Zero-day Archives - Securezoo

Attackers Exploit Forta GoAnywhere Zero-day Vulnerability

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / February 17, 2023 February 17, 2023 / CVE-2023-0669, Forta, GoAnywhere, Zero-day

Attackers have been exploiting a Forta GoAnywhere zero-day vulnerability (CVE-2023-0669).

Google fixes Chrome 108 zero-day vulnerability (CVE-2022-4262) exploited in the wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / December 4, 2022 December 4, 2022 / Chrome, CVE-2022-4262, Zero-day

Google has released Chrome 108.0.5359.94 for Mac and Linux and 108.0.5359.94/.95 for Windows with a fix for a High severity zero-day vulnerability (CVE-2022-4262) exploited in the wild.

Google fixes Chrome 107 zero-day vulnerability (CVE-2022-3723) exploited in the wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / October 30, 2022 October 30, 2022 / Chrome, Chrome 107, CVE-2022-3723, Zero-day

Google has released Chrome 107.0.5304.87 for Mac and Linux and 107.0.5304.87/.88 for Windows with a fix for a High severity zero-day vulnerability CVE-2022-3723 exploited in the wild.

Apple releases new macOS Ventura 13, along with security updates for iOS zero-day and multiple Apple products

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / October 26, 2022 October 26, 2022 / Apple, Big Sur, CVE-2022-42827, iOS 15.7, iOS 16.1, macOS, Monterey, Safari 16.1, tvOS 16.1, Ventura 13, watchOS, Zero-day

Apple has released new macOS Ventura 13, along with security updates for Apple iOS 16.1, iOS 15.7, macOS Monterey 12.6.1, macOS Big Sur 11.7.1, Safari 16.1, tvOS 16.1, and watchOS 9.1. One zero-day iOS vulnerability was also fixed.

Microsoft update for Microsoft Exchange Server zero-day ProxyNotShell vulnerabilities

Messaging Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / October 1, 2022 November 12, 2022 / CVE-2022-41040, CVE-2022-41082, Exchange, Exchange Server 2019, IIS, Microsoft, PowerSHell, ProxyNotShell, Vulnerabilities, Zero-day

Microsoft has released a new security update for two Microsoft Exchange Server zero-day vulnerabilities (CVE-2022-41040 and CVE-2022-41082) dubbed “ProxyNotShell” under limited targeted attacks in the wild.

Apple fixes zero-day vulnerability (CVE-2022-32893) in iOS 12.5.6 exploited in the wild

Mobile Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / September 2, 2022 February 14, 2023 / Apple, CVE-2022-32893, Exploit, iOS, Vulnerabilities, Webkit, Zero-day

Apple has fixed a zero-day vulnerability (CVE-2022-32893) in iOS 12.5.6 under attack in the wild.

Google releases Chrome 104 security update with fixes for 11 vulnerabilities (1 zero-day CVE-2022-2856)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / August 19, 2022 August 19, 2022 / Chrome, CVE-2022-2856, Vulnerabilities, Zero-day

Google has released Chrome 104.0.5112.101 (Mac/Linux) and 104.0.5112.102/101 (Windows), with fixes for 11 vulnerabilities (one rated Critical and seven rated High severity). Additionally, one of the patches fixed a zero-day flaw CVE-2022-2856.

Google releases Chrome 103 security update with fix for zero-day vulnerability (CVE-2022-2294) exploited in the wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / July 6, 2022 July 6, 2022 / Chrome, Chrome103, CVE-2022-2294, CVE-2022-2295, CVE-2022-2296, Cybersecurity Threat Center, WebRTC, Zero-day

Google has released Chrome 103.0.5060.114 for Windows with fixes for multiple vulnerabilities, to include one High severity zero-day (CVE-2022-2294) exploited in the wild.

Atlassian fixes Critical Confluence RCE vulnerability (CVE-2022-26134) exploited in the wild

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / June 4, 2022 June 4, 2022 / Atlassian, Confluence, CVE-2022-26134, Zero-day

Atlassian has fixed a Critical severity unauthenticated zero-day RCE vulnerability (CVE-2022-26134) in Confluence Server and Data Center.

Microsoft April 2022 Security Updates addresses 117 vulnerabilities (to include 2 zero-days)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / April 12, 2022 April 12, 2022 / CVE-2022-22008, CVE-2022-23257, CVE-2022-23259, CVE-2022-24491, CVE-2022-24497, CVE-2022-24500, CVE-2022-24521, CVE-2022-24537, CVE-2022-24541, CVE-2022-26809, CVE-2022-26904, CVE-2022-26919, Zero-day

The Microsoft April 2022 Security Updates includes patches and advisories for 117 vulnerabilities, ten of those rated Critical and two zero-day flaws.