the threat itself. #moresecurity is our mission which underlines every step we take. The exchange of knowledge with the Community is important to us. Because #moresecurity can
reach its full potential with many comrades joining the mission.
Follow us for exciting IT security Content.
#EthicalHacking #Pentesting #SecurityAdvisories #ZeroDayExploits #HackingEvents #CTFs #Compliance #PentestingTools #OpenSourceTools #SecurityAudits #PaymentSecurity
