Cyber Security Advisories

The following cyber advisory was issued by the New York State Office of Information Technology Services and is intended for State government entities. The information may or may not be applicable to the general public and, accordingly, the State does not warrant its use for any specific purposes
No. Date Titlesort descending
#2022-012 01/24/2022 A Backdoor in WordPress AccessPress Plugins and Themes Could Allow an Attacker Access to a Targeted Website
#2021-037 03/23/2021 A Vulnerability in Adobe ColdFusion Could Allow for Arbitrary Code Execution
#2020-019 02/11/2020 A Vulnerability in Adobe Flash Could Allow for Arbitrary Code Execution (APSB20-06)
#2020-080 06/10/2020 A Vulnerability in Adobe Flash Player Could Allow for Arbitrary Code Execution (APSB20-30)
#2020-139 10/14/2020 A Vulnerability in Adobe Flash Player Could Allow for Arbitrary Code Execution (APSB20-58)
#2021-007 01/12/2021 A Vulnerability in Adobe Photoshop Could Allow for Arbitrary Code Execution (APSB21-01)
#2021-136 10/26/2021 A Vulnerability In an NPM Package Could Allow for Remote Code Execution
#2021-127 - UPDATED 10/06/2021 A Vulnerability in Apache HTTP Server Could Allow for a Path Traversal Attack
#2021-158 - UPDATED 12/10/2021 A Vulnerability in Apache Log4j Could Allow for Arbitrary Code Execution
#2020-161 12/08/2020 A Vulnerability in Apache Struts Could Allow for Remote Code Execution
#2022-056 04/19/2022 A Vulnerability in Apache Struts Could Allow for Remote Code Execution
#2020-029 03/03/2020 A Vulnerability in Apache Tomcat Could Allow for Arbitrary File Reading (CVE-2020-1938)
#2021-131 10/12/2021 A Vulnerability in Apple iOS and iPadOS Could Allow for Arbitrary Code Execution
#2021-033 03/10/2021 A Vulnerability in Apple Products Could Allow for Arbitrary Code Execution
#2020-074 06/02/2020 A Vulnerability in Apple Products Could Allow for Arbitrary Code Execution
#2022-024 02/11/2022 A Vulnerability in Apple Products Could Allow for Arbitrary Code Execution.
#2022-107 08/29/2022 A Vulnerability in Atlassian Bitbucket Server and Data Center Could Allow For Remote Code Execution
#2022-076 - UPDATED 06/03/2022 A Vulnerability in Atlassian Confluence Server and Data Center Could Allow for Remote Code Execution
#2022-061 05/05/2022 A Vulnerability in C Standard Libraries uClibe and uClibe-ng Could Allow for DNS Poisoning
#2022-067 05/12/2022 A Vulnerability in certain HP PC BIOS Could Allow for Local Arbitrary Code Execution

Pages

Cyber Security Advisories