Summary On January 25, researchers at Qualys disclosed a high severity local privilege escalation (LPE) vulnerability affecting Linux’s policy kits (Polkit) pkexec utility. Pkexec is
Update December 17th, 2021: Log4j 2.15.0 Vulnerability Upgraded from Low to Critical Severity (CVSS 9.0) – RCE possible in non-default configurations The Apache Software Foundation
Summary On November 17th, 2021 Microsoft disclosed the existence of a high severity information disclosure vulnerability impacting Azure Active Directory (Azure AD) that could allow
Summary On August 11th, 2020 Microsoft publicly disclosed the existence of a critical severity Elevation of Priviledge (EOP) vulnerability that impacts all recent versions of Windows Server
Summary On July 14th, 2020 Microsoft publicly disclosed the existence of a critical severity vulnerability in all recent versions of the Microsoft Windows Server operating
Updated on July 7th, 2020: The Cyber Fusion Center has learned that the original mitigation guidance provided by F5 was incomplete and has been bypassed.