The December 2025 Security Update Review

December 09, 2025 | Dustin Childs CONTINUE READING
MindShaRE: Decapping Chips for Electromagnetic Fault Injection (EMFI)
Blog post

MindShaRE: Decapping Chips for Electromagnetic Fault Injection (EMFI)

CVE-2024-21115: An Oracle VirtualBox LPE Used to Win Pwn2Own
Blog post

CVE-2024-21115: An Oracle VirtualBox LPE Used to Win Pwn2Own

CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability
Blog post

CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability

CVE-2023-36049: Microsoft .NET CRLF Injection Arbitrary File Write/Deletion Vulnerability
Blog post

CVE-2023-36049: Microsoft .NET CRLF Injection Arbitrary File Write/Deletion Vulnerability

CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability
Blog post

CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability

CVE-2023-38600: Story of an innocent Apple Safari copyWithin gone (way) outside
Blog post

CVE-2023-38600: Story of an innocent Apple Safari copyWithin gone (way) outside

Looking at the Attack Surface of the Sony XAV-AX5500 Head Unit
Blog post

Looking at the Attack Surface of the Sony XAV-AX5500 Head Unit

Finding Deserialization Bugs in the SolarWinds Platform
Blog post

Finding Deserialization Bugs in the SolarWinds Platform

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki
Blog post

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki

CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability
Blog post

CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability