JetBrains released a security advisory to address a vulnerability (CVE-2024-23917) in TeamCity On-Premises. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Critical Security Issue Affecting TeamCity On-Premises-CVE-2024-23917 and apply the necessary…
PostgreSQL Global Development Group ha rilasciato aggiornamenti di sicurezza per risolvere una vulnerabilità con gravità “alta” in PostgreSQL, noto DBMS open source. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-21762 Fortinet FortiOS Out-of-Bound Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive…
Rilevate nuove vulnerabilità in alcuni prodotti Fortinet, di cui una con gravità “critica” e una con gravità “alta”. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Today, CISA, the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure alongside supplemental Joint Guidance: Identifying and Mitigating Living off the Land Techniques. The following…
Google ha rilasciato un aggiornamento per il browser Chrome al fine di correggere 3 vulnerabilità di sicurezza, di cui 2 con gravità “alta”. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Moby and the Open Container Initiative (OCI) have released updates for multiple vulnerabilities (CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-21626) affecting Docker-related components, including Moby BuildKit and OCI runc. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and…
Risolta vulnerabilità con gravità “critica” in Mastodon, noto social network di microblogging open source decentralizzato. Tale vulnerabilità, qualora sfruttata, potrebbe permettere – a un utente malintenzionato remoto – la possibilità di impersonare e prendere il controllo di qualsiasi account remoto. Source link Author: csirt@pec.acn.gov.it Article…
