CVE-2023-29357、CVE-2023-24955: 針對 Microsoft SharePoint Server 弱點的刺探利用鏈
A proof-of-concept exploit chain has been released for two vulnerabilities in Microsoft SharePoint Server that can be exploited to achieve unauthenticated remote code execution....
Microsoft 的 2023 年 9 月 Patch Tuesday 解決了 61 個 CVE (CVE-2023-36761)
Microsoft addresses 61 CVEs including two vulnerabilities that were exploited in the wild...
CVE-2023-20269:經提報,Cisco Adaptive Security Appliance 和 Firepower Threat Defense 中的零時差攻擊遭到勒索軟體集團刺探利用
Ransomware groups including LockBit and Akira are reportedly exploiting a zero-day vulnerability in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) appliances with VPN functionality enabled....
AA23-250A: 多個民族國家威脅執行者刺探利用 CVE-2022-47966 和 CVE-2022-42475
A joint Cybersecurity Advisory examines the exploitation of two critical vulnerabilities by nation-state threat actors....
CVE-2023-2868: Barracuda and FBI Recommend Replacing Email Security Gateway (ESG) Devices Immediately
Since October 2022, attackers have been exploiting a zero-day vulnerability in Barracuda Email Security Gateway devices, and both the vendor and the FBI urge customers to replace these devices immediately....
CVE-2023-38035: Ivanti Sentry API Authentication Bypass Zero-Day Exploited in the Wild
For the third time in a month, Ivanti discloses a zero-day vulnerability in one of its products that has been exploited in the wild...
Microsoft 的 2023 年 8 月份 Patch Tuesday 解決了 73 個 CVE (CVE-2023-38180)
Microsoft addresses 73 CVEs, including one vulnerability exploited in the wild....
AA23-215A: 2022's Top Routinely Exploited Vulnerabilities
A joint Cybersecurity Advisory collaborated on by multiple international agencies highlights the top routinely exploited vulnerabilities of 2022....
CVE-2023-35078: Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core Unauthenticated API Access Vulnerability
Critical vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks...
Oracle 2023 年 7 月重大修補程式更新中解決了 183 個 CVE
Oracle addresses 183 CVEs in its third quarterly update of 2023 with 508 patches, including 76 critical updates....
CVE-2023-3519: Critical RCE in Netscaler ADC (Citrix ADC) and Netscaler Gateway (Citrix Gateway)
Citrix has released a patch fixing a remote code execution vulnerability in several versions of Netscaler ADC and Netscaler Gateway that has been exploited. Organizations are urged to patch immediately....
CVE-2023-3595、CVE-2023-3596: Rockwell Automation ControlLogix 弱點的揭露
Rockwell Automation issues advisory for multiple vulnerabilities, including a critical flaw that could lead to disruption or destruction of critical infrastructure processes....