Un défaut dans le module SNMPv2 de puces ASUS ASMB8 iKVM permet à un attaquant distant et non authentifié, en envoyant des requêtes spécifiquement forgées, d’exécuter du code arbitraire sur le système en tant que root.

Apple has released urgent security updates to address a new zero-day vulnerability discovered in WebKit, which attackers are exploiting in the wild.

https://www.vmware.com/security/advisories/VMSA-2023-0001.html

https://www.cert.ssi.gouv.fr/avis/CERTFR-2023-AVI-0002/

https://www.cyberveille-sante.gouv.fr/alertes/wordpress-cve-2022-4049-2023-01-03

Apple has released new security content for iOS 16.1.2 and Safari 16.2. to fix a zero-day security vulnerability that was actively exploited

Sophos addressed several vulnerabilities affecting its Sophos Firewall version 19.5, including arbitrary code execution issues.

https://www.cert.ssi.gouv.fr/avis/CERTFR-2022-AVI-1041/

Google has paid out $70,000 to a security researcher for privately reporting an “accidental” security bug that allowed anyone to unlock Google Pixel phones without knowing its passcode.

GLPI CVE-2022-39323

https://www.cert.ssi.gouv.fr/avis/CERTFR-2022-AVI-949/

CVE-2022-40684