CISA has published three malware analysis reports on malware variants associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG)…

Continue Reading

Ivanti has identified and released patches for a directory traversal vulnerability (CVE-2023-35081, CWE-22) in Ivanti Endpoint Manager Mobile (EPMM). This vulnerability allows an attacker with EPMM administrator privileges…

Continue Reading

SUMMARY The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity…

Continue Reading

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-37580 Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities…

Continue Reading

CISA has released an analysis and infographic detailing the findings from the 121 Risk and Vulnerability Assessments (RVAs) conducted across multiple critical infrastructure sectors in fiscal year 2022…

Continue Reading

  High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info oliva_expertise — oliva_expertise_eks   Improper Neutralization of Special Elements used in an SQL…

Continue Reading