Snapshot
July 1, 2023 - July 7, 2023
CISA Known Exploited Vulnerabilities |
||||
---|---|---|---|---|
CVE | Summary | Severity | Vendor | Date Added |
CVE-2021-29256 | Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information. | HIGH | Arm | July 7, 2023 |
Newswires |
||||
CISA Directs Government Agencies to Patch Actively Exploited Android Driver
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an order for federal agencies to rectify a high-severity flaw in the Arm Mali GPU kernel driver. |
July 7, 2023 |
|||
Mastodon Patches Critical TootRoot Bug and Other Vulnerabilities
Mastodon, an open-source decentralized social networking platform, has addressed four vulnerabilities, with one of them being critical that could allow threat actors to create arbitrary files on the server using specially crafted media files. |
July 7, 2023 |
|||
CISA Warns of Truebot Malware Exploiting Netwrix Auditor RCE Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have alerted the public about new variants of the Truebot malware being deployed on compromised networks. |
July 6, 2023 |
|||
New Linux Kernel Vulnerability 'StackRot' Unveiled by Researchers
Researchers have uncovered a new security vulnerability in the Linux kernel, which they've named 'StackRot' (CVE-2023-3269). |
July 6, 2023 |
|||
Cisco Alerts Users of High-Severity Vulnerability in Data Center Switches
Cisco has alerted its customers about a significant vulnerability found in some models of data center switches that could allow attackers to interfere with encrypted traffic. |
July 6, 2023 |
|||
Google Rolls Out July Security Updates for Android, Addressing 46 Vulnerabilities
Google's recent security patches for Android tackle 46 vulnerabilities, with three suspected of being actively exploited. |
July 6, 2023 |
|||
Critical SQL Injection Vulnerabilities Uncovered in MOVEit Transfer
Progress Software has issued an urgent notification to its clients regarding a critical SQL injection vulnerability in its MOVEit Transfer managed file transfer solution, identified as CVE-2023-36934. |
July 6, 2023 |
|||
Critical RCE Vulnerabilities Pose Threats to Industrial Solar Panels
A significant number of solar power monitoring systems are at risk due to three critical remote code execution (RCE) vulnerabilities. |
July 6, 2023 |
|||
Ghostscript Bug CVE-2023-36664: Rogue Documents Could Execute System Commands
Ghostscript, an open-source tool used for document composition and PDF file creation, has a bug that could allow malicious documents to run system commands. |
July 4, 2023 |
|||
Critical Remote Code Execution Bug Leaves Over 300,000 Fortinet Firewalls Vulnerable
A critical security vulnerability, CVE-2023-27997, is currently affecting more than 300,000 FortiGate firewalls. |
July 3, 2023 |
|||
Vulnerabilities In The News |
||||
CVE | Summary | Severity | Vendor | Risk Context |
CVE-2023-27997 (6) | A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.... | CRITICAL | Fortinet |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2022-31199 (6) | Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the... | CRITICAL |
Actively Exploited Remote Code Execution |
|
CVE-2023-2136 (6) | Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer ... | CRITICAL | Fedoraproject, Debian, Google |
CISA Known Exploited Actively Exploited Remote Code Execution |
CVE-2021-29256 (6) | . | HIGH | Arm |
CISA Known Exploited |
CVE-2023-26083 (6) | Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU ... | LOW | Arm |
CISA Known Exploited Actively Exploited Used In Ransomware |
CVE-2023-36934 (7) | In Progress MOVEit Transfer before 2020.1.11 , 2021.0.9 , 2021.1.7 , 2022.0.7 , 2022.1.8 , and 2023.0.4 , a SQL injection vul... | N/A | Risk Context N/A | |
CVE-2023-36933 (7) | In Progress MOVEit Transfer before 2021.0.9 , 2021.1.7 , 2022.0.7 , 2022.1.8 , and 2023.0.4 , it is possible for an attacker ... | N/A | Risk Context N/A | |
CVE-2023-36932 (7) | In Progress MOVEit Transfer before 2020.1.11 , 2021.0.9 , 2021.1.7 , 2022.0.7 , 2022.1.8 , and 2023.0.4 , multiple SQL inject... | N/A | Risk Context N/A |
CISA Known Exploited Vulnerabilities
CISA added one vulnerability to the known exploited vulnerabilities list.
Arm — Mali Graphics Processing Unit (GPU) |
CVE-2021-29256 / Added: July 7, 2023 |
HIGH CVSS 8.80 EPSS Score 0.08 EPSS Percentile 32.54 |
Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information. |
Headlines
|
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2023-27997 |
CRITICAL CVSS 9.80 EPSS Score 5.75 EPSS Percentile 92.26 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: June 13, 2023 |
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests. |
Vendor Impacted: Fortinet |
Products Impacted: Fortios-6k7k, Fortios And Fortiproxy Ssl-Vpn, Fortiproxy, Fortios |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2022-31199 |
CRITICAL CVSS 9.80 EPSS Score 0.26 EPSS Percentile 62.22 |
Actively Exploited Remote Code Execution |
Published: Nov. 8, 2022 |
Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by the component, and potentially allow an unauthenticated remote attacker to execute arbitrary code as the NT AUTHORITY\SYSTEM user on affected systems, including on systems Netwrix Auditor monitors. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-2136 |
CRITICAL CVSS 9.60 EPSS Score 0.55 EPSS Percentile 74.35 |
CISA Known Exploited Actively Exploited Remote Code Execution |
Published: April 19, 2023 |
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
Vendors Impacted: Fedoraproject, Debian, Google |
Products Impacted: Debian Linux, Chrome, Fedora |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2021-29256 |
HIGH CVSS 8.80 EPSS Score 0.08 EPSS Percentile 32.54 |
CISA Known Exploited |
Published: May 24, 2021 |
. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0. |
Vendor Impacted: Arm |
Products Impacted: Mali Graphics Processing Unit (Gpu), Valhall, Midgard, Bifrost |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-26083 |
LOW CVSS 3.30 EPSS Score 6.15 EPSS Percentile 92.50 |
CISA Known Exploited Actively Exploited Used In Ransomware |
Published: April 6, 2023 |
Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata. |
Vendor Impacted: Arm |
Products Impacted: Bifrost Gpu Kernel Driver, Valhall Gpu Kernel Driver, Mali Graphics Processing Unit (Gpu), Midgard, Avalon Gpu Kernel Driver |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-36934 |
CVSS Not Assigned EPSS Score 0.05 EPSS Percentile 14.41 |
Risk Context N/A |
Published: July 5, 2023 |
In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-36933 |
CVSS Not Assigned EPSS Score 0.04 EPSS Percentile 7.02 |
Risk Context N/A |
Published: July 5, 2023 |
In Progress MOVEit Transfer before 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), it is possible for an attacker to invoke a method that results in an unhandled exception. Triggering this workflow can cause the MOVEit Transfer application to terminate unexpectedly. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-36932 |
CVSS Not Assigned EPSS Score 0.04 EPSS Percentile 7.02 |
Risk Context N/A |
Published: July 5, 2023 |
In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), multiple SQL injection vulnerabilities have been identified in the MOVEit Transfer web application that could allow an authenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content. |
Quotes
|
Headlines
|
Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.