8/5至8/11 Known Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2024-08-19
- 點閱次數:427
- 內容說明:
CISA於8/5至8/11在Known Exploited Vulnerabilities Catalog(KEV)中發布3個已遭駭客利用之漏洞。
- 影響平台:
受影響廠商與產品名稱如下:
Microsoft|Microsoft COM for Windows
Apache|OFBiz
Android|Kernel
- 處置建議:
修補說明請參考以下官方連結:
Microsoft|Microsoft COM for Windows
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2018-0824
Apache|OFBiz
此漏洞影響產品為開源套件,實際修補方式請參考各家廠商的說明,需要更多資訊可參考以下網址:
https://lists.apache.org/thread/w6s60okgkxp2th1sr8vx0ndmgk68fqrd
Android|Kernel
此漏洞影響產品為開源套件,實際修補方式請參考各家廠商的說明,需要更多資訊可參考以下網址:
https://source.android.com/docs/security/bulletin/2024-08-01
https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T/#u
- CVE編號:
CVE-2018-0824
CVE-2024-32113
CVE-2024-36971
相關連結
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- https://nvd.nist.gov/vuln/detail/CVE-2018-0824
- https://nvd.nist.gov/vuln/detail/CVE-2024-32113
- https://nvd.nist.gov/vuln/detail/CVE-2024-36971
- https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2018-0824
- https://lists.apache.org/thread/w6s60okgkxp2th1sr8vx0ndmgk68fqrd
- https://source.android.com/docs/security/bulletin/2024-08-01
- https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T/#u