News
2023-099: Critical Vulnerabilities in Ivanti Avalanche
On December 20, 2023, Ivanti has released security updates to fix 13 critical security vulnerabilities in the company's Avalanche enterprise mobile device management (MDM) solution. These vulnerabilities, if exploited, could lead to Remote Code Execution or Denial of Service. The updates also cover 8 medium- and high-severity bugs
2023-098: SMTP Smuggling Vulnerability in CISCO Secure Email Gateway
On December 18, 2023, researchers from SEC Consult released an article about an SMTP Smuggling vulnerability affecting products from several vendors such as Microsoft, GMX or Cisco. While the vulnerability was fixed in GMX and Microsoft products, it is considered as a feature in Cisco Secure Email Gateway and Cisco
2023-097: Critical Vulnerabilities in Microsoft Products
On December 12, 2023, Microsoft released the December 2023 Patch Tuesday which includes security updates for a total of 35 flaws. Among the vulnerabilities, four were rated as critical. It is recommended updating affected products as soon as possible. Microsoft December 2023 Patch Tuesday Security Updates Microsoft December 2023 Patch
Téli szünet
A CTR tizenötödik hónapja végzi áldozatos munkáját, érdemeink vitathatatlanok, hibáink talán elhanyagolhatóak.
2023-095: Critical Vulnerability in Apache Struts - with Mittre TTPs
On December 7, 2023, The Apache Struts group released an update addressing a critical security vulnerability in Apache Struts. This vulnerability could lead, under some circumstances, to remote code execution. It is recommended to upgrade to a not vulnerable version as soon as possible. Apache Struts Security Vulnerability Apache Struts