Original release date: February 21, 2023 CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2022-47986 IBM Aspera Faspex Code Execution Vulnerability CVE-2022-41223 Mitel MiVoice Connect Code Injection Vulnerability CVE-2022-40765 Mitel MiVoice Connect Command Injection Vulnerability…
Rilevata vulnerabilità con gravità “alta” nel componente FileUpload del noto progetto open source Apache Commons. Tale vulnerabilità, qualora sfruttata, potrebbe permettere ad un utente malintenzionato remoto la compromissione della disponibilità del servizio sui dispositivi interessati. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Original release date: February 16, 2023 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and poses a significant risk to the federal enterprise….
Aggiornamenti di sicurezza risolvono una vulnerabilità con gravità “alta” nel noto CMS Joomla! Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
An analysis of some falsified leap second warnings that appeared in November 2021 on public NTP servers out of the NTP Pool Project. Introduction When using time scales such as UTC that do not use daylight saving time, each day has a strict 60 x…
Original release date: February 16, 2023 CISA released fifteen (15) Industrial Control Systems (ICS) advisories on February 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories…
Il Thursday February 2023 Security Releases corregge alcune vulnerabilità, di cui una con gravità “alta”, nel noto framework di sviluppo Node.js. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Original release date: February 14, 2023 Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker can exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply…
