Cyber Security Advisories

The following cyber advisory was issued by the New York State Office of Information Technology Services and is intended for State government entities. The information may or may not be applicable to the general public and, accordingly, the State does not warrant its use for any specific purposes
No. Date Titlesort descending
#2020-141 10/16/2020 Multiple Vulnerabilities in SonicWALL Sonic OS Could Allow for Arbitrary Code Execution
#2022-069 05/16/2022 Multiple Vulnerabilities in SonicWall SSLVPN SMA1000 Series Could Allow for Authentication Bypass
#2020-171 12/21/2020 Multiple Vulnerabilities in Treck TCP/IP Stack Could Allow for Arbitrary Code Execution
#2020-083 06/18/2020 Multiple Vulnerabilities in Treck TCP/IP Stack Could Allow for Remote Code Execution
#2020-164 12/09/2020 Multiple Vulnerabilities in Various Opensource TCP/IP Stack Could Allow for Remote Code Execution
#2022-036 03/15/2022 Multiple Vulnerabilities in Veeam Backup & Replication Could Allow for Remote Code Execution
#2022-049 04/07/2022 Multiple Vulnerabilities in VMware Products Could Allow for Remote Code Execution
#2021-070 05/26/2021 Multiple Vulnerabilities in VMWare Products Could Allow for Information Disclosure
#2020-158 11/19/2020 Multiple Vulnerabilities in VMware SD-WAN Orchestrator Could Allow for Arbitrary Code Execution
#2021-117 - UPDATED 09/22/2021 Multiple Vulnerabilities in VMware vCenter Server Could Allow for Remote Code Execution
#2021-072-UPDATED 05/26/2021 Multiple Vulnerabilities in VMware vCenter Server Could Allow for Remote Code Execution
#2021-041 03/31/2021 Multiple Vulnerabilities in VMware vRealize Operations Manager Could Allow for Remote Code Execution
#2020-064 05/12/2020 Multiple Vulnerabilities in VMware vROP Could Allow for Arbitrary Code Execution
#2022-085 06/27/2022 Multiple Vulnerabilities in WatchGuard Firebox and XTM appliances Could Allow for Remote Code Execution
#2021-068 05/12/2021 Multiple Vulnerabilities in Wi-Fi Enabled Devices Could Allow for Data Exfiltration
#2022-003 01/10/2022 Multiple Vulnerabilities in WordPress Could Allow for SQL Injection
#2022-045 04/04/2022 Multiple Vulnerabilities Vulnerability in Apple Products Could Allow for Local Code Execution
#2021-083 06/24/2021 NYS ITS CYBER SECURITY ADVISORY - A Vulnerability in VMware Carbon Black App Control Could Allow for Authentication Bypass - RISK: HIGH
#2020-051 04/15/2020 Oracle Quarterly Critical Patches Issued April 14, 2020
#2022-057 - UPDATED 04/20/2022 Oracle Quarterly Critical Patches Issued April 19, 2022

Pages

Cyber Security Advisories