CVE-2023-46747: F5 BIG-IP における緊急な認証バイパスの脆弱性
A critical authentication bypass vulnerability in F5’s BIG-IP could allow remote, unauthenticated attackers to execute system commands. Organizations are encouraged to apply patches as soon as possible.
Oracle 2023 年 10 月のクリティカルパッチアップデートで 176 件の CVE に対処
Oracle addresses 176 CVEs in its fourth quarterly update of 2023 with 387 patches, including 46 critical updates.
CVE-2023-4966: Citrix NetScaler ADC および NetScaler Gateway における情報公開の脆弱性の悪用が確認される
A critical information disclosure vulnerability in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway has been exploited in the wild as a zero-day vulnerability. 直ちにパッチを適用するようにしてください。
CVE-2023-20198: Cisco IOS XE のゼロデイ脆弱性の悪用が確認される
A maximum severity CVSS 10 zero-day vulnerability in Cisco IOS XE has been exploited in the wild. Organizations should apply the mitigation steps from Cisco as soon as possible until patches are released.
マイクロソフト 2023 年 10 月月例セキュリティ更新プログラム、103 件の CVE に対応 (CVE-2023-36563、CVE-2023-41763)
Microsoft addresses 103 CVEs including two vulnerabilities that were exploited in the wild.
CVE-2023-38545、CVE-2023-38546: curl の新しい脆弱性に関するよくある質問
Frequently asked questions relating to two vulnerabilities patched in curl version 8.4.0
MrBeast 詐欺:YouTube や TikTok で偽のプレゼントを宣伝するためのなりすましにディープフェイクや認証済みアカウントが使用される
MrBeast, the most popular YouTube creator as of October 2023, has been impersonated in a variety of scams on YouTube and TikTok, including a recent deepfake promoting a free iPhone giveaway
CVE-2023-22515: Atlassian Confluence Data Center と Server のゼロデイ脆弱性の悪用が確認される
A critical zero-day vulnerability in Atlassian Confluence Data Center and Server has been exploited in the wild in a limited number of cases. Organizations should patch or apply the mitigation steps as soon as possible.
CVE-2023-40044, CVE-2023-42657: Progress Software、WS_FTP サーバーの複数の脆弱性を修正
Progress Software patches multiple flaws in its WS_FTP Server product, including a pair of critical flaws, one with a maximum CVSS rating of 10
CVE-2023-41064、CVE-2023-4863、CVE-2023-5129: ImageIO および WebP/libwebp のゼロデイ脆弱性に関するよくある質問
Frequently asked questions relating to vulnerabilities in Apple, Google and the open source libwebp library.
CVE-2023-29357、CVE-2023-24955: Microsoft SharePoint Server における脆弱性を悪用するエクスプロイトチェーンがリリースされる
A proof-of-concept exploit chain has been released for two vulnerabilities in Microsoft SharePoint Server that can be exploited to achieve unauthenticated remote code execution.
マイクロソフト、2023 年 9 月の月例セキュリティ更新プログラムで 61 件の CVE に対応 (CVE-2023-36761)
Microsoft addresses 61 CVEs including two vulnerabilities that were exploited in the wild
営業チームに問い合わせる