Cyber Security Information Portal
Vulnerability Summary for the Week of September 26, 2022 10/03/2022 08:56 AM EDT Original release date: October 3, 2022 | Last revised: October 5, 2022 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info acer — altos_t110_f3 There is a stack buffer overflow vulnerability, which could lead to arbitrary code …
Continue reading “Vulnerability Summary for the Week of September 26, 2022”
Vulnerability Summary for the Week of July 25, 2022 08/01/2022 08:44 AM EDT Original release date: August 1, 2022 | Last revised: August 2, 2022 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info There were no high vulnerabilities recorded this week. Back to top Medium Vulnerabilities PrimaryVendor — …
Continue reading “Vulnerability Summary for the Week of July 25, 2022”
Vulnerability Summary for the Week of July 18, 2022 07/26/2022 02:59 PM EDT Original release date: July 26, 2022 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info infiray — iray-a8z3_firmware An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The firmware contains a potential buffer overflow by calling strcpy() without …
Continue reading “Vulnerability Summary for the Week of July 18, 2022”
Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems 06/23/2022 02:00 PM EDT Original release date: June 23, 2022 CISA and the United States Coast Guard Cyber Command (CGCYBER) have released a joint Cybersecurity Advisory (CSA) to warn network defenders that cyber threat actors, including state-sponsored advanced persistent threat (APT) actors, have continued …
Continue reading “Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems”
Vulnerability Summary for the Week of April 4, 2022 04/11/2022 07:32 AM EDT Original release date: April 11, 2022 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info escanav — escan_anti-virus An local privilege escalation vulnerability due to a “runasroot” command in eScan Anti-Virus. This vulnerability is due to invalid …
Continue reading “Vulnerability Summary for the Week of April 4, 2022”
Vulnerability Summary for the Week of February 14, 2022 02/21/2022 09:20 AM EST Original release date: February 21, 2022 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info accel-ppp — accel-ppp The rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a …
Continue reading “Vulnerability Summary for the Week of February 14, 2022”
Vulnerability Summary for the Week of November 22, 2021 11/29/2021 07:00 AM EST Original release date: November 29, 2021 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info 4mosan — gcb_doctor 4MOSAn GCB Doctor’s login page has improper validation of Cookie, which allows an unauthenticated remote attacker to bypass authentication …
Continue reading “Vulnerability Summary for the Week of November 22, 2021”
Vulnerability Summary for the Week of September 20, 2021 09/27/2021 07:18 AM EDT Original release date: September 27, 2021 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info There were no high vulnerabilities recorded this week. Back to top Medium Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source …
Continue reading “Vulnerability Summary for the Week of September 20, 2021”
Google Releases Security Updates for Chrome 09/24/2021 02:42 PM EDT Original release date: September 24, 2021 Google has released Chrome version 94.0.4606.61 for Windows, Mac, and Linux. This version addresses a vulnerability—CVE-2021-37973—that an attacker could exploit to take control of an affected system. An exploit for this vulnerability exists in the wild. CISA encourages users …
Continue reading “Google Releases Security Updates for Chrome”