Skip to content
feed: live about
>_ 0dayNews
$ vendors

Vendors

~/vendors/microsoft
Microsoft

Windows, Exchange, Outlook, Azure, and the patch cycle.

Vulnerabilities and patches across Windows, Exchange Server, Outlook, Active Directory, and Azure — including Patch Tuesday triage and zero-days under active exploitation.

~/vendors/cisco
Cisco

IOS XE, ASA, and edge-device exploitation.

Vulnerabilities in Cisco IOS XE, ASA, and other network infrastructure — the gear that, when compromised, hands attackers the keys to entire networks.

~/vendors/ivanti
Ivanti

Connect Secure, Policy Secure, and VPN appliance flaws.

Coverage of Ivanti Connect Secure, Policy Secure, and related edge VPN appliance vulnerabilities — a recurring target for nation-state and ransomware actors alike.

~/vendors/citrix
Citrix

NetScaler ADC, Gateway, and session-hijack flaws.

Citrix NetScaler ADC and Gateway vulnerabilities, including session-hijacking flaws like Citrix Bleed that bypass MFA entirely.

~/vendors/atlassian
Atlassian

Confluence, Jira, and collaboration-suite exploitation.

Vulnerabilities in Atlassian Confluence, Jira, and Bitbucket — frequent ransomware-precursor targets due to the sensitive internal documentation they host.

~/vendors/palo-alto-networks
Palo Alto Networks

PAN-OS, GlobalProtect, and firewall zero-days.

PAN-OS and GlobalProtect vulnerabilities affecting Palo Alto Networks firewalls — perimeter devices where a single command-injection flaw can mean full network compromise.

~/vendors/fortinet
Fortinet

FortiOS, FortiGate, and FortiProxy perimeter flaws.

Vulnerabilities in FortiOS, FortiGate, and FortiProxy — the firewall and SSL-VPN appliances that sit at the network edge, making a single auth-bypass or overflow bug a direct path to full network compromise.

~/vendors/f5
F5

BIG-IP and iControl REST management-plane flaws.

Vulnerabilities in F5 BIG-IP's iControl REST and TMUI management interfaces — application-delivery controllers whose compromise typically hands attackers control of the load-balanced traffic behind them.

~/vendors/vmware
VMware

vCenter, ESXi, and Spring Framework RCE flaws.

Vulnerabilities in VMware vCenter Server, ESXi, and the Spring Framework VMware stewards — virtualization and application infrastructure whose compromise can mean full control of an organization's entire virtual estate.

~/vendors/rarlab
RARLAB / WinRAR

WinRAR archive-handling and path-traversal flaws.

Vulnerabilities in RARLAB's WinRAR, the ubiquitous Windows archive utility — bugs here are attractive to attackers because a single malicious archive can compromise any of WinRAR's hundreds of millions of installs.

~/vendors/barracuda
Barracuda Networks

Email Security Gateway appliance flaws.

Vulnerabilities in Barracuda Networks' Email Security Gateway appliances — internet-facing mail-scanning devices that, once compromised, gave attackers a foothold that in one case survived even after patching.

~/vendors/gitlab
GitLab

GitLab CE/EE RCE and access-control flaws.

Vulnerabilities in GitLab Community and Enterprise Edition — the DevOps platform that, when compromised, can expose an organization's entire source code history and CI/CD pipeline secrets.

~/vendors/apache
Apache

Log4j and other Apache Software Foundation project flaws.

Vulnerabilities in Apache Software Foundation projects — most notably Log4j, the ubiquitous Java logging library whose Log4Shell flaw became one of the most widely exploited vulnerabilities in internet history.