| Dec 16, 2022 Flash Notice: Critical VMware Vulnerabilities This week, VMware patched a critical vulnerability (CVE-2022-31705) impacting ESXi, Workstation, Cloud Foundation, and Fusion.
| Dec 15, 2022 Flash Notice: Critical Remote Code Execution Vulnerability Found in SPNEGO An RCE Vulnerability found in the common Windows Protocol SPNEGO NEGOEX has been upgraded from a 3.1 CVSS score to an 8.1.
| Dec 14, 2022 Flash Notice: Critical Citrix Zero-Day Exploited by Attackers A critical zero-day vulnerability (CVE-2022-27518) was found in Citrix ADC and Gateway. It is an unauthenticated remote code execution vulnerability.
| Dec 13, 2022 Flash Notice: Critical Fortinet Zero-Day Vulnerability Exploited in the Wild A critical zero-day vulnerability (CVE-2022-42475) was found in multiple versions of Fortinet’s FortiOS SSL-VPN.
| Dec 7, 2022 Flash Notice: Google Patches Actively Exploited Zero-Day A zero-day vulnerability impacting all browser versions of Google Chrome (including Opera & Microsoft Edge) is being actively exploited by threat actors.
| Dec 1, 2022 Flash Notice: Oracle Vulnerability Actively Exploited A patched vulnerability (CVE-2021-35587) found in Oracle’s Fusion Middleware Access Manager (OAM) is currently under active exploitation.
| Nov 18, 2022 Flash Notice: Two High-Severity Vulnerabilities Found in F5 BIG-IP and BIG-IQ Products This week, Rapid7 researchers discovered two high-severity vulnerabilities in F5 BIG-IP and BIG-IQ products running customized distribution of CentOS.
| Nov 14, 2022 Flash Notice: Citrix and VMware Disclose Critical Vulnerabilities, Could Impact Remote Workspaces This week Citrix issued patches for 3 vulnerabilities impacting their Gateway & ADC products. VMware also warned customers about 3 critical vulnerabilities
| Nov 2, 2022 Flash Notice: OpenSSL Project - Two High Severity Vulnerabilities Two critical vulnerabilities that were found in OpenSSL Project’s open-source cryptographic library have now been downgraded to high-severity.
| Oct 28, 2022 Flash Notice: Cisco VPN Vulnerabilities Exploited in the Wild This week, Cisco announced that there are two vulnerabilities affecting their AnyConnect product. They are being tracked as CVE-2020-3433 & CVE-2020-3153.
