Oracle 的 2025 年 1 月重要修補程式更新解決了 186 個 CVE
Oracle addresses 186 CVEs in its first quarterly update of 2025 with 318 patches, including 30 critical updates.BackgroundOn January 21, Oracle released its Critical Patch Update (CPU) for January 2025, the first quarterly update of the year. This CPU contains fixes for 186 CVEs in 318 security…
CVE-2024-55591:受到猖獗利用的 Fortinet 驗證繞過零時差弱點
Fortinet patched a zero day authentication bypass vulnerability in FortiOS and FortiProxy that has been actively exploited in the wild as a zero-day since November 2024.
Microsoft 2025 年 1 月份的 Patch Tuesday 解決了 157 個 CVE (CVE-2025-21333、CVE-2025-21334、CVE-2025-21335)
Microsoft addresses 157 CVEs in the first Patch Tuesday release of 2025 and the largest Patch Tuesday update ever with three CVEs exploited in the wild, and five CVEs publicly disclosed prior to patches being made available.
CVE-2025-0282:受到猖獗利用的 Ivanti Connect Secure 零時差弱點
Ivanti disclosed two vulnerabilities in its Connect Secure, Policy Secure and Neurons for ZTA gateway devices, including one flaw that was exploited in the wild as a zero-day.
2024 年 Microsoft Patch Tuesday 年度評論
Microsoft addressed over 1000 CVEs as part of Patch Tuesday releases in 2024, including 22 zero-day vulnerabilities.
Microsoft 2024 年 12 月份 Patch Tuesday 解決了 70 個 CVE (CVE-2024-49138)
Microsoft addresses 70 CVEs with 16 rated critical, including one zero-day that was exploited in the wild.
Volt Typhoon:美國民族國家贊助的威脅執行者鎖定的重大基礎設施
Volt Typhoon, a state-sponsored actor linked to the People’s Republic of China, has consistently targeted U.S. critical infrastructure with the intent to maintain persistent access. Tenable Research examines the tactics, techniques and procedures of this threat actor.
CVE-2024-0012、CVE-2024-9474:在 Palo Alto PAN-OS 中受到猖獗利用的零時差弱點
Palo Alto Networks confirmed two zero-day vulnerabilities were exploited as part of attacks in the wild against PAN-OS devices, with one being attributed to Operation Lunar Peek.
Microsoft 在 2024 年 11 月的 Patch Tuesday 中解決了 87 個 CVE (CVE-2024-43451、CVE-2024-49039)
Microsoft addresses 87 CVEs and one advisory (ADV240001) in its November 2024 Patch Tuesday release, with four critical vulnerabilities and four zero-day vulnerabilities, including two that were exploited in the wild.
CVE-2024-47575:有關 FortiManager 和 FortiManager Cloud 中 FortiJump 零時差攻擊的常見問答集
Frequently asked questions about a zero-day vulnerability in Fortinet’s FortiManager that has reportedly been exploited in the wild.
從程式錯誤到資料外洩:MITRE CVE 發布 25 周年後的 25 個重大 CVE
Twenty five years after the launch of CVE, the Tenable Security Response Team has handpicked 25 vulnerabilities that stand out for their significance.
Oracle 於 2024 年 10 月發布的 Critical Patch Update 解決了 198 個 CVE
Oracle addresses 198 CVEs in its fourth quarterly update of 2024 with 334 patches, including 35 critical updates.
聯絡我們的銷售團隊