Author: DEFENDEDGE

Original release date: July 18, 2022 | Last revised: July 19, 2022   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info ceneo-web-scrapper_project — ceneo-web-scrapper The adriankoczuruek/ceneo-web-scrapper repository through 2021-03-15 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 7.5 CVE-2022-31570 MISC clinic’s_patient_management_system_project —… Read more

Original release date: July 19, 2022 CISA has released an Industrial Controls Systems Advisory (ICSA) detailing six vulnerabilities that were discovered in MiCODUS MV720 Global Positioning System Tracker. Successful exploitation of these vulnerabilities may allow a remote actor to exploit access and gain control the global positioning system tracker. These vulnerabilities could impact access to… Read more

Original release date: July 18, 2022 CISA has updated the joint CISA-United States Coast Guard Cyber Command (CGCYBER) Cybersecurity Advisory AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon, originally released June 23, 2022. The advisory now includes IOCs provided in Malware Analysis Report (MAR)-10382580-2. CISA and CGCYBER encourage users and administrators to… Read more

Feds urge U.S. agencies to patch a Microsoft July Patch Tuesday 2022 bug that is being exploited in the wild by August 2. Read more

Original release date: July 14, 2022 Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the Juniper Networks security advisories page and apply the necessary updates.  This product is provided subject… Read more

Original release date: July 12, 2022 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s July 2022 Security Update and Deployment Information and apply the necessary updates. This product is provided subject… Read more

Original release date: July 12, 2022 SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review SAP Security Patch Day – July 2022 and apply the necessary updates. This product is provided subject… Read more

Original release date: July 11, 2022 | Last revised: July 12, 2022   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info gitlab — gitlab A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to… Read more

A radio control system for drones is vulnerable to remote takeover, thanks to a weakness in the mechanism that binds transmitter and receiver. Read more