Original release date: July 22, 2022 Atlassian has released a security advisory to address a vulnerability (CVE-2022-26138) affecting Questions for Confluence App. An attacker could exploit this vulnerability to obtain sensitive information. Atlassian reports that the vulnerability is likely to be exploited in the wild….
Rilevata una vulnerabilità – con gravità “critica” – nel CMS open source PrestaShop, utilizzato tipicamente per la realizzazione di siti di e-commerce. Tale vulnerabilità, qualora sfruttata, potrebbe permettere ad un utente malintenzionato remoto l’esecuzione di codice arbitrario sui sistemi target. Source link Author: csirt@alfacert.gov.it Article…
Original release date: July 22, 2022 Cisco has released security updates to address vulnerabilities in multiple products. Some of these vulnerabilities could allow a remote attacker to execute take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories…
Aggiornamenti di sicurezza F-Secure risolvono 3 vulnerabilità nei prodotti Endpoint Protection che, qualora sfruttate, potrebbero permettere la compromissione della disponibilità del servizio o l’elevazione dei privilegi sui dispositivi target. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Original release date: July 22, 2022 Apple has released security updates to address vulnerabilities in multiple products. These updates address vulnerabilities attackers could exploit to take control of affected systems. CISA encourages users and administrators to review the Apple security updates and apply necessary releases….
Rilevata vulnerabilità nei prodotti SonicWall Global Management System (GMS) e Analytics (On-Prem) che potrebbe permettere a un utente malintenzionato remoto l’esecuzione di comandi sui dispositivi target. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Original release date: July 19, 2022 CISA has released an Industrial Controls Systems Advisory (ICSA) detailing six vulnerabilities that were discovered in MiCODUS MV720 Global Positioning System Tracker. Successful exploitation of these vulnerabilities may allow a remote actor to exploit access and gain control the…
Disponibile un Proof of Concept (PoC) per la vulnerabilità CVE-2022-33891 – già sanata dal vendor – presente in Apache Spark. Tale vulnerabilità, qualora sfruttata, potrebbe permettere ad un utente malintenzionato remoto di eseguire codice arbitrario sui sistemi target. Source link Author: csirt@alfacert.gov.it Article used for…
