Sunday, November 24, 2024
CISA Exploit List

CISA Update August, 2023

by Artie Kaye

The Cybersecurity and Infrastructure Security Agency (CISA) keeps an updated list of actively exploited vulnerabilities. While the list is aimed to keep governmental agencies secure, the private sector benefits greatly by following through on the recommended updates.  

    Company                  CVE                        Platform                                                                  Details                                                        
AdobeCVE-2023-38205Coldfusionhttps://helpx.adobe.com/security/products/coldfusion/apsb23-47.html
CVE-2023-29298Coldfusionhttps://helpx.adobe.com/security/products/coldfusion/apsb23-40.html
AppleCVE-2023-38606MultipleiOS 16.6 and iPadOS 16.6
https://support.apple.com/en-us/HT213841
iOS 15.7.8 and iPadOS 15.7.8
https://support.apple.com/en-us/HT213842
macOS Ventura 13.5
https://support.apple.com/en-us/HT213843
macOS Monterey 12.6.8
https://support.apple.com/en-us/HT213844
macOS Big Sur 11.7.9
https://support.apple.com/en-us/HT213845
tvOS 16.6
https://support.apple.com/en-us/HT213846
watchOS 9.6
https://support.apple.com/en-us/HT213848
CVE-2023-37450 MultipleSafari 16.5.2
https://support.apple.com/en-us/HT213826
iOS 16.6 and iPad 16.6
https://support.apple.com/en-us/HT213841
macOS Ventura 13.5
https://support.apple.com/en-us/HT213843
tvOS 16.6
https://support.apple.com/en-us/HT213846
WatchOS 9.6
https://support.apple.com/en-us/HT213848
ArmCVE-2021-29256Mali GPUhttps://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
CitrixCVE-2023-3519NetScaler ADC and NetScaler Gatewayhttps://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467
IvantiCVE-2023-35078Endpoint Manager Modulehttps://forums.ivanti.com/s/article/CVE-2023-35078-Remote-unauthenticated-API-access-vulnerability?language=en_US
CVE-2023-35081Endpoint Manager Modulehttps://forums.ivanti.com/s/article/CVE-2023-35081-Arbitrary-File-Write?language=en_US
MicrosoftCVE-2023-36874Windowshttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36874
CVE-2023-35311Outlookhttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-35311
CVE-2023-32049Windowshttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-32049
CVE-2023-32046Windowshttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-32046
CVE-2023-36884Windows and Officehttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884
NetwrixCVE-2022-31199Auditorhttps://security.netwrix.com/Account/SignIn?ReturnUrl=%2FAdvisories%2FADV-2022-003
(Requires login to access patch.)
SolarViewCVE-2022-29303Compacthttps://jvn.jp/en/vu/JVNVU92327282/
ZimbraCVE-2023-37580Collaborationhttps://wiki.zimbra.com/wiki/Security_Center

For a more comprehensive list of all vulnerabilities, visit cisa.gov (Opens in a new tab/window.)