CISA added two more vulnerability in his catalog for Known Exploited Vulnerability
CISA publish the known vulnerability catalog for the FCEB agencies but CISA recommend all organization timely remediation of catalog vulnerability to reduce cyber-attack exposure. Yesterday CISA added two more vulnerability in its catalog CVE-2021-35587 and CVE-2022-4135.
CVE-2021-35587 is a vulnerability in Oracle access manager product of Oracle Fusion Middleware and affected versions are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. This vulnerability allow attack unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks of this vulnerability can result in takeover of Oracle Access Manager.
CVE-2022-4135 is a vulnerability in Google Chrome GPU prior to 107.0.5304.121 which allow attacker who had compromised the rendered process to potentially perform a sandbox escape via a crafted HTML page.
Subscribe to:
Post Comments (Atom)
Dark Deals Disrupted: Telegram Blocks Massive Black Market Networks
Telegram Shuts Down Two Massive Digital Black Markets Tied to Cybercrime In a significant blow to global cybercrime operations, Telegram ...
-
DigiCert's Revocation of 83,000 Certificates: A Critical Security Move DigiCert has begun the process of revoking over 83,000 SSL/TLS ...
-
Critical Ingress NGINX Controller Vulnerabilities Expose Kubernetes Clusters to Remote Code Execution A set of five critical security vuln...
-
SuperBlack Ransomware Exploits Fortinet Vulnerabilities: A New Cyber Threat Emerges A Russian-linked threat actor, identified as Mora_001,...
No comments:
Post a Comment