Security Headlines Podcast release

Our new podcast security headlines is live live live

Firo Solutions security headlines podcast

Security Headlines is a podcast about the latest
security vulnerabilities with in the cyber security field.
So if your interested about the latest security
holes nomather if you are a tech savy penetration tester,
a devops person, a programmer or just generally interested
in the latest technology security news.
Security headlines is here for you!

We wanted to create a new objective cyber security podcast about the latest vulnerabilities
we wanted something that we very objective and something that just talks quick about
the latest security vulnerabilites.
Something quick and objective that will update you in around 5 minutes on whats new.

In this episode we talk about:

FreeBSD – TCP IPv6 SYN cache kernel information disclosure

py-bleach XSS

An xss has been found in the python HTML sanitizing library “bleach”.
It’s a more advanced version of Django’s urlize library.

CVE-2020-3950 VMware Fusion privledge escalation exploit by @0xm1rch

A privledge escalation exploit has been published for VMware Fusion.

New IMCE Dir Exploit for Hacking Drupal Websites

IMCE which is a file manager for drupal that allows for uploading files,
someone has published a google dork and a poc exploit for this.

CVE-2020-10018 webkit2gtk: Execute arbitrary code commands - Remote unauthenticated

Arbitary code execution when parsing malicious sites.

FreeBSD – Kernel memory disclosure with nested jails

A superuser inside a jail can create a jail and may be able to read and take
advantage of exposed kernel memory, so please update your freebsd jails

CVE-2020-7606 (docker-compose-remote-api)

docker-compose-remote-api is a Connection interface between docker-compose
and the Docker Remote API.
the variable name serviceName can be manipulated due to a inproper
validation, by a third party which can cause code execution

Subscribe and check it out at:

Rss feed: