Cyber Security Information Portal
CISA Adds One Known Exploited Vulnerability to Catalog 07/29/2022 11:57 AM EDT Original release date: July 29, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the …
Continue reading “CISA Adds One Known Exploited Vulnerability to Catalog”
CISA Adds One Known Exploited Vulnerability to Catalog 07/29/2022 11:57 AM EDT Original release date: July 29, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the …
Continue reading “CISA Adds One Known Exploited Vulnerability to Catalog”
CISA Releases Log4Shell-Related MAR 07/28/2022 10:46 AM EDT Original release date: July 28, 2022 From May through June 2022, CISA responded to an organization that was compromised by an exploitation of an unpatched and unmitigated Log4Shell vulnerability in a VMware Horizon server. CISA analyzed five malware samples obtained from the organization’s network and released a …
CISA releases 3 Industrial Control Systems Advisories 7/28/2022 12:15 PM EDT
Vulnerability Summary for the Week of July 18, 2022 07/26/2022 02:59 PM EDT Original release date: July 26, 2022 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info infiray — iray-a8z3_firmware An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The firmware contains a potential buffer overflow by calling strcpy() without …
Continue reading “Vulnerability Summary for the Week of July 18, 2022”
CISA releases 5 Industrial Control Systems Advisories 7/26/2022 12:15 PM EDT
Google Releases Security Updates for Chrome 07/21/2022 12:52 PM EDT Original release date: July 21, 2022 Google has released Chrome version 103.0.5060.134 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply …
Continue reading “Google Releases Security Updates for Chrome”
Drupal Releases Security Update 07/21/2022 12:48 PM EDT Original release date: July 21, 2022 Drupal has released security updates to address vulnerabilities affecting Drupal 9.3 and 9.4. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Drupal security advisory SA-CORE-2022-015 and apply the …
Oracle Releases July 2022 Critical Patch Update 07/20/2022 02:57 PM EDT Original release date: July 20, 2022 | Last revised: July 21, 2022 Oracle has released its Critical Patch Update for July 2022 to address 349 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected …
Continue reading “Oracle Releases July 2022 Critical Patch Update”
Vulnerability Summary for the Week of July 11, 2022 07/18/2022 07:52 AM EDT Original release date: July 18, 2022 | Last revised: July 19, 2022 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info ceneo-web-scrapper_project — ceneo-web-scrapper The adriankoczuruek/ceneo-web-scrapper repository through 2021-03-15 on GitHub allows absolute path traversal because the …
Continue reading “Vulnerability Summary for the Week of July 11, 2022”