LINK Thanks to the ZDI guys. If you have Apache, or any device that has a built in webserver, you need to check if it has a firmware update soon.
LINK SonicWall have a vulnerability CVE-2021-20038 that is a RCE and its being actively exploited. Act Now
LINK Here is the new CISA weekly vulnerability list.
LINK The four added are CVE Number CVE Title Required Action Due Date CVE-2006-1547 Apache Struts 1 ActionForm Denial of Service Vulnerability 07/21/2022 CVE-2012-0391 Apache Struts 2 Improper Input Validation Vulnerability 07/21/2022 CVE-2018-8453 Microsoft Windows Win32k Privilege Escalation Vulnerability 07/21/2022 CVE-2021-35247 SolarWinds Serv-U Improper Input Validation Vulnerability 02/04/2022 The download for the full CSV is […]
LINK Looks like this is in the McAfee Update Agent.
LINK F5 has published a list of vulnerabilities. If you have F5 devices, time to address them.
LINK Time to update Google Chrome again
LINK It is not easy to be concise in listing VMware products affected by Log4j. So goto the link above for details.
LINK Time to look again if you have Cisco products in your network, including Webex.
LINK Google Project Zero has identified 2 Critical and High rated Vulnerabilities in Zoom Clients and Zoom MMR systems. Patches were released by the Vendor.