Cyber Security Advisories

The following cyber advisory was issued by the New York State Office of Information Technology Services and is intended for State government entities. The information may or may not be applicable to the general public and, accordingly, the State does not warrant its use for any specific purposes
No. Date Titlesort descending
#2022-096 08/01/2022 A Vulnerability in the Grails Framework Could Allow for Remote Code Execution (CVE-2022-35912)
#2020-047 04/09/2020 A Vulnerability in the HTTP interface of the Grandstream UCM62XX Series Could Allow for Remote Code Execution (CVE-2020-5722)
#2020-006 - UPDATED 01/14/2020 A Vulnerability in the Microsoft Cryptographic Library CRYPT32.DLL Could Allow for Remote Code Execution
#2022-044 04/04/2022 A Vulnerability in Trend Micro Apex Central Could Allow for Arbitrary File Upload
#2022-071 05/18/2022 A Vulnerability in VMware Products Could Allow for Authentication Bypass
#2021-027 02/18/2021 A Vulnerability in WebKitGTK and WPE WebKit Could Allow for Arbitrary Code Execution
#2020-031 03/03/2020 A Vulnerability in WordPress Duplicator Plugin Could Allow for Arbitrary File Downloads
#2020-063 05/08/2020 A Vulnerability in WordPress Elementor Pro Plugin Could Allow for Remote Code Execution
#2020-123 09/04/2020 A Vulnerability in WordPress File Manager Plugin Could Allow for Remote Code Execution
#2020-008 01/16/2020 A Vulnerability in WordPress InfiniteWP Client Plugin Could Allow for Authentication Bypass
#2022-058 04/26/2022 A Vulnerability in WSO2 Products Could Allow for Remote Code Execution
#2022-008 01/18/2022 A Vulnerability in Zoho Desktop Central and Desktop Central MSP Could Allow for Authentication Bypass
#2020-115 08/13/2020 A Vulnerability in Zoho ManageEngine ADSelfService Plus Could Allow for Remote Code Execution
#2020-076 06/04/2020 A Vulnerability in Zoom Client Could Allow for Arbitrary Code Execution
#2021-001 01/04/2021 A vulnerability in Zyxel Firewall and AP Controllers Could Allow for Administrative Access
#2022-068 05/16/2022 A vulnerability in Zyxel Firewall and VPN Could Allow for Arbitrary Code Execution
#2022-043 04/04/2022 A Vulnerability in Zyxel Firewall Could Allow for Authentication Bypass
#2020-147 - UPDATED 10/22/2020 A Vulnerability with Cisco Adaptive Security Appliance and Firepower Threat Defense Could Allow for Denial of Service
#2020-119 08/20/2020 A Vulnerability with Cisco Small Business, Smart, and Managed Switches Could Allow for Denial of Service
#2020-092 07/13/2020 Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP Appliance Security Update. Fixed builds have been released for all supported versions of Citrix ADC, Citrix Gateway and Citrix SD-WAN WANOP

Pages

Cyber Security Advisories