Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
3340 Results
Applications Requiring VPN
- Faculty
- Research Staff
- Staff
- Student
Accessing Canva (for Non-Learner Users)
The process for accessing Canva as a non-learner user is simple. This page will walk you through the process for accessing Canva from start to finish!
- Affiliate
- Staff
- Technical Partner
- Email & Collaboration
UCSF IT Security Incident Response Statistics
03/19/25: Actively Exploited, Zero Day, Critical Vulnerability in Open-Source Apache Tomcat Web Server
Actively Exploited, Zero Day, Critical Vulnerability in Open-Source Apache Tomcat Web Server. The vulnerability can be exploited to perform remote code execution (RCE).For a complete description of the vulnerabilities and affected systems, go to CVE-2025-24813-PoC /Tomcat_CVE-2025-24813_RCE.py.IT Security
03/19/25: Critical and Other Vulnerabilities in GitLab Community Edition (CE) and Enterprise Edition (EE)
Gitlab released security updates to address Critical and other vulnerabilities in GitLab Community Edition (CE) and Enterprise Edition (EE). These vulnerabilities allow an authenticated attacker with access to a valid signed SAML document to impersonate another user within the same SAML Identity Provider (IdP) environment.For a complete description of the vulnerabilities and affected systems, go to GitLab Critical Patch Release: 17.9.2, 17.8.5, 17.7.7.
03/19/25: Vulnerability in Junos OS
Juniper released security updates to address a vulnerability in Junos OS. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device.
03/19/25: Vulnerabilities in Multiple Cisco Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products.For a complete description of the vulnerabilities and affected systems, go to Cisco Security Advisories.IT Security Read more about IT Security service offerings.
03/19/25: Actively Exploited Zero-Day in FreeType
FreeType released security updates to address an Actively Exploited Zero-Day vulnerability in FreeType. An attacker could exploit this vulnerability to perform remote code execution (RCE).For a complete description of the vulnerabilities and affected systems, go to CVE-2025-27363.IT Security Read more about IT Security service offerings.
03/19/25: High Vulnerabilities in Zoom
Zoom released security updates to address High vulnerabilities in Zoom.For a complete description of the vulnerabilities and affected systems, go to Zoom Security Bulletins.IT Security Read more about IT Security service offerings.