Cisco has released security updates to address vulnerabilities in Cisco software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following advisories and apply necessary updates:• Cisco Crosswork Network…
Disponibile un Proof of Concept (PoC) per la CVE-2024-22026 – già sanata dal vendor – presente in Ivanti EPMM, software per la gestione dei dispositivi mobili, precedentemente noto come MobileIron Core. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Adobe has released security updates to address vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following Adobe Security Bulletins and apply necessary updates: Adobe…
Sanata una vulnerabilità in LibreOffice, noto software di produttività open source e multipiattaforma. Esortando la vittima a cliccare su un oggetto grafico presente in un file opportunamente predisposto, tale vulnerabilità potrebbe permettere ad un utente malevolo remoto l’esecuzione automatica di macro nell’applicazione. Source link Author:…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-4671 Google Chromium in Visuals Use-After-Free Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding…
Rilasciati aggiornamenti di sicurezza che risolvono 2 vulnerabilità con gravità “alta” in Next.js, noto framework javascript basato su React e sviluppato da Vercel che permette di creare applicazioni web con rendering lato server e generazione statica delle pagine. Source link Author: csirt@pec.acn.gov.it Article used for…
Today, CISA, in partnership with the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) #StopRansomware: Black Basta to provide cybersecurity defenders tactics, techniques, and procedures (TTPs)…
Rilasciati aggiornamenti di sicurezza che risolvono 11 vulnerabilità, di cui una con gravità “alta”, in GitLab Community Edition (CE) e Enterprise Edition (EE). Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
