CISA adds Critical CWP vulnerability to Known Exploited Vulnerabilities Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has added one Critical Control Web Panel (CWP) vulnerability to its Known Exploited Vulnerabilities Catalog.
Security Updates & Patches
Securezoo Cybersecurity Threat Center blog posts of new security updates and patches.
Drupal patches Moderately Critical Private Taxonomy Terms vulnerability
Drupal has patched a Moderately Critical ‘Private Taxonomy Terms’ vulnerability that affect multiple versions of Drupal Core.
CISA adds 2 Microsoft vulnerabilities to Known Exploited Vulnerabilities Catalog (to include 1 Windows zero-day)
The Cybersecurity and Infrastructure Security Agency (CISA) has added one Microsoft Exchange and one Windows zero-day vulnerability to its Known Exploited Vulnerabilities Catalog.
Microsoft January 2023 Security Updates addresses 98 vulnerabilities (11 rated Critical, 1 zero day)
The Microsoft January 2023 Security Updates includes patches and advisories for 98 vulnerabilities, including 11 Critical severity issues.
Adobe security updates for Adobe Acrobat and Reader (and other products)
Adobe also released four advisories addressing 29 vulnerabilities (16 Critical) in Adobe Acrobat and Reader, Adobe Dimension, InCopy, and InDesign.
Google releases Chrome OS security updates with fixes for 5 High severity vulnerabilities
Google has released Long Term Support (LTS) 102 security update and Stable Channel update for Chrome OS devices to fix multiple vulnerabilities.
Fortinet releases security update for High severity FortiADC vulnerability (CVE-2022-39947)
Fortinet has released a security advisory that addresses a Critical ‘command injection in web interface’
vulnerability (CVE-2022-39947) in multiple versions of FortiADC.
CISA adds 2 TIBCO vulnerabilities to Known Exploited Vulnerabilities Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has added two TIBCO vulnerabilities to its Known Exploited Vulnerabilities Catalog.
Linux Kernel ksmbd Use-After-Free RCE Vulnerability
Security researchers have discovered a Critical remote code execution (RCE) vulnerability in Linux 5.15 Kernel Server Message Block (SMB) server, ksmbd.
‘Achilles’ vulnerability exploit bypasses macOS Gatekeeper
Microsoft researchers discovered a vulnerability dubbed “Achilles” in macOS that could allow attackers to bypass Apple’s Gatekeeper security feature designed to ensure that only trusted software runs on your Mac.