Daily Vulnerability Trends: Mon Jul 24 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-3519Unauthenticated remote code execution CVE-2023-34960 No description provided CVE-2023-38408The PKCS#11 feature in...
Over 15K Citrix servers vulnerable to CVE-2023-3519 RCE attacks
Thousands of Citrix Netscaler ADC and Gateway servers exposed online are vulnerable to attacks exploiting a critical remote code execution...
Clop now leaks data stolen in MOVEit attacks on clearweb sites
The Clop ransomware gang is copying an ALPHV ransomware gang extortion tactic by creating Internet-accessible websites dedicated to specific victims,...
CISA warns govt agencies to patch Adobe ColdFusion servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on...
Roblox – 52,458 breached accounts
HIBP In August 2016, Roblox disclosed a data breach that affected over 50k users. The security incident impacted email and...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for July...
CISA: Citrix Releases Security Updates for NetScaler ADC and Gateway
Citrix Releases Security Updates for NetScaler ADC and Gateway Citrix has released security updates to address vulnerabilities (CVE-2023-3519, CVE-2023-3466, and...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on July 18, 2023. These...
CISA: Adobe Releases Security Updates for ColdFusion
Adobe Releases Security Updates for ColdFusion Adobe has released security updates to address a critical vulnerability (CVE-2023-38203) affecting ColdFusion(link is...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on July 20, 2023. This...
CISA: Atlassian Releases Security Updates
Atlassian Releases Security Updates Atlassian has released its Security Bulletin for July 2023(link is external) to address vulnerabilities in Confluence Data...
CISA: CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519
CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519 The Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
US-CERT Vulnerability Summary for the Week of July 10, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoelra -- parkmatikImproper Neutralization of Special Elements used in an SQL Command...
Posh C2 Detected – 62[.]182[.]159[.]155:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
LockBit 3.0 Ransomware Victim: championgse[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecified | CVE-2023-22036
NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecifiedPlatforms Affected:Oracle GraalVM for JDK 17.0.7 Oracle GraalVM for...
Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecified | CVE-2023-22049
NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecifiedPlatforms Affected:Oracle GraalVM for JDK 17.0.7 Oracle GraalVM for...
Samba denial of service | CVE-2023-34966
NAME__________Samba denial of servicePlatforms Affected:Samba Samba 4.16.10 Samba Samba 4.17.9 Samba Samba 4.18.4Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Samba is vulnerable to...
Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecified | CVE-2023-22044
NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecifiedPlatforms Affected:Oracle GraalVM for JDK 17.0.7 Oracle GraalVM for...
Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecified | CVE-2023-22006
NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecifiedPlatforms Affected:Oracle GraalVM for JDK 17.0.7 Oracle GraalVM for...
Omnis Software Omnis Studio security bypass | CVE-2023-38335
NAME__________Omnis Software Omnis Studio security bypassPlatforms Affected:Omnis Software Omnis Studio 10.22.00Risk Level:5.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Omnis Software Omnis Studio could allow a...
