MITRE CVE プログラム 25 周年: Tenable セキュリティ レスポンス チームが重要な 25 件の脆弱性を厳選
Twenty five years after the launch of CVE, the Tenable Security Response Team has handpicked 25 vulnerabilities that stand out for their significance....
Oracle 2024 年 10 月のクリティカルパッチアップデートで 198 件の CVE に対処
Oracle addresses 198 CVEs in its fourth quarterly update of 2024 with 334 patches, including 35 critical updates....
マイクロソフト 2024 年 10 月月例セキュリティ更新プログラム、117 件の CVE に対応 (CVE-2024-43572、CVE-2024-43573)
Microsoft addresses 117 CVEs with three rated as critical and four zero-day vulnerabilities, two of which were exploited in the wild....
CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, CVE-2024-47177: Common UNIX Printing System (CUPS) の脆弱性に関するよくある質問
Frequently asked questions about multiple vulnerabilities in the Common UNIX Printing System (CUPS) that were disclosed as zero-days on September 26....
マイクロソフト、2024 年 9 月の月例セキュリティ更新プログラムで 79 件の CVE に対応 (CVE-2024-43491)
Microsoft addresses 79 CVEs with seven critical vulnerabilities and four zero-day vulnerabilities, including three that were exploited in the wild....
CVE-2021-20123、CVE-2021-20124: Tenable Research が発見した DrayTek の脆弱性が CISA の既知の悪用された脆弱性カタログ (KEV) に追加されたことについて
With patches out for three years, attackers have set their sights on a pair of vulnerabilities affecting DrayTek VigorConnect....
AA24-241A : 米国組織を標的とするイランのサイバー攻撃者に関するサイバーセキュリティ共同勧告
A joint Cybersecurity Advisory highlights Iran-based cyber actor ransomware activity targeting U.S. organizations. The advisory includes CVEs exploited, alongside techniques, tactics and procedures used by the threat actors....
CVE-2024-7593: Ivanti Virtual Traffic Manager における認証バイパスの脆弱性
Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available...
マイクロソフトの2024年8月月例更新プログラム、88 件の脆弱性に対処
Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild....
CVE-2024-20419: Cisco Smart Software Manager オンプレミスにおけるパスワード変更の脆弱性
Critical vulnerability in Cisco Smart Software Manager On-Prem exposes systems to unauthorized password changes, exploit code now available.BackgroundOn July 17, 2024, Cisco published an advisory for a critical vulnerability in Cisco’s Smart Software Manager On-Prem (SSM On-Prem):CVEDescriptionCVSSv...
オラクル、2024 年 7 月のクリティカルパッチアップデートで 175 件の脆弱性を修正
Oracle addresses 175 CVEs in its third quarterly update of 2024 with 386 patches, including 26 critical updates....
Microsoft’s July 2024 Patch Tuesday Addresses 138 CVEs (CVE-2024-38080, CVE-2024-38112)
Microsoft addresses 138 CVEs in its July 2024 Patch Tuesday release, with five critical vulnerabilities and three zero-day vulnerabilities, two of which were exploited in the wild....