New data shows that enterprises are not updating their Confluence instances to address a critical code execution flaw.
Attackers are targeting SAP enterprise applications that have not been updated to address previously-fixed flaws, researchers warn.
From a vulnerability management perspective, it makes sense for defenders to be aware of which vulnerabilities have publicly available exploit code. Increasingly, much of that code is beginning to appear on GitHub.
Citrix has fixed 11 vulnerabilities in its ADC, Gateway, and SD-WAN appliances, some which could allow authenticated access to a target appliance.
A buffer overflow in the memcached tool has been patched after a public disclosure of the details and proof-of-concept exploit code.