FeedEnterprise Infrastructure

Verified advisories, vulnerability disclosures, and architectural research.

CVE-2016-3351

Securing Legacy Environments: A Technical Analysis of CVE-2016-3351 in Internet Explorer and Edge

An information disclosure vulnerability exists in the way that certain functions in Internet Explorer and Edge handle objects in memory. The vulnerability could allow an attacker to detect specific files on the user's computer.

Internet Explorer and Edge

View Detail

CVE-2023-4966

CVE-2023-4966: Critical Buffer Overflow Vulnerability in NetScaler ADC and Gateway (Citrix Bleed)

Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

NetScaler ADC and NetScaler Gateway

View Detail

CVE-2023-46805

CVE-2023-46805: Critical Ivanti Connect Secure Authentication Bypass Advisory

Ivanti Connect Secure (ICS) and Ivanti Policy Secure gateways contain a critical authentication bypass vulnerability (CVE-2023-46805) in their web component. This allows unauthenticated remote attackers to access restricted resources, often used in conjunction with CVE-2024-21887 for full system compromise.

Connect Secure and Policy Secure

View Detail

CVE-2021-44529

Critical Ivanti EPM CSA Code Injection Advisory: CVE-2021-44529 Patch Requirements

Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody).

Endpoint Manager Cloud Service Appliance (EPM CSA)

View Detail

CVE-2023-21529

CVE-2023-21529: Critical Microsoft Exchange Server Deserialization Vulnerability Advisory

Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.

Exchange Server

View Detail