VMware Threats being Exploited in the Wild
Summary CISA issued a warning today that malicious cyber actors, likely advanced persistent threat (APT) actors, are exploiting CVE-2022-22954 and
Read more
Vulnerability
Sonicwall Unauthenticated Access Exploitation
We encourage all users of SonicWall appliances to review patch strategy and address this immediately. Edge appliances have been used
Read more
Risk Authentication failures from Patch Tuesday
CISA has issues bulletin where it is temporarily removing CVE-2022-26925 from its Known Exploited Vulnerability Catalog due to a risk of authentication
Read more
Patch Tuesday, May 2022
May 2022 Patch Tuesday update, including an important-rated zero-day bug that’s being actively exploited in the wild and several that
Read more
F5 Security Advisory CVE-2022-1388 Update
Summary F5 has issued a security advisory warning about a flaw that may allow unauthenticated attackers with network access to
Read more
Avaya Aruba Critical RCE
Security researchers have discovered five vulnerabilities in network equipment from Aruba (owned by HP) and Avaya (owned by ExtremeNetworks), that
Read more
Another Series of Critical CVE for QNAP
Three of the other bugs QNAP warned its customers about also received 9.8/10 severity ratings (i.e., CVE-2022-23125, CVE-2022-23122, CVE-2022-0194), all of them also
Read more
Atlassian Authentication Bypass
Atlassian has published a security advisory to alert that its Jira and Jira Service Management products are affected by a
Read more
Apache Struts Remote Code Execution
Forced OGNL evaluation, when evaluated on raw not validated user input in tag attributes, may lead to remote code execution
Read more
Another Round of Critical Microsoft Patches
For April Patch Tuesday, the computing giant addressed a zero-day underactive attack and several critical security vulnerabilities, including three that
Read more