TARLOGIC's BLOG
Cybersecurity

Cybersecurity articles with security analysis and ethical hacking technics information

ESP32 hidden HCI vendor commands, technical details and use cases
ESP32 hidden HCI vendor commands, technical details and use cases
Miguel Tarascó Acuña, Antonio Vázquez Blanco

This article takes an in-depth look at the hidden commands in the ESP32 chip and the use cases that can be exploited[...]

Read more
CVE-2024-58101
CVE-2024-58101

CVSS v4.0 Score: 8.7 / High   Samsung Audio devices are Bluetooth pairable by default without user input nor a way to stop this mode. Vendor: SamsungProducts: Galaxy Buds, G[...]

Read more
Hacking Bluetooth the Easy way with ESP32 HCI Commands and hidden features
Hacking Bluetooth the Easy way with ESP32 HCI Commands and hidden features
Miguel Tarascó Acuña, Antonio Vázquez Blanco

This article documents the Bluetooth research line driven by Tarlogic Security as well as data on the ESP32 chip[...]

Read more
CVE-2025-1094: High vulnerability affects PostgreSQL
CVE-2025-1094: High vulnerability affects PostgreSQL
S.T.A².R.S Team

In recent days, a critical vulnerability (CVE-2025-1094) has been discovered in PostgreSQL that could compromise the integrity of databases in enterprise and production environment[...]

Read more
Pentesting Liferay Applications
Pentesting Liferay Applications
Víctor Fresco

This Pentesting Liferay Applications guide includes techniques that can be used to identify vulnerabilities and flaws in Liferay environments Liferay is a platform developed in the[...]

Read more
CVE-2024-49138: Risk in CLFS Log Handling on Windows
CVE-2024-49138: Risk in CLFS Log Handling on Windows
S.T.A².R.S Team

A high-severity vulnerability has been discovered affecting the Common Log File System (CLFS) functionality in Windows systems. This vulnerability, identified as CVE-2024-49138, al[...]

Read more
CVE-2024-53677: Critical vulnerability affecting Apache Struts
CVE-2024-53677: Critical vulnerability affecting Apache Struts
S.T.A².R.S Team

Information has been disclosed about a new critical vulnerability affecting the popular Apache Struts framework. The CVE-2024-53677 vulnerability could allow a remote attacker to e[...]

Read more
CVE-2024-52316: Critical vulnerability in Apache Tomcat
CVE-2024-52316: Critical vulnerability in Apache Tomcat
S.T.A².R.S Team

Critical vulnerability CVE-2024-52316 affecting Apache Tomcat allows authentication bypass when using the Jakarta authentication API A critical vulnerability has been identified in[...]

Read more
CVE-2024-6387: RegreSSHion, a high vulnerability that affects OpenSSH
CVE-2024-6387: RegreSSHion, a high vulnerability that affects OpenSSH
S.T.A².R.S Team

Information has been disclosed about a new high vulnerability (CVE-2024-6387) that affects OpenSSH over Linux Servers. RegreSSHion allows an unauthenticated attacker to obtain remo[...]

Read more
Bluetooth Architecture from Scratch
Bluetooth Architecture from Scratch
Jesús Gómez Moreno

The Bluetooth architecture determines which functions should be operational in an implementation and how they should be organised Bluetooth is composed of multiple technologies, pr[...]

Read more
1 2 3 4 13
Advanced penetration testing services