Atlassian Confluence Data Center and Server contain an unauthenticated OGNL template injection vulnerability that can lead to remote code execution.
// weekly digest
// weekly digest
// weekly digest
2024-01-22 00:00 UTC 2024-01-28 23:59 UTC
// total
0
// critical
0
// high
0
// medium
0
// low
0
// new kev
3
// top critical
No CRITICAL CVEs published this week.
// top high
No HIGH CVEs published this week.
// new kev additions
Atlassian Confluence Data Center and Server contain an unauthenticated OGNL template injection vulnerability that can lead to remote code execution.
Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol that allows an attacker to conduct remote code execution.