CVE-2022-47523: ManageEngine Password Manager Pro, PAM360 및 Access Manager Plus SQL Injection 취약성
Zoho patches a newly disclosed high-severity SQL injection flaw in several ManageEngine products; attackers have historically targeted several ManageEngine products over the last three years....
CVE-2022-47939: 리눅스 커널에 중요 RCE 취약성
A critical remote code execution vulnerability in the Linux kernel has been publicly disclosed by Trend Micro's Zero Day Initiative in its ZDI-22-1690 advisory. The vulnerability has been given a CVSSv3 of 10.0. There are no reports of active exploitation....
CVE-2022-37958: FAQ for Critical Microsoft SPNEGO NEGOEX Vulnerability
Microsoft recently reclassified a vulnerability in SPNEGO NEGOEX, originally patched in September, after a security researcher discovered that it can lead to remote code execution. Organizations are urged to apply these patches as soon as possible....
Microsoft의 December 2022 Patch Tuesday에서 48개 CVE를 해결(CVE-2022-44698)
Microsoft addresses 48 CVEs including two zero-day vulnerabilities, one that has been exploited in the wild (CVE-2022-44698) and one that was publicly disclosed prior to a patch being available (CVE-2022-44710)....
CVE-2022-27518: Citrix ADC 및 게이트웨이에 승인되지 않은 RCE
Citrix has patched a critical remote code execution vulnerability in its Gateway and ADC products. This vulnerability has reportedly been exploited as a zero day; organizations should patch urgently....
CVE-2022-42475: Fortinet에서 FortiOS SSL VPN의 제로데이 익스플로잇 패치
Fortinet has patched a zero day buffer overflow in FortiOS that could lead to remote code execution. There has been a report of active exploitation and organizations should patch urgently....
CVE-2022-27510: Critical Citrix ADC and Gateway Authentication Bypass Vulnerability
Citrix publishes an advisory to address multiple flaws in its ADC and Gateway products, including a critical vulnerability....
Microsoft’s November 2022 Patch Tuesday Addresses 62 CVEs (CVE-2022-41073)
Microsoft addresses 62 CVEs including four zero-day vulnerabilities that were exploited in the wild....
CVE-2022-3786 and CVE-2022-3602: OpenSSL Patches Two High Severity Vulnerabilities
OpenSSL has patched two vulnerabilities, pivoting from its earlier announcement, in version 3.0.7....
CVE-2021-39144: VMware Patches Critical Cloud Foundation Vulnerability in XStream Open Source Library
VMware issues patches for end-of-life versions of Cloud Foundation Network Security Virtualization for vSphere (NSX-V) to address a critical vulnerability in an open source library. Background On October 25, VMware published VMSA-2022-0027, an advisory for multiple vulnerabilities in its VMw...
Oracle October 2022 Critical Patch Update Addresses 179 CVEs
Oracle addresses 179 CVEs in its fourth and final quarterly update of 2022 with 370 patches, including 56 critical updates....
Microsoft’s October 2022 Patch Tuesday Addresses 84 CVEs (CVE-2022-41033)
Microsoft addresses 84 CVEs in its October 2022 Patch Tuesday release, including 13 critical flaws....