CIS Advisories

CIS Advisories

243 bookmarks
Custom sorting
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities聽could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.Mozilla Firefox is a web browser used to access the Internet.Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.Mozilla Thunderbird is an email client.Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Palo Alto PAN-OS Could Allow for Authentication Bypass
Multiple Vulnerabilities in Palo Alto PAN-OS Could Allow for Authentication Bypass
Multiple vulnerabilities have been discovered in Palo Alto PAN-OS, the most severe of which could allow for authentication bypass. PAN-OS is the software that runs all Palo Alto Networks next-generation firewalls. Successful exploitation could allow for authentication bypass with administrator privileges. An attacker could then install programs; view, change, or delete data.
cisecurity.org
Multiple Vulnerabilities in Palo Alto PAN-OS Could Allow for Authentication Bypass
Critical Patches Issued for Microsoft Products, November 12, 2024
Critical Patches Issued for Microsoft Products, November 12, 2024
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Critical Patches Issued for Microsoft Products, November 12, 2024
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights
cisecurity.org
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Citrix Products Could Allow for Remote Code Execution
Multiple Vulnerabilities in Citrix Products Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in Citrix products, the most severe of which could allow for remote code execution. Citrix ADC performs application-specific traffic analysis to intelligently distribute, optimize, and secure Layer 4 - Layer 7 network traffic for web applications. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Multiple Vulnerabilities in Citrix Products Could Allow for Remote Code Execution
Multiple Vulnerabilities in Ivanti Endpoint Manager Could Allow for Remote Code Execution
Multiple Vulnerabilities in Ivanti Endpoint Manager Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in Ivanti Endpoint Manager, the most severe of which could allow for remote code execution. Ivanti Endpoint Manager is a client-based unified endpoint management software. Successful exploitation could allow for remote code execution in the context of the system. Depending on the privileges associated with the system, an attacker could then install programs; view, change, or delete data. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Multiple Vulnerabilities in Ivanti Endpoint Manager Could Allow for Remote Code Execution
A Vulnerability in Android OS Could Allow for Remote Code Execution
A Vulnerability in Android OS Could Allow for Remote Code Execution
A vulnerability has been discovered in Android OS that could allow for remote code execution.聽Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of this vulnerability聽could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
A Vulnerability in Android OS Could Allow for Remote Code Execution
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. 聽Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.Mozilla Thunderbird is an email client. 聽Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
A Vulnerability in Zimbra Collaboration Could Allow for Remote Code Execution
A Vulnerability in Zimbra Collaboration Could Allow for Remote Code Execution
A vulnerability has been discovered in Zimbra Collaboration which could allow for remote code execution. Zimbra is a collaborative software suite that includes an email server and a web client. Successful exploitation of this vulnerability could allow for remote code execution in the context of the Zimbra user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data.
cisecurity.org
A Vulnerability in Zimbra Collaboration Could Allow for Remote Code Execution
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for聽arbitrary聽code execution.聽Successful exploitation of the most severe of these vulnerabilities聽could allow for聽arbitrary聽code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Critical Patches Issued for Microsoft Products, September 10, 2024
Critical Patches Issued for Microsoft Products, September 10, 2024
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Critical Patches Issued for Microsoft Products, September 10, 2024
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in SolarWinds Web Help Desk Could Allow for Remote Code Execution
Multiple Vulnerabilities in SolarWinds Web Help Desk Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in SolarWinds Web Help Desk (WHD), the most severe of which could allow for remote code execution. Web Help Desk (WHD) is a SolarWinds IT help desk solution. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the system. Depending on the privileges associated with the system, an attacker could then install programs; view, change, or delete data.
cisecurity.org
Multiple Vulnerabilities in SolarWinds Web Help Desk Could Allow for Remote Code Execution
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in SolarWinds Web Help Desk Could Allow for Remote Code Execution
Multiple Vulnerabilities in SolarWinds Web Help Desk Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in SolarWinds Web Help Desk (WHD), the most severe of which could allow for remote code execution. Web Help Desk (WHD) is a SolarWinds IT help desk solution. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the system. Depending on the privileges associated with the system, an attacker could then install programs; view, change, or delete data.
cisecurity.org
Multiple Vulnerabilities in SolarWinds Web Help Desk Could Allow for Remote Code Execution
Multiple Vulnerabilities in Google Android OS Could Allow for Privilege Escalation
Multiple Vulnerabilities in Google Android OS Could Allow for Privilege Escalation
Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for privilege escalation. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for privilege escalation. Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights.
cisecurity.org
Multiple Vulnerabilities in Google Android OS Could Allow for Privilege Escalation
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Critical Patches Issued for Microsoft Products, August 13, 2024
Critical Patches Issued for Microsoft Products, August 13, 2024
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Critical Patches Issued for Microsoft Products, August 13, 2024
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe is a software that is used for creating and publishing a wide variety of contents including graphics, photography, illustration, animation, multimedia, motion pictures and print. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights
cisecurity.org
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in SolarWinds Web Help Desk Could Allow for Remote Code Execution
Multiple Vulnerabilities in SolarWinds Web Help Desk Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in SolarWinds Web Help Desk (WHD), the most severe of which could allow for remote code execution. Web Help Desk (WHD) is a SolarWinds IT help desk solution. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the system. Depending on the privileges associated with the system, an attacker could then install programs; view, change, or delete data.
cisecurity.org
Multiple Vulnerabilities in SolarWinds Web Help Desk Could Allow for Remote Code Execution
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
cisecurity.org
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe Premiere Pro is a timeline-based and non-linear video editing software application. Adobe InDesign is a desktop publishing and page layout designing software application. Adobe Bridge is a free digital asset management application. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights
cisecurity.org
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution