-
Oracle Quarterly Critical Patches Released January 21, 2025
MS-ISAC NOTICE NUMBER: 2025-008 ISSUE DATE(S): 01/21/2025 PREVIEW: Several vulnerabilities have been discovered in Oracle products, the most serious of which could allow remote code execution. SYSTEMS AFFECTED: Enterprise Manager…
-
CISA and FBI Issue Updated Guidance on Product Security Bad Practices
In partnership with the Federal Bureau of Investigation (FBI), CISA has released updated joint guidance on product security malpractices as part of CISA's Secure by Design initiative. This updated guidance…
-
Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
Note: The CVEs in this advisory are unrelated to vulnerabilities (CVE-2025-0282 and CVE-2025-0283) in Ivantis Connect Secure, Policy Secure and ZTA Gateways. For more information on mitigating CVE -2025-0282 and CVE-2025-0283,…
-
Several vulnerabilities in SonicWall SonicOS could allow a remote attacker to bypass authentication.
MS-ISAC NOTICE NUMBER: 2025-002 ISSUE DATE(S): 09/01/2025 PREVIEW: Several vulnerabilities have been discovered in SonicWall SonicOS that could allow authentication to be bypassed. SonicOS is SonicWalls' operating system designed for…
-
CISA adds three known exploited vulnerabilities to its catalog
CISA has added three new vulnerabilities to its catalog of known exploited vulnerabilities, based on evidence of active exploitation. CVE-2024-41713 Mitel MiCollab Path Traversal Vulnerability CVE-2024-55550 Mitel MiCollab Path Traversal…
-
CISA adds known exploited vulnerability to its catalog
CISA has added a new vulnerability to its catalog of known exploited vulnerabilities, based on evidence of active exploitation. CVE-2024-3393 Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability These types…
-
Vulnerability in Apache Struts2 could allow remote code execution
MS-ISAC NOTICE NUMBER: 2024-141 ISSUE DATE(S): 12/23/2024 PREVIEW: A vulnerability has been discovered in Apache Struts2, which could allow remote code execution. Apache Struts2 is an open source web application…
-
Fortinet releases security updates for FortiManager
Fortinet has released a security update to address a vulnerability in FortiManager. A remote cyber threat actor could exploit this vulnerability to take control of an affected system. Users and…
-
Multiple vulnerabilities in Sophos Firewall could allow remote code execution
MS-ISAC NOTICE NUMBER: 2024-140 ISSUE DATE(S): 12/19/2024 PREVIEW: Several vulnerabilities have been discovered in Sophos Firewall, the most serious of which could allow remote code execution. Sophos Firewall is a…
Search
Recent Posts
- Vulnerability in Dell RecoverPoint for Virtual Machines could allow arbitrary code execution
- Multiple vulnerabilities in Ivanti Endpoint Manager Mobile could allow remote code execution
- A vulnerability in the WatchGuard Fireware operating system could allow arbitrary code execution.
- Vulnerability in Cisco AsyncOS Could Allow Remote Code Execution
