BACK TO INTEL

Archives

Classification

Clear Filter
Application Security
Cloud Infrastructure
Enterprise Infrastructure
Enterprise IT Infrastructure
Enterprise Networking
Enterprise Security
Enterprise Software
Adobe ColdFusion
Atlassian Confluence
Collaboration Platforms
Collaboration Tools
Email Infrastructure
Managed File Transfer
Microsoft Exchange
Microsoft SharePoint
Microsoft Windows
Mobile Device Management
Oracle E-Business Suite
Oracle WebCenter Suite
ERP
Information Technology
Infrastructure
Infrastructure Security
Microsoft
Network Appliances
Network Infrastructure
Network Security
Networking
Open Source
Operating Systems
Software
Software Development
Software Security
Technology
Virtualization
Vulnerability
Web Hosting
Web Security
Windows Ecosystem

FeedEnterprise Software

Verified advisories, vulnerability disclosures, and architectural research.

CVE-2012-1710

Deep Dive: Mitigating CVE-2012-1710 in Oracle Fusion Middleware

Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Designer.

Fusion Middleware
View Detail
CVE-2022-26134

Critical RCE Alert: Managing the CVE-2022-26134 Atlassian Confluence Vulnerability

Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.

Confluence Server/Data Center
View Detail
CVE-2022-41040

CVE-2022-41040: Microsoft Exchange Server SSRF Vulnerability (ProxyNotShell) Deep Dive and Remediation

Microsoft Exchange Server allows for server-side request forgery. Dubbed "ProxyNotShell," this vulnerability is chainable with CVE-2022-41082 which allows for remote code execution.

Exchange Server
View Detail
CVE-2022-41082

CVE-2022-41082: Defending Against the ProxyNotShell Deserialization RCE in Microsoft Exchange

Microsoft Exchange Server contains an unspecified vulnerability that allows for authenticated remote code execution. Dubbed "ProxyNotShell," this vulnerability is chainable with CVE-2022-41040 which allows for the remote code execution.

Exchange Server
View Detail
CVE-2022-41091

CVE-2022-41091: Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability Analysis and Remediation

Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.

Windows
View Detail
CVE-2022-41080

CVE-2022-41080: Critical Microsoft Exchange Privilege Escalation and Ransomware Risk

CVE-2022-41080 is a critical privilege escalation vulnerability in Microsoft Exchange Server, chainable for remote code execution and actively exploited in ransomware attacks.

Exchange Server
View Detail
CVE-2022-21587

Critical Advisory: Oracle E-Business Suite CVE-2022-21587 Exploit Prevention and Remediation

Oracle E-Business Suite contains an unspecified vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator.

E-Business Suite
View Detail
CVE-2023-34362

CVE-2023-34362: Critical SQL Injection in Progress MOVEit Transfer Demands Immediate Action

Progress MOVEit Transfer contains a SQL injection vulnerability that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database.

MOVEit Transfer
View Detail
CVE-2023-22515

CVE-2023-22515: Critical Zero-Day Access Control Vulnerability in Atlassian Confluence

Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence.

Confluence Data Center and Server
View Detail
CVE-2023-29300

CVE-2023-29300 Adobe ColdFusion Deserialization: Critical Security Advisory and Patch Guide

Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for code execution.

ColdFusion
View Detail
CVE-2023-29357

CVE-2023-29357: Critical Microsoft SharePoint Server Authentication Bypass and Privilege Escalation Advisory

Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gained access to spoofed JWT authentication tokens, to use them for executing a network attack. This attack bypasses authentication, enabling the attacker to gain administrator privileges.

SharePoint Server
View Detail
CVE-2023-35082

Critical Ivanti EPMM Authentication Bypass (CVE-2023-35082): Technical Deep Dive and Remediation Guide

Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core contain an authentication bypass vulnerability that allows unauthorized users to access restricted functionality or resources of the application.

Endpoint Manager Mobile (EPMM) and MobileIron Core
View Detail
12