Apple has released security updates for Apple iOS 15.4.1, iPadOS 15.4.1 and macOS Monterey 12.3.1 products. Apple is aware of known exploits in the wild for a zero-day vulnerabilities CVE-2022-22675 and CVE-2022-22674.
Google has released Chrome 100.0.4896.60 for Windows, Mac and Linux with fixes for multiple High risk vulnerabilities. In addition, Google also issued security updates for Chrome for iOS, Chrome for Android and Chrome OS.
VMware has patched two Critical vulnerabilities (CVE-2022-22951, CVE-2022-22952) in VMware Carbon Black App Control (AppC).
Google has released Chrome 99.0.4844.84 for Windows, Mac and Linux with fixes for multiple vulnerabilities, to include one zero-day (CVE-2022-1096) exploited in the wild.
The Cybersecurity and Infrastructure Security Agency (CISA) has added 66 vulnerabilities to its Known Exploited Vulnerabilities Catalog. Recent additions include WatchGuard, Mitel, Windows and many other product vulnerabilities.
Drupal has patched a Guzzle third-party library vulnerability (CVE-2022-24775) that affects multiple versions of Drupal Core.
A CRI-O vulnerability CVE-2022-0811 in Kubernetes could allow an attacker to take control of affected Kubernetes environment, as well as other software/environments that use CRI-O runtime containers.
The Internet Systems Consortium (ISC) has released security updates that fix two High risk vulnerabilities in multiple versions of ISC Berkeley Internet Name Domain (BIND). Two Medium severity issues were also addressed.
OpenSSL has patched one High risk vulnerability CVE-2022-0778 in certain OpenSSL versions. As a result, a bad actor could cause an Infinite loop in the BN_mod_sqrt() function that could result in a denial of service (DoS) condition.
Drupal has patched two Moderately Critical HTML processing and denial of service vulnerabilities (CVE-2022-24728 and CVE-2022-24729) that affect multiple versions of Drupal Core.
