Updated CISA exploited vulnerabilities catalog adds several flaws

20 September 2024

Most recent of the newly added vulnerabilities is a critical remote command execution issue in Apache HugeGraph-Server, tracked as CVE-2024-27348, which could be leveraged to facilitate sandbox restriction evasion. Also part of the CISA advisory are a pair of critical RCEs in Oracle JDeveloper and WebLogic Server, tracked as CVE-2022-21445 and CVE-2020-14644, respectively, both of which could be exploited to allow software takeovers.

Source: SC Magazine

Date:

20 September 2024

Categorie(s):

NEWS

Tag(s):

Bug Bounties, CISA, IT, News

Police Broke Tor Anonymity to Arrest Dark Web Users in Major CSAM Bust20 September 2024
“Simply staggering” surveillance conducted by social media and streaming services, FTC finds20 September 2024
US indicts two over socially engineered $230M+ crypto heist20 September 2024
Automate detection and response to website defacement with Amazon CloudWatch Synthetics20 September 2024
HackerOne: Nearly Half of Security Professionals Believe AI Is Risky20 September 2024