Aggiornamenti di sicurezza Cisco sanano molteplici vulnerabilità, di cui 5 con gravità “alta”, presenti in vari prodotti. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Aggiornamenti di sicurezza Cisco sanano molteplici vulnerabilità, di cui 5 con gravità “alta”, presenti in vari prodotti. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Original release date: November 1, 2022 OpenSSL has released a security advisory to address two vulnerabilities, CVE-2022-3602 and CVE-2022-3786, affecting OpenSSL versions 3.0.0 through 3.0.6. Both CVE-2022-3602 and CVE-2022-3786 can cause a denial of service. According to OpenSSL, a cyber threat actor leveraging CVE-2022-3786, “can…
Rilevata una vulnerabilità, con gravità “critica”, in Azure Command-Line Interface (CLI), la nota interfaccia a riga di comando, tipicamente utilizzata per l’amministrazione remota delle risorse di Azure. Tale vulnerabilità, qualora sfruttata, potrebbe permettere l’esecuzione di comandi sui dispositivi target. Source link Author: csirt@alfacert.gov.it Article used…
Original release date: October 28, 2022 CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released Understanding and Responding to Distributed Denial-of-Service Attacks to provide organizations proactive steps to reduce the likelihood and impact of distributed denial-of-service…
Il team di Google ha rilasciato un aggiornamento di Chrome per Windows, MacOS e Linux che corregge una vulnerabilità di tipo high identificata dalla CVE 2022-3723. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Original release date: October 28, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note:…
Rilevata vulnerabilità che interessa il prodotto Apache Linkis JDBC EngineConn. Tale vulnerabilità, qualora sfruttata, potrebbe permettere ad un utente malintenzionato remoto l’esecuzione di codice arbitrario sui dispositivi interessati. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Original release date: October 26, 2022 Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security updates page for…
