Cyber Security Research Blogs

Overview Google Project Zero has once again provided important insight into Apple’s security model. Security researcher Jann Horn discovered a novel ASLR (Address Space LayoutContinue readingApple Fixes ASLR Bypass Vulnerability Discovered by Google Project Zero Researcher

Vulnerable Version versions 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.0-8.5.3 Fixed Version update in latest version Base Score 9.8 critical                                                                   Vendor Description:- Confluence is aContinue readingAtlassian Confluence Pre-Auth RCE via OGNL Injection – CVE-2023-22527

Vulnerable Version version 1.10.12-tls Fixed Version update latest version Base Score 9.8 critical Vendor Discription:- 1Panel is a modern, open-source Linux server management panel thatContinue reading1Panel Control Panel PostAuth SQL Injection – CVE-2024-39907

Vulnerable Version version 2023.05.3 and below Fixed Version update latest version Base Score 9.8 Critical                                                                   Vendor Description:- JetBrains TeamCity is a robust continuous integrationContinue readingJetbrains TeamCity Auth Bypass and RCE (CVE-2023-42793)

Vulnerable Version versions <= 9.1 Fixed Version versions 9.2 Base Score 9.9 critical                                                                   Vendor Description:- pgAdmin is a widely used open-source administration and developmentContinue readingPgAdmin 9.1 Authenticated RCE – CVE-2025-2945

Vulnerable Version versions from RELEASE.2019-12-17T23-16-33Z up to RELEASE.2023-03-20T20-16-18Z. Fixed Version RELEASE.2023-03-20T20-16-18Z or later Base Score 7.5 high                                                                   Vendor Discription:- MinIO is a high-performance, open-sourceContinue readingMinIO Information Disclosure – CVE-2023-28432

Vulnerable Version OpenTSDB <= 2.4.1 Fixed Version UPdate latest Versions Base Score 9.8 critical                                                                   Vendor Description:- Metabase is an open-source business intelligence (BI) andContinue readingMetabase Pre-Auth JDBC RCE – CVE-2023-38646

Vulnerable Version OpenTSDB <= 2.4.1 Fixed Version UPdate latest Versions Base Score 9.8 critical                                                                   Vendor Discription:- OpenTSDB (Open Time Series Database) is an open-source,Continue readingOpenTSDB Command Injection- CVE-2023-25826