CVE-2022-47939: Linux カーネルにおける「緊急」の RCE 脆弱性
A critical remote code execution vulnerability in the Linux kernel has been publicly disclosed by Trend Micro's Zero Day Initiative in its ZDI-22-1690 advisory. The vulnerability has been given a CVSSv3 of 10.0. There are no reports of active exploitation.
CVE-2022-37958: Microsoft SPNEGO NEGOEX における「緊急」の脆弱性に関するよくある質問
Microsoft recently reclassified a vulnerability in SPNEGO NEGOEX, originally patched in September, after a security researcher discovered that it can lead to remote code execution. Organizations are urged to apply these patches as soon as possible.
マイクロソフト 2022 年 12 月月例セキュリティ更新プログラム、47 件の CVE を修正 (CVE-2022-44698)
Microsoft addresses 48 CVEs including two zero-day vulnerabilities, one that has been exploited in the wild (CVE-2022-44698) and one that was publicly disclosed prior to a patch being available (CVE-2022-44710).
CVE-2022-27518: Citrix ADC および Gateway における脆弱性により認証を必要とせずにリモートからのコード実行が可能
Citrix has patched a critical remote code execution vulnerability in its Gateway and ADC products. This vulnerability has reportedly been exploited as a zero day; organizations should patch urgently.
CVE-2022-42475: Fortinet、FortiOS SSL VPN のゼロデイの脆弱性にパッチを適用
Fortinet has patched a zero day buffer overflow in FortiOS that could lead to remote code execution. There has been a report of active exploitation and organizations should patch urgently.
CVE-2022-27510: Citrix ADC とゲートウェイ認証バイパスにおける「緊急」の脆弱性
Citrix publishes an advisory to address multiple flaws in its ADC and Gateway products, including a critical vulnerability.
マイクロソフト 2022 年 11 月月例セキュリティ更新プログラム、62 件の CVE (CVE-2022-41073) を修正
Microsoft addresses 62 CVEs including four zero-day vulnerabilities that were exploited in the wild.
CVE-2022-3786、CVE-2022-3602: OpenSSL、深刻度の高い 2 つの脆弱性にパッチを適用
OpenSSL has patched two vulnerabilities, pivoting from its earlier announcement, in version 3.0.7.
CVE-2021-39144: VMware、XStream オープンソースライブラリの「緊急」の Cloud Foundation の脆弱性を修正
VMware issues patches for end-of-life versions of Cloud Foundation Network Security Virtualization for vSphere (NSX-V) to address a critical vulnerability in an open source library. Background On October 25, VMware published VMSA-2022-0027, an advisory for multiple vulnerabilities in its…
Oracle 2022 年 10 月のクリティカルパッチアップデートで 179 件の CVE に対処
Oracle addresses 179 CVEs in its fourth and final quarterly update of 2022 with 370 patches, including 56 critical updates.
マイクロソフト 2022 年 10 月月例セキュリティ更新プログラム、84 件の CVE に対応(CVE-2022-41033)
Microsoft addresses 84 CVEs in its October 2022 Patch Tuesday release, including 13 critical flaws.
中国政府により支援を受けたサイバー攻撃者によって頻繁に悪用されている上位の CVE (AA22-279A)
CISA, the NSA and FBI issue a joint advisory detailing the top 20 vulnerabilities exploited by state-sponsored threat actors linked to the People’s Republic of China.
営業チームに問い合わせる