Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CISA known exploited database update #915

Merged
merged 1 commit into from
Nov 26, 2023
Merged

CISA known exploited database update #915

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
1 change: 1 addition & 0 deletions config/known_exploited_vulnerabilities.csv
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1039,3 +1039,4 @@ CVE-2023-36036,Microsoft,Windows,"Microsoft Windows Cloud Files Mini Filter Driv
CVE-2023-36584,Microsoft,Windows,"Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability",2023-11-16,"Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",2023-12-07,Unknown,https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36584
CVE-2023-1671,Sophos,"Web Appliance","Sophos Web Appliance Command Injection Vulnerability",2023-11-16,"Sophos Web Appliance contains a command injection vulnerability in the warn-proceed handler that allows for remote code execution.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",2023-12-07,Unknown,https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce
CVE-2020-2551,Oracle,"Fusion Middleware","Oracle Fusion Middleware Unspecified Vulnerability",2023-11-16,"Oracle Fusion Middleware contains an unspecified vulnerability in the WLS Core Components that allows an unauthenticated attacker with network access via IIOP to compromise the WebLogic Server.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",2023-12-07,Unknown,https://www.oracle.com/security-alerts/cpujan2020.html
CVE-2023-4911,GNU,"GNU C Library","GNU C Library Buffer Overflow Vulnerability",2023-11-21,"GNU C Library's dynamic loader ld.so contains a buffer overflow vulnerability when processing the GLIBC_TUNABLES environment variable, allowing a local attacker to execute code with elevated privileges.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",2023-12-12,Unknown,"This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=1056e5b4c3f2d90ed2b4a55f96add28da2f4c8fa, https://access.redhat.com/security/cve/cve-2023-4911, https://www.debian.org/security/2023/dsa-5514"