GHSA-r3q8-ccf6-4xhj
Zeek versions prior to 8.0.9 contain a vulnerability in the FTP analyzer where unauthenticated remote attackers can cause a denial of service by triggering uncontrolled memory consumption. This…
Read the full articleYou might also wanna read
Deep Dive: The Rewritten AF_UNIX Garbage Collector and CVE-2025-40214
A walkthrough of the rewritten AF_UNIX garbage collector, the CVE-2025-40214 scc_index uninitialised-field bug, and two reproducers.

WAF - WAF Release - 2026-05-15 - Emergency
This emergency release introduces two new rules to detect nginx heap buffer overflow and heap spray exploitation attempts targeting the rewr

WAF - WAF Release - 2025-07-21
This week's update spotlights several critical vulnerabilities across Citrix NetScaler Memory Disclosure, FTP servers and network applicatio
Analysis of CVE-2026-4020: Coordinated Google Cloud Fleet Exploiting Gravity SMTP WordPress Vulnerability
Almost every IP we logged exploiting the Gravity SMTP credential bug shares one HTTP fingerprint. Behind it is a Google Cloud fleet of thous

CVE-2025-9032: Heap Buffer Out-of-Bounds Read Vulnerability in Avira Antivirus Engine
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Local Execution o

WAF - WAF Release - 2025-12-01
This week’s release introduces new detections for remote code execution attempts targeting Monsta FTP (CVE-2025-34299), alongside improvemen

Comments
Sign in to join the conversation.
No comments yet. Be the first.