Cyber Security Information Portal
Adobe Releases Security Updates for ColdFusion 11/22/2023 07:00 AM EST On Nov. 14, 2023, Adobe released security updates addressing vulnerabilities affecting unpatched ColdFusion software. Exploitation of some of these vulnerabilities may allow a malicious cyber actor to take control of an affected system. CISA urges organizations to review Adobe ColdFusion security bulletin APSB23-52 for more …
Continue reading “Adobe Releases Security Updates for ColdFusion”
Mozilla Releases Security Updates for Firefox and Thunderbird 11/22/2023 11:00 AM EST Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary …
Continue reading “Mozilla Releases Security Updates for Firefox and Thunderbird”
CISA Adds One Known Exploited Vulnerability to Catalog 11/21/2023 01:00 PM EST CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-4911 GNU C Library Buffer Overflow Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. …
Continue reading “CISA Adds One Known Exploited Vulnerability to Catalog”
CISA Adds One Known Exploited Vulnerability to Catalog 11/21/2023 01:00 PM EST CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-4911 GNU C Library Buffer Overflow Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. …
Continue reading “CISA Adds One Known Exploited Vulnerability to Catalog”
Citrix Releases Security Updates for Citrix Hypervisor 11/16/2023 07:00 AM EST Citrix has released security updates addressing vulnerabilities in Citrix Hypervisor 8.2 CU1 LTSR. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Citrix Hypervisor Security Bulletin for CVE-2023-23583 and CVE-2023-46835 and apply …
Continue reading “Citrix Releases Security Updates for Citrix Hypervisor”
Microsoft Releases October 2023 Security Updates 11/14/2023 04:00 PM EST Microsoft has released updates addressing multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s November 2023 Security Update Guide and apply the necessary updates. This …
Continue reading “Microsoft Releases October 2023 Security Updates”
Adobe Releases Security Updates for Multiple Products 11/14/2023 04:00 PM EST Adobe has released security updates to address vulnerabilities affecting multiple Adobe products. A cyber threat actor could exploit some of these vulnerabilities to take control of affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates. APSB23-52: …
Continue reading “Adobe Releases Security Updates for Multiple Products”
CISA Adds Three Known Exploited Vulnerabilities to Catalog 11/14/2023 03:30 PM EST CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-36033 Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability CVE-2023-36025 Microsoft Windows SmartScreen Security Feature Bypass Vulnerability CVE-2023-36036 Microsoft Windows Cloud Files Mini Filter Driver Privilege …
Continue reading “CISA Adds Three Known Exploited Vulnerabilities to Catalog”
CISA Adds Three Known Exploited Vulnerabilities to Catalog 11/14/2023 03:30 PM EST CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-36033 Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability CVE-2023-36025 Microsoft Windows SmartScreen Security Feature Bypass Vulnerability CVE-2023-36036 Microsoft Windows Cloud Files Mini Filter Driver Privilege …
Continue reading “CISA Adds Three Known Exploited Vulnerabilities to Catalog”
CISA Adds Six Known Exploited Vulnerabilities to Catalog 11/13/2023 12:00 PM EST CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-47246 SysAid Server Path Traversal Vulnerability CVE-2023-36844 Juniper Junos OS EX Series PHP External Variable Modification Vulnerability CVE-2023-36845 Juniper Junos OS EX Series and SRX Series PHP External Variable …
Continue reading “CISA Adds Six Known Exploited Vulnerabilities to Catalog”