The Hacker News22 天
The Hacker News | #1 Trusted Cybersecurity News Site — Index Page
The vulnerabilities in question are listed below - CVE-2017-3066 (CVSS score: 9.8) - A deserialization vulnerability impacting Adobe ColdFusion in the Apache BlazeDS library that allows for arbitrary ...
theregister22 天
200-plus impressively convincing GitHub repos are serving up malware
CISA adds two flaws to the actively exploited list CISA has added security vulnerabilities in Adobe and Oracle software to its must-patch list after learning of active exploitation attempts. One of ...
heise online23 天
Cyberattacks on Adobe Coldfusion and Oracle Agile PLM observed
The vulnerability abused by attackers in Adobe Coldfusion concerns the Apache BlazeDS library supplied with the program. This contains an “important” Java deserialization vulnerability (CVE ...
CSOonline23 天
Critical deserialization bugs in Adobe, Oracle software actively exploited, warns CISA
The Adobe ColdFusion flaw flagged by CISA is an old Java deserialization bug in the Apache BlazeDS library, which received a critical severity rating of CVSS 9.8 out of 10 because it enables ...
The Hacker News23 天
Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws impacting Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM) to its Known Exploited ...