Browsing Category
Vulnerabilities
52 posts
March 2023 Patch Tuesday Closes Two Zero-Days Actively Exploited By State-Sponsored Actors
Microsoft's Patch Tuesday for March 2023 fixes more than 80 vulnerabilities, 9 of which are rated critical severity, and 2 zero-days—an Outlook Elevation of Privilege Vulnerability (CVE-2023-23397) and a Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2023-24880).
Administrators are encouraged to apply updates ASAP. If this is not possible, there are some mitigating actions to be taken.
March 15, 2023 18:37 GMT
Critical Citrix ADC and Gateway Zero-Day Actively Exploited
Citrix has announced the release of an update to Citrix ADC and Gateway Appliance which patches CVE-2022-27518, a…
December 14, 2022 19:40 GMT
Increased Scanning Activity for Recent Exchange SSRF Vulnerabilities
OCTOBER 24, 2022 21:18 GMT Attempts to exploit the chained attack utilizing CVE-2022-41040 and CVE-2022-41082 are being observed…
October 24, 2022 21:16 GMT
Microsoft Warns of Two Actively-Exploited Exchange Zero-Days
SEPTEMBER 30, 2022 19:35 GMT This alert from Pillr is intended to brief users and administrators on newly…
September 30, 2022 22:44 GMT
CISA Warns of Exploited DDoS Vulnerability Impacting Palo Alto Firewalls
A new vulnerability in Palo Alto's PAN-OS affects firewalls, opening them up to potential amplified and reflected DDoS attacks.
August 25, 2022 19:28 GMT
VMWare Patches Severe Vulnerabilities Across Multiple Platforms
Earlier this week, VMWare published a critical security advisory that addresses security vulnerabilities in multiple product lines, including…
August 4, 2022 15:00 GMT
CISA Suggests Patching Severe Vulnerability in OpenSSL
OpenSSL version 3.0.4 is susceptible to a vulnerability that allows for buffer overflow and remote code execution. CISA…
July 7, 2022 20:24 GMT
Follina Zero-Day Allows Zero-Click RCE From Office Docs
JUNE 2, 2022 19:09 GMT Microsoft Office docs are the primary vector for an actively exploited zero-day vulnerability…
June 2, 2022 15:45 GMT
CISA Advises Urgent Priority For Patching of New VMware Vulnerabilities
MAY 19, 2022 12:38 GMT CISA has issued a rare emergency directive and is advising urgent patching priority for…
May 19, 2022 00:04 GMT
F5Networks Security Fixes—Critical RCE Impacting BIG-IP
MAY 6, 2022 16:03 GMT F5Networks has released security updates to patch multiple products, including a critical vulnerability…
May 6, 2022 15:52 GMT