Category: CVE Releases

Category Archive

Windows Telephony Services: 2025 Patch Diffing & Analysis Part 1

February 6, 2025 26 min read

At the start of 2025, on January 14th, Microsoft released over 20+ CVEs addressing Remote Code Execution (RCE) vulnerabilities in Microsoft Telephony Services, primarily caused by heap-based buffer overflows. Seeing…

Remediation for CVE-2024-20767 and CVE-2024-21216: Protect Yourself Against Two Recent Critical Bugs Exploitable in the Wild

November 18, 2024 3 min read

CVE-2024-20767- ColdFusion Path Traversal can lead to reading important data. CVE-2024-20767 is a vulnerability in ColdFusion versions 2023.6, 2021.12, and earlier. These versions are affected by an improper access control…