Cyber Security Advisories

The following cyber advisory was issued by the New York State Office of Information Technology Services and is intended for State government entities. The information may or may not be applicable to the general public and, accordingly, the State does not warrant its use for any specific purposes
No. Date Titlesort descending
#2022-041 03/29/2022 A Vulnerability in Sophos Firewall Could Allow for Arbitrary Remote Code Execution
#2020-106 08/05/2020 A Vulnerability in TeamViewer Cloud Allow for Offline Password Cracking
#2020-016 UPDATED 02/05/2020 A Vulnerability in Telerik UI for ASP.NET Could Allow for Arbitrary Code Execution
#2022-096 08/01/2022 A Vulnerability in the Grails Framework Could Allow for Remote Code Execution (CVE-2022-35912)
#2020-047 04/09/2020 A Vulnerability in the HTTP interface of the Grandstream UCM62XX Series Could Allow for Remote Code Execution (CVE-2020-5722)
#2020-006 - UPDATED 01/14/2020 A Vulnerability in the Microsoft Cryptographic Library CRYPT32.DLL Could Allow for Remote Code Execution
#2022-044 04/04/2022 A Vulnerability in Trend Micro Apex Central Could Allow for Arbitrary File Upload
#2022-071 05/18/2022 A Vulnerability in VMware Products Could Allow for Authentication Bypass
#2021-027 02/18/2021 A Vulnerability in WebKitGTK and WPE WebKit Could Allow for Arbitrary Code Execution
#2020-031 03/03/2020 A Vulnerability in WordPress Duplicator Plugin Could Allow for Arbitrary File Downloads
#2020-063 05/08/2020 A Vulnerability in WordPress Elementor Pro Plugin Could Allow for Remote Code Execution
#2020-123 09/04/2020 A Vulnerability in WordPress File Manager Plugin Could Allow for Remote Code Execution
#2020-008 01/16/2020 A Vulnerability in WordPress InfiniteWP Client Plugin Could Allow for Authentication Bypass
#2022-058 04/26/2022 A Vulnerability in WSO2 Products Could Allow for Remote Code Execution
#2022-008 01/18/2022 A Vulnerability in Zoho Desktop Central and Desktop Central MSP Could Allow for Authentication Bypass
#2020-115 08/13/2020 A Vulnerability in Zoho ManageEngine ADSelfService Plus Could Allow for Remote Code Execution
#2020-076 06/04/2020 A Vulnerability in Zoom Client Could Allow for Arbitrary Code Execution
#2021-001 01/04/2021 A vulnerability in Zyxel Firewall and AP Controllers Could Allow for Administrative Access
#2022-068 05/16/2022 A vulnerability in Zyxel Firewall and VPN Could Allow for Arbitrary Code Execution
#2022-043 04/04/2022 A Vulnerability in Zyxel Firewall Could Allow for Authentication Bypass

Pages

Cyber Security Advisories