#CVE2022

A year on, CISA realizes debunked vuln actually a dud and removes it from must-patch list

by

December 6, 2023 at 09:52AM CISA removed CVE-2022-28958, a supposed critical flaw in a D-Link router, from its Known Exploited Vulnerability catalog after a review revealed it was not a real vulnerability. VulnCheck debunked the issue, originally believed to allow remote code execution. The flaw was included due to an invalid proof of concept but … Read more

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

by

December 6, 2023 at 04:54AM Atlassian patched four critical vulnerabilities in its software, addressing remote code execution risks. CVEs 2022-1471, 2023-22522, 2023-22523, and 2023-22524, with CVSS scores up to 9.8, affect various products including Confluence and Jira. Prior critical flaw in Bamboo also mentioned. Urgent updates recommended. Meeting Takeaways from Dec 06, 2023 – Software … Read more