CVE-2023-29357、CVE-2023-24955:针对 Microsoft SharePoint Server 漏洞发布的漏洞利用链
A proof-of-concept exploit chain has been released for two vulnerabilities in Microsoft SharePoint Server that can be exploited to achieve unauthenticated remote code execution....
Microsoft 2023 年 9 月补丁星期二修复了 61 个 CVE (CVE-2023-36761)
Microsoft addresses 61 CVEs including two vulnerabilities that were exploited in the wild...
CVE-2023-20269:据报道,Cisco Adaptive Security Appliance 和 Firepower Threat Defense Reportedly 中的零日漏洞被勒索软件集团利用
Ransomware groups including LockBit and Akira are reportedly exploiting a zero-day vulnerability in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) appliances with VPN functionality enabled....
AA23-250A:多个极权国家威胁制造者利用 CVE-2022-47966 和 CVE-2022-42475
A joint Cybersecurity Advisory examines the exploitation of two critical vulnerabilities by nation-state threat actors....
CVE-2023-2868:Barracuda and FBI Recommend Replacing Email Security Gateway (ESG) Devices Immediately
Since October 2022, attackers have been exploiting a zero-day vulnerability in Barracuda Email Security Gateway devices, and both the vendor and the FBI urge customers to replace these devices immediately....
CVE-2023-38035:身份验证绕过在现实中遭利用的零日漏洞
For the third time in a month, Ivanti discloses a zero-day vulnerability in one of its products that has been exploited in the wild...
Microsoft 2023 年 8 月补丁星期二解决了 73 个 CVE (CVE-2023-38180)
Microsoft addresses 73 CVEs, including one vulnerability exploited in the wild....
AA23-215A:2022 年最常被利用的漏洞
A joint Cybersecurity Advisory collaborated on by multiple international agencies highlights the top routinely exploited vulnerabilities of 2022....
CVE-2023-35078:Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core 未经身份验证的 API 访问漏洞
Critical vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks...
Oracle 2023 年 7 月补丁更新解决了 183 个 CVE
Oracle addresses 183 CVEs in its third quarterly update of 2023 with 508 patches, including 76 critical updates....
CVE-2023-3519:Netscaler ADC (Citrix ADC) 和 Netscaler Gateway (Citrix Gateway) 中的重大 RCE
Citrix has released a patch fixing a remote code execution vulnerability in several versions of Netscaler ADC and Netscaler Gateway that has been exploited. Organizations are urged to patch immediately....
CVE-2023-3595,CVE-2023-3596:Rockwell Automation ControlLogix 漏洞披露
Rockwell Automation issues advisory for multiple vulnerabilities, including a critical flaw that could lead to disruption or destruction of critical infrastructure processes....