Snapshot
Sept. 30, 2023 - Oct. 6, 2023
CISA Known Exploited Vulnerabilities |
||||
---|---|---|---|---|
CVE | Summary | Severity | Vendor | Date Added |
CVE-2023-22515 | Atlassian Confluence Data Center and Server contains a privilege escalation vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence. | CRITICAL | Atlassian | Oct. 5, 2023 |
CVE-2023-40044 | Progress WS_FTP Server contains a deserialization of untrusted data vulnerability in the Ad Hoc Transfer module that allows an authenticated attacker to execute remote commands on the underlying operating system. | HIGH | Progress | Oct. 5, 2023 |
CVE-2023-42824 | Apple iOS and iPadOS contain an unspecified vulnerability that allows for local privilege escalation. | N/A | Apple | Oct. 5, 2023 |
CVE-2023-42793 | JetBrains TeamCity contains an authentication bypass vulnerability that allows for remote code execution on TeamCity Server. | CRITICAL | JetBrains | Oct. 4, 2023 |
CVE-2023-28229 | Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain specific limited SYSTEM privileges. | HIGH | Microsoft | Oct. 4, 2023 |
CVE-2023-4211 | Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory. | MEDIUM | Arm | Oct. 3, 2023 |
CVE-2023-5217 | Google Chrome libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. | HIGH | Oct. 2, 2023 | |
Newswires |
||||
Looney Tunables: Exploits Released for Linux Local Privilege Escalation Vulnerability
A number of experts have recently disclosed exploits for a Linux local privilege escalation flaw known as Looney Tunables. |
Oct. 6, 2023 |
|||
Critical Security Vulnerabilities Uncovered in Supermicro's BMC Firmware
A series of security vulnerabilities have been detected in Supermicro's baseboard management controllers (BMC) firmware. |
Oct. 6, 2023 |
|||
The High Stakes Market for WhatsApp Zero-Day Exploits
The market for zero-day exploits, especially for widely used apps such as WhatsApp, has become highly lucrative. |
Oct. 5, 2023 |
|||
Critical 'ShellTorch' Vulnerabilities Threaten Open Source AI Users Including Google
Newly identified critical vulnerabilities in the machine learning framework TorchServe pose a significant threat to artificial intelligence (AI) applications. |
Oct. 5, 2023 |
|||
Critical Security Flaws Discovered in Widely Used curl Network Tool
On October 5, 2023, Daniel Stenberg, the maintainer of curl, issued an early warning about two security vulnerabilities in the widely used network data transfer tool. |
Oct. 5, 2023 |
|||
Sony Interactive Entertainment Data Breach: Personal Information of 6,800 Individuals Exposed
Sony Interactive Entertainment (SIE) has informed approximately 6,800 individuals, including current and former employees and their family members, about a data breach that exposed their personal information. |
Oct. 5, 2023 |
|||
Apple's Emergency Security Update Targets Newly Discovered Zero-Day Vulnerabilities
Apple has released an immediate security update to resolve a new zero-day vulnerability that has been utilized in attacks against iPhone and iPad users. |
Oct. 4, 2023 |
|||
Critical Zero-Day Vulnerability in Atlassian's Confluence Software Patched Amidst Exploitation
Atlassian, the Australian software company, has urgently addressed a top-priority zero-day vulnerability found in its Confluence Data Center and Server software. |
Oct. 4, 2023 |
|||
Cisco Addresses Critical Security Flaw in Emergency Responder
Cisco has released a security patch for a serious vulnerability in its Cisco Emergency Responder (CER) software. |
Oct. 4, 2023 |
|||
Major Linux Distributions Vulnerable to Severe glibc Privilege Escalation Flaw
A critical local privilege escalation vulnerability, designated as CVE-2023-4911, has been discovered in the GNU C Library (glibc) which is used by major Linux distributions such as Debian, Fedora, and Ubuntu. |
Oct. 4, 2023 |
|||
Google's October 2023 Security Update for Android Fixes Actively Exploited Zero-days
Google has launched its security updates for Android for October 2023, which deal with 54 unique vulnerabilities, two of which are confirmed to be actively exploited. |
Oct. 3, 2023 |
|||
Critical Security Flaws Discovered in PyTorch Models: Remote Code Execution Possible
Critical vulnerabilities, collectively named ShellTorch, have been found in the TorchServe tool used for serving and scaling PyTorch models. |
Oct. 3, 2023 |
|||
Qualcomm Reports Active Exploitation of Zero-Day Vulnerabilities in GPU, DSP Drivers
American semiconductor company Qualcomm has reported the active exploitation of three zero-day vulnerabilities in its GPU and Compute DSP drivers. |
Oct. 3, 2023 |
|||
Microsoft Patches Zero-Day Vulnerabilities in Edge, Teams, and Skype
Microsoft has rolled out urgent security updates for its Edge, Teams, and Skype applications in response to two zero-day vulnerabilities discovered in open-source libraries. |
Oct. 3, 2023 |
|||
Exim Patches Three Critical Zero-Day Bugs Amid Security Concerns
Exim, the popular mail transfer agent, has addressed three of the six zero-day vulnerabilities that were revealed last week through Trend Micro's Zero Day Initiative (ZDI). |
Oct. 2, 2023 |
|||
Ransomware Groups Exploiting Critical TeamCity RCE Flaw
Ransomware groups are exploiting a recently patched critical vulnerability in JetBrains' TeamCity continuous integration and deployment server. |
Oct. 2, 2023 |
|||
Critical Vulnerability in WS_FTP Server Exploited in Attacks: Exploit Now Available
Over the past weekend, a PoC exploit for a severe vulnerability in the WS_FTP Server file sharing solution, developed by Progress Software, was made public by security researchers. |
Oct. 2, 2023 |
|||
Arm Alerts on Mali GPU Vulnerabilities Likely Exploited in Targeted Cyber Attacks
Arm, in a recent security advisory, has brought attention to an actively exploited vulnerability in the Mali GPU drivers, known as CVE-2023-4211. |
Oct. 2, 2023 |
|||
Vulnerabilities In The News |
||||
CVE | Summary | Severity | Vendor | Risk Context |
CVE-2023-22515 (12) | Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a pr... | CRITICAL | Atlassian |
CISA Known Exploited Actively Exploited Remote Code Execution |
CVE-2023-5217 (16) | Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote at... | HIGH | Mozilla, Webmproject, Google |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-4863 (15) | Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perfo... | HIGH | Fedoraproject, Google, Debian, Mozilla |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-40044 (11) | In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulne... | HIGH | Progress |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-4911 (10) | A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment ... | HIGH | Fedoraproject, Redhat |
Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-41992 (8) | The issue was addressed with improved checks. | HIGH | Apple |
CISA Known Exploited Actively Exploited |
CVE-2022-22071 (7) | Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress ... | HIGH | Risk Context N/A | |
CVE-2023-4211 (16) | A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. | MEDIUM | Arm |
CISA Known Exploited |
CVE-2023-42824 (11) | The issue was addressed with improved checks. | N/A | Apple |
CISA Known Exploited Actively Exploited Remote Code Execution |
CISA Known Exploited Vulnerabilities
CISA added seven vulnerabilities to the known exploited vulnerabilities list.
Microsoft — Windows CNG Key Isolation Service |
CVE-2023-28229 / Added: Oct. 4, 2023 |
HIGH CVSS 7.00 EPSS Score 0.20 EPSS Percentile 57.09 |
Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain specific limited SYSTEM privileges. |
Headlines
|
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2023-22515 |
CRITICAL CVSS 10.00 |
CISA Known Exploited Actively Exploited Remote Code Execution |
Published: Oct. 4, 2023 |
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. For more details, please review the linked advisory on this CVE. |
Vendor Impacted: Atlassian |
Product Impacted: Confluence Data Center And Server |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-5217 |
HIGH CVSS 8.80 EPSS Score 0.85 EPSS Percentile 80.24 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: Sept. 28, 2023 |
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Vendors Impacted: Mozilla, Webmproject, Google |
Products Impacted: Firefox Esr, Firefox, Chrome Libvpx, Libvpx, Chrome, Firefox Focus |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-4863 |
HIGH CVSS 8.80 EPSS Score 38.99 EPSS Percentile 96.78 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: Sept. 12, 2023 |
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) |
Vendors Impacted: Fedoraproject, Google, Debian, Mozilla |
Products Impacted: Firefox Esr, Chromium Webp, Firefox, Fedora, Thunderbird, Debian Linux |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-40044 |
HIGH CVSS 8.80 EPSS Score 0.12 EPSS Percentile 46.16 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: Sept. 27, 2023 |
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system. |
Vendor Impacted: Progress |
Product Impacted: Ws_ftp Server |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-4911 |
HIGH CVSS 7.80 |
Actively Exploited Remote Code Execution Public Exploits Available |
Published: Oct. 3, 2023 |
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. |
Vendors Impacted: Fedoraproject, Redhat |
Products Impacted: Fedora, Virtualization, Enterprise Linux |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-41992 |
HIGH CVSS 7.80 EPSS Score 0.09 EPSS Percentile 38.66 |
CISA Known Exploited Actively Exploited |
Published: Sept. 21, 2023 |
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. |
Vendor Impacted: Apple |
Products Impacted: Ipad Os, Multiple Products, Macos, Iphone Os, Watchos |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2022-22071 |
HIGH CVSS 7.80 EPSS Score 0.04 EPSS Percentile 7.18 |
Risk Context N/A |
Published: June 14, 2022 |
Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-42824 |
CVSS Not Assigned |
CISA Known Exploited Actively Exploited Remote Code Execution |
Published: Oct. 4, 2023 |
The issue was addressed with improved checks. This issue is fixed in iOS 17.0.3 and iPadOS 17.0.3. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6. |
Vendor Impacted: Apple |
Product Impacted: Ios And Ipados |
Quotes
|
Headlines
|
Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.