CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-4671 Google Chromium in Visuals Use-After-Free Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding…
Rilasciati aggiornamenti di sicurezza che risolvono 2 vulnerabilità con gravità “alta” in Next.js, noto framework javascript basato su React e sviluppato da Vercel che permette di creare applicazioni web con rendering lato server e generazione statica delle pagine. Source link Author: csirt@pec.acn.gov.it Article used for…
Today, CISA, in partnership with the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) #StopRansomware: Black Basta to provide cybersecurity defenders tactics, techniques, and procedures (TTPs)…
Rilasciati aggiornamenti di sicurezza che risolvono 11 vulnerabilità, di cui una con gravità “alta”, in GitLab Community Edition (CE) e Enterprise Edition (EE). Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
CISA released four Industrial Control Systems (ICS) advisories on May 09, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-130-01 Rockwell Automation FactoryTalk Historian SE ICSA-24-130-02 alpitronic Hypercharger EV Charger ICSA-24-130-03 Delta Electronics InfraSuite Device Master ICSA-24-107-03 Rockwell…
Veeam ha reso noto, tramite un bollettino di sicurezza, la presenza di una vulnerabilità nel prodotto Service Provider Console (VSPC), software gratuito per il monitoraggio e la gestione in remoto dei carichi di lavoro. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
CISA released two Industrial Control Systems (ICS) advisories on May 07, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-128-01 PTC Codebeamer ICSA-24-128-02 SUBNET Substation Server CISA encourages users and administrators to review the newly released ICS advisories…
Disponibile un Proof of Concept (PoC) per la CVE-2023-49606 – già sanata dalla comunità di sviluppatori – presente nel daemon proxy HTTP open-source Tinyproxy. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
