CySec News Atlassian has addressed a hardcoded credential flaw in Questions for Confluence and servlet filter bypasses in multiple other products. The Australian vendor of software development and collaboration tools issued security advisories with instructions for applying updates and mitigations (July 20). Reference: https://portswigger.net/daily-swig/atlassian-patches-batch-of-critical-vulnerabilities-across-multiple-products Zyxel has released patches for several of its firewall products […]
Monthly Archives: July 2022
20
Jul
Jul
CySec News Juniper Networks has pushed security updates to address several vulnerabilities affecting multiple products, some of which could be exploited to seize control of affected systems. The most critical of the flaws affect Junos Space and Contrail Networking, with the tech company urging customers to update to release versions 22.1R1 and 21.4.0, respectively. Reference: […]
13
Jul
Jul
CySec News Microsoft reminded customers that Windows Server, version 20H2 will be reaching its End of Service (EOS) next month, on August 9. Reference: https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-windows-server-20h2-reaches-eos-next-month/ Microsoft says last week’s decision to roll back VBA macro auto-blocking in downloaded Office documents is only a temporary change. Reference: https://www.bleepingcomputer.com/news/microsoft/microsoft-says-decision-to-unblock-office-macros-is-temporary/ Cisco on Wednesday rolled out patches […]
06
Jul
Jul
CySec News Gitlab has patched a critical vulnerability that could allow an attacker to execute code remotely. The security issue, which has been rated as critical, has been discovered in all versions of GitLab, starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1. An authenticated user could import a […]