CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Citrix ShareFile storage zones controller […]
news
news
ClamAV HFS+ File Scanning Infinite Loop Denial of Service Vulnerability
A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote
news
ClamAV AutoIt Module Denial of Service Vulnerability
A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service
news
Cisco Unified Contact Center Express Finesse Portal Web Cache Poisoning Vulnerability
A vulnerability in the Tomcat implementation for Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker
news
Cisco Unified Communications Products Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition
news
Cisco Unified Communications Manager SQL Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session
news
Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability
A vulnerability in the remote support feature of Cisco Umbrella Virtual Appliance could allow an authenticated, remote attacker to obtain
news
Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker
news
Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker
news
Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow
news
Cisco Prime Infrastructure and Evolved Programmable Network Manager Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow
news
Cisco Intersight Virtual Appliance Unauthenticated Port Forwarding Vulnerability
A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are
news
Cisco Intersight Private Virtual Appliance Command Injection Vulnerabilities
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level
news
Cisco Integrated Management Controller Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to
news
Cisco Identity Services Engine Device Credential Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to
news
Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could
news
Cisco Expressway Series and Cisco TelePresence Video Communication Server Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow
news
Cisco Duo Device Health Application for Windows Arbitrary File Write Vulnerability
A vulnerability in the CryptoService function of Cisco Duo Device Health Application for Windows could allow an authenticated, local attacker
news
AWS AppSync now supports JavaScript for all resolvers in GraphQL APIs
AWS AppSync is a managed service that makes it easier to build scalable APIs that connect applications to data. With
news
Amazon RDS Performance Insights provides an on-demand analysis experience
Amazon RDS (Relational Database Service) Performance Insights now helps customers analyze database performance metrics on demand to troubleshoot performance issues.