Vulnerability Summary for the Week of July 29, 2024

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info Apache Software Foundation--Apache SeaTunnel Web  Web Authentication vulnerability in Apache SeaTunnel. Since the jwt key is hardcoded in…

Comments Off on Vulnerability Summary for the Week of July 29, 2024

Vulnerability Summary for the Week of July 22, 2024

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info 202ecommerce--paypal  In the module "PayPal Official" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop…

Comments Off on Vulnerability Summary for the Week of July 22, 2024

ISC Releases Security Advisories for BIND 9

The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of…

Comments Off on ISC Releases Security Advisories for BIND 9

Vulnerability Summary for the Week of July 15, 2024

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info Patch Info 1Panel-dev--1Panel  1Panel is a web-based linux server management control panel. 1Panel contains an unspecified sql injection via…

Comments Off on Vulnerability Summary for the Week of July 15, 2024

Widespread IT Outage Due to CrowdStrike Update

Note: CISA will update this Alert with more information as it becomes available. As of 1130am EDT July 19, 2024:  CISA is aware of the widespread outage affecting Microsoft Windows…

Comments Off on Widespread IT Outage Due to CrowdStrike Update

Ivanti Releases Security Updates for Endpoint Manager

Ivanti released security updates to address vulnerabilities in Ivanti Endpoint Manager (EPM) and Ivanti Endpoint Manager for Mobile (EPMM). A cyber threat actor could exploit some of these vulnerabilities to…

Comments Off on Ivanti Releases Security Updates for Endpoint Manager

Vulnerability Summary for the Week of July 8, 2024

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info Adobe--Bridge  Bridge versions 14.0.4, 13.0.7, 14.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability…

Comments Off on Vulnerability Summary for the Week of July 8, 2024

AT&T Discloses Breach of Customer Data

On July 12, AT&T released a public statement on unauthorized access of customer data from a third-party cloud platform. AT&T also provided recommendations and resources for affected customers.     CISA encourages…

Comments Off on AT&T Discloses Breach of Customer Data