March 21, 2023

CISA released its latest update to the Known Exploited Vulnerabilities catalog, adding 13 new vulnerabilities. Nine of the vulnerabilities have a remediation date of February 1 and four of them have a remediation date of July 18. 

The list includes an October CMS Improper Authentication, a System Information Library for node.js Command Injection vulnerability, an Oracle Corporate Business Intelligence Enterprise Edition Path Traversal vulnerability, an Apache Airflow Experimental API Authentication Bypass vulnerability, a Drupal Core Unrestricted Upload of File vulnerability, and three Nagios XI OS Command Injection vulnerabilities.

Advertisements
screen-shot-2022-01-21-at-1-33-28-pm.png

The October CMS Improper Authentication CVE-2021-32648 was allegedly used during a  cyberattack on Ukrainian government systems last week. A patch was released in September 2021. 

Previously, earlier last month on a wake of Christmas holidays CISA has updated the Known exploitable list.

Tags:

Leave a Reply

You may have missed

Ferrari – Cyber Attack Ransom Demanded

Ferrari – Cyber Attack Ransom Demanded

March 21, 2023
ForgeRock new Passwordless Service

ForgeRock new Passwordless Service

March 20, 2023
New Decryptor for Conti Ransomware Released

New Decryptor for Conti Ransomware Released

March 20, 2023
Royal Dirkzwager hit by Play Ransomware

Royal Dirkzwager hit by Play Ransomware

March 20, 2023
Trigona Ransomware Disection

Trigona Ransomware Disection

March 19, 2023
Makop Ransomware Disection

Makop Ransomware Disection

March 19, 2023
%d bloggers like this: