Web Application Common 1010225 - Liferay Portal Untrusted Deserialization Vulnerability (CVE-2020-7961)
Web Client Common 1010226 - Microsoft Windows JET Database Engine Remote Code Execution Vulnerability (CVE-2020-0953)
Web Server Common 1010080* - Identified Usage Of FreeSWITCH Event Socket Interface
Web Server Oracle 1010223 - Oracle WebLogic Java Messaging Service Unspecified Vulnerability (CVE-2016-0638)
Web Server SharePoint 1010227 - Microsoft SharePoint Scorecards Deserialization Of Untrusted Data Remote Code Execution Vulnerability (CVE-2020-0931) 1010228 - Microsoft SharePoint TypeConverter Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2020-0932)
Integrity Monitoring Rules:
1003168* - Unix - Open Port Monitor
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Our two-year research provides insights into the life cycle of exploits, the types of exploit buyers and sellers, and the business models that are reshaping the underground exploit market.
Malicious attacks have consistently been launched on weak points in the supply chain. Like all attacks, these will evolve into more advanced forms. Software development, with multiple phases that could be placed at risk, is particularly vulnerable.