Cyber Security Information Portal
Vulnerability Summary for the Week of November 20, 2023 11/27/2023 01:00 PM EST The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not …
Continue reading “Vulnerability Summary for the Week of November 20, 2023”
Adobe Releases Security Updates for Multiple Products 11/14/2023 04:00 PM EST Adobe has released security updates to address vulnerabilities affecting multiple Adobe products. A cyber threat actor could exploit some of these vulnerabilities to take control of affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates. APSB23-52: …
Continue reading “Adobe Releases Security Updates for Multiple Products”
Atlassian Releases Security Advisory for Confluence Data Center and Server 11/02/2023 05:00 PM EDT Atlassian released a security advisory to address a vulnerability (CVE-2023-22518) affecting Confluence Data Center and Server. A cyber actor could exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review CVE-2023-22518 – Improper Authorization Vulnerability In Confluence Data …
Continue reading “Atlassian Releases Security Advisory for Confluence Data Center and Server”
Vulnerability Summary for the Week of October 9, 2023 10/16/2023 07:09 AM EDT High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info 3ds — teamwork_cloud_no_magic_release A Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x could allow with some very specific conditions …
Continue reading “Vulnerability Summary for the Week of October 9, 2023”
Atlassian Releases Security Advisory for Confluence Data Center and Server 10/05/2023 03:00 PM EDT Atlassian released a security advisory to address a vulnerability affecting Confluence Data Center and Confluence Server. A remote cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the following …
Continue reading “Atlassian Releases Security Advisory for Confluence Data Center and Server”
CISA Adds Three Known Exploited Vulnerabilities to Catalog 10/05/2023 12:00 PM EDT CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation: CVE-2023-40044 Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability CVE-2023-42824 Apple iOS and iPadOS Kernel Privilege Escalation Vulnerability CVE-2023-22515 Atlassian Confluence Data Center and Server Privilege Escalation Vulnerability These …
Continue reading “CISA Adds Three Known Exploited Vulnerabilities to Catalog”
Vulnerability Summary for the Week of September 18, 2023 09/29/2023 12:00 PM EDT The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not …
Continue reading “Vulnerability Summary for the Week of September 18, 2023”
Atlassian Releases Security Update for Confluence Server and Data Center 08/17/2023 12:05 AM EDT Atlassian has released its security bulletin for August 2023 to address a vulnerability in Confluence Server and Data Center, CVE-2023-28709. A remote attacker can exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Atlassian’s August 2003 …
Continue reading “Atlassian Releases Security Update for Confluence Server and Data Center”
Vulnerability Summary for the Week of August 7, 2023 08/14/2023 05:00 PM EDT The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not …
Continue reading “Vulnerability Summary for the Week of August 7, 2023”
Vulnerability Summary for the Week of July 17, 2023 07/24/2023 03:00 PM EDT High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info oliva_expertise — oliva_expertise_eks Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Oliva Expertise Oliva Expertise EKS allows SQL Injection.This issue affects Oliva …
Continue reading “Vulnerability Summary for the Week of July 17, 2023”