بله | کانال vulnerability
v

vulnerability

۱۰عضو
پیوستن به کانال
بروزرسانی امنیتی شرکت Cisco برای Cisco Small Business Series SwitchesCisco released a security advisory to address multiple vulnerabilities affecting the web-based user interface of certain Cisco Small Business Series Switches. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition or execute arbitrary code with root privileges on an affected device.اطلاعات بیشتر:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg-web-multi-S9g4Nkgv@newvulnerability

۱۹:۴۵

Aria Operations for NetworksVMware has released a security update to address multiple vulnerabilities in Aria Operations for Networks (Formerly vRealize Network Insight). The vulnerabilities were evaluated to fall within the critical severity range, as a malicious actor with network access may be able to perform a command injection attack resulting in remote code execution. Patches have been made available to remediate the vulnerabilities found in VMWare products. اطلاعات بیشتر:https://www.vmware.com/security/advisories/VMSA-2023-0012.html@newvulnerability

۷:۲۵

بروزرسانی امنیتی شرکت CISCOCisco has released security updates for vulnerabilities affecting ASA, FTD, Cisco Expressway Series, Cisco TelePresence Video Communication Server, Cisco AnyConnect, Cisco Secure Client Software, Cisco Unified Communications Manager IM . A remote attacker could exploit some of these vulnerabilities to take control of an affected system.اطلاعات بیشتر:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-uu7mV5p6*https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-priv-esc-Ls2B9t7b*https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw*https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-imp-dos-49GL7rzT@newvulnerability

۱۵:۵۳

بروزرسانی امنیتی شرکت FortinetFortinet has released security updates to address a heap-based buffer overflow vulnerability CVE-2023-27997 in FortiOS and FortiProxy. An attacker could exploit this vulnerability to take control of an affected system.اطلاعات بیشتر:https://www.fortiguard.com/psirt/FG-IR-23-097---https://www.fortinet.com/blog/psirt-blogs/analysis-of-cve-2023-27997-and-clarifications-on-volt-typhoon-campaign

۱۴:۱۵

در صورت استفاده از فایروال های fortigate و استفاده از قابلیت ssl vpn حتما نسبت به بررسی و در صورت نیاز بروزرسانی اقدام نمایید

۱۴:۱۸

Hackers are actively exploiting the latest Fortinet's FortiOS and FortiProxy flaw, targeting government, manufacturing, and critical infrastructure sectors.
Learn more: https://thehackernews.com/2023/06/critical-fortios-and-fortiproxy.html
Take immediate action and update to the latest firmware now!@newvulnerability

۱۴:۲۶

توصیه نامه امنیتی ماه June شرکت FortinetFortinet has released its June 2023 Vulnerability Advisories to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system.اطلاعات بیشتر:https://www.fortiguard.com/psirt-monthly-advisory/june-2023-vulnerability-advisories@newvulnerability

۱:۲۴

بروزرسانی امنیتی شرکت مایکروسافت ماه JuneMicrosoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.اطلاعات بیشتر:https://msrc.microsoft.com/update-guide/releaseNote/2023-Junhttps://msrc.microsoft.com/update-guide/deployments@newvulnerability

۱:۲۴

توصیه نامه امنیتی شرکت Juniper برای Junos OS و Junos OS EvolvedJuniper Networks has released a security advisory that addresses a vulnerability in Junos OS and Junos OS Evolved. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.اطلاعات بیشتر:https://supportportal.juniper.net/s/article/2023-06-Out-of-Cycle-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-BGP-session-will-flap-upon-receipt-of-a-specific-optional-transitive-attribute-CVE-2023-0026?language=en_US@newvulnerability

۶:۰۵

بروزرسانی امنیتی شرکت VMware برای vCenter Server و Cloud FoundationVMware has released a security update to address multiple memory corruption vulnerabilities in vCenter Server and Cloud Foundation. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.اطلاعات بیشتر:https://www.vmware.com/security/advisories/VMSA-2023-0014.html@newvulnerability

۶:۰۵

بروزرسانی امنیتی شرکت Fortinet برای FortiNac Fortinet has released urgent updates to fix a critical vulnerability (CVE-2023-33299) in FortiNAC, exposing networks to arbitrary code execution.  اطلاعات بیشتر:https://www.fortiguard.com/psirt/FG-IR-23-074@newvulnerability

۱۰:۵۳

توصیه نامه امنیتی ISC برای چندین نسخه از BIND 9The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of the ISC’s Berkeley Internet Name Domain (BIND) 9. A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions.اطلاعات بیشتر:https://kb.isc.org/v1/docs/cve-2023-2828https://kb.isc.org/v1/docs/cve-2023-2829https://kb.isc.org/v1/docs/cve-2023-2911 @newvulnerability

۱۷:۰۸

بروزرسانی امنیتی July 2023 شرکت مایکروسافتMicrosoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.اطلاعات بیشتر:https://msrc.microsoft.com/update-guide/releaseNote/2023-Jul-----https://msrc.microsoft.com/update-guide/deployments@newvulnerability

۱۱:۴۰

بروزرسانی امنیتی شرکت Fortinet برای FortiOS و FortiProxy Fortinet has released a security update to address a critical vulnerability (CVE-2023-33308) affecting FortiOS and FortiProxy. A remote attacker can exploit this vulnerability to take control of an affected system.اطلاعات بیشترhttps://www.fortiguard.com/psirt/FG-IR-23-183@newvulnerability

۱۱:۴۰

آسیب پذیریهای مهم این آپدیت *CVE-2023-32046 (CVSS score: 7.8) - Windows MSHTML Platform Elevation of Privilege Vulnerability

*CVE-2023-32049 (CVSS score: 8.8) - Windows SmartScreen Security Feature Bypass Vulnerability
*CVE-2023-35311 (CVSS score: 8.8) - Microsoft Outlook Security Feature Bypass Vulnerability

*CVE-2023-36874 (CVSS score: 7.8) - Windows Error Reporting Service Elevation of Privilege Vulnerability
*CVE-2023-36884 (CVSS score: 8.3) - Office and Windows HTML Remote Code Execution Vulnerability (Also publicly known at the time of the release)

*ADV230001 - Malicious use of Microsoft-signed drivers for post-exploitation activity (no CVE assigned)@newvulnerability

۱۱:۴۴

بروزرسانی امنیتی ZimbraEmail collaboration software company has warned of an actively exploited zero-day vulnerability in its software. اطلاعات بیشترhttps://wiki.zimbra.com/wiki/Security_Center

۲۰:۱۵

بروزرسانی امنیتی پلاگین All-In-One Security نرم افزار WordPress
Over a million WordPress sites are affected by a critical bug in the All-In-One Security (AIOS) plugin. It stored user passwords in plaintext, posing a risk if admins reused them on other services.  اطلاعات بیشترhttps://aiosplugin.com/all-in-one-security-aios-wordpress-security-plugin-release-5-2-0/@newvulnerability

۲۰:۲۳

بروزرسانی امنیتی Juniper برای Juno OSJuniper has released updates to address multiple vulnerabilities in Juno OS. An attacker can exploit some of these vulnerabilities to take control of an affected system.اطلاعات بیشتر:https://supportportal.juniper.net/s/global-search/%40uri?language=en_US#sort=relevancy&f:ctype= [Security%20Advisories]&f:level1= [OS]@newvulnerability

۲۰:۳۵

بروزرسانی امنیتی شرکت Cisco برای SD-WAN vManage API.Cisco has released a security update to address a critical vulnerability affecting SD-WAN vManage API . A remote attacker can exploit this vulnerability to take control of an affected system.اطلاعات بیشتر:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-unauthapi-sphCLYPA@newvulnerability

۲۰:۳۵