Monday, December 2, 2024
CISA Exploit List

CISA Active Exploit List Updated December 2, 2022

by Artie Kaye

The US Cybersecurity and Infrastructure Security Agency have added several items to their list of must address exploits. As these are actively being used by attackers in the wild it is recommended to resolve the issues. Below are the companies, CVE numbers, and links to the solutions for said problems.

CompanyCVEPlatformDetails
GoogleCVE-2022-4135Google Chromehttps://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop_24.html
MicorsoftCVE-2022-41049
CVE-2022-41091
CVE-2022-41073
CVE-2022-41125
CVE-2022-41128
Windowshttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41049
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41091
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41073
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41125
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41128
OracleCVE-2021-35587Oracle Access Managerhttps://www.oracle.com/security-alerts/cpujan2022.html
SamsungCVE-2021-25337
CVE-2021-25369
CVE-2021-25370
Samsung Mobilehttps://security.samsungmobile.com/securityUpdate.smsb

For a more comprehensive list of all vulnerabilities, visit cisa.gov (Opens in a new tab/window.)