Connect with us

Hi, what are you looking for?

Cyber Security

Weekly Vulnerability Roundup: A Compiled List of Vulnerabilities and Exploits

Each week, Cyberwrites publishes a summary of cybersecurity news that compiles important vulnerabilities and exploits that may have gone unnoticed.

Our weekly vulnerability roundup will provide coverage of newly discovered vulnerabilities, as well as those exploited to compromise organizations.

Weekly Vulnerability Roundup

Cisco

Cisco has published a security advisory that states that they have discovered two vulnerabilities, an XSS and an HTML injection vulnerability.

These vulnerabilities existed in the SPA500 series of the Cisco Small Business IP Phones. Cisco confirmed that there had been no workarounds for fixing these vulnerabilities.

In addition to this, Cisco mentioned that they wouldn’t be releasing security patches for these vulnerabilities as the Cisco Small Business SPA500 Series IP Phones reached the end-of-life process on August 13, 2018.

Oracle

Oracle has released a list of security patches for more than 130+ products. These products were used in several industries, including banking, communication, enterprise, development, and others.

Over 508 new security patches and CVE IDs were released, of which 76 of them had Critical severity.

Apache OpenMeeting

OpenMeetings is an application that can be used for video calls, collaborative work, and presentations.

The newly discovered vulnerability could allow threat actors to execute commands on the underlying server.

OpenSSH Agent

This flaw exists in OpenSSH’s forward ssh-agent. This flaw allows an attacker to execute arbitrary commands on vulnerable OpenSSH’s forwarded ssh-agent.

OpenSSH has been used in several servers and applications for remote login and file transfer, along with encryption. This vulnerability exists in the ssh-agent program that allows authentication to remote servers without entering the passphrase every time.

Chrome 115 Update

Google released Chrome 115 to the stable channel for Windows, MacOS, and Linux on Tuesday, patching 20 vulnerabilities, including 11 that were discovered by external researchers.

Four security issues were assessed to be of “high severity,” while six were determined to be of “medium severity.

More Details

Zimbra and Roundcube Exploited

An alarming spear-phishing campaign has been uncovered, specifically aimed at government organizations. This attack preys on the vulnerabilities of Zimbra and Roundcube email servers.

Advertisement. Scroll to continue reading.

These emails evaded government organizations’ anti-spam filters, which state that the threat actors used several evasion techniques to bypass spam detections.

More Details

Citrix NetScaler

Citrix recently issued a security bulletin, cautioning users about three new vulnerabilities impacting their above-mentioned product line.

The CVE-2023-3519 as the critical zero-day vulnerability among the three, enabling unauthenticated attackers to execute code on vulnerable Gateway systems remotely.

More Details

Source: https://cybersecuritynews.com/weekly-vulnerability-roundup/

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

A group of Researchers unearthed critical code Proton Mail vulnerabilities that could have jeopardized the security of Proton Mail, a renowned privacy-focused webmail service. ...

Cyber Security

The cyberattack that ultimately led to the breach of several U.S. officials’ email accounts was the result of a China-based threat actor accessing a...

Cyber Security

How a cornerstone cybersecurity program has evolved from information collection to active defense. The Cybersecurity and Infrastructure Security Agency has used its Continuous Diagnostics...

Cyber Security

We are glad to present the most recent news on cybersecurity in this week’s Threat and Vulnerability Roundup from Cyber Writes.  The latest attack...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO