Security Advisories
Date
Type
Subject
Description
Products
March 17, 2020
Security Enhancements
Salesforce has not experienced any significant business impacts
—
November 29, 2019
Vulnerability
Remote Code Execution in Mule runtime and API Gateway
MuleSoft
August 30, 2019
Vulnerability
Directory Traversal in MuleSoft Runtime
MuleSoft
July 1, 2019
Security Enhancements
If your organization is impacted by an information security incident, your organization’s Security Contact(s) will be notified.
—
May 13, 2019
Security Enhancements
Potential impact to default sharing settings
—
November 28, 2018
Email Scam
Salesforce-themed phishing campaign
—
October 5, 2018
Vulnerability
Security vulnerability impact on Salesforce Sites and Communities
—
September 21, 2018
Vulnerability
Vulnerability of Twitter Account Activity API
—
June 27, 2017
Vulnerability/Ransomware
Malware leveraging MS17-010 (AKA EternalBlue) Vulnerability
—
June 21, 2017
Malware
Malware may target Salesforce Users.
—
May 15, 2017
Ransomware
Ransomware targeting Windows "Eternal Blue" vulnerability.
—
May 3, 2017
Email Scam
Google Docs invitation containing a phishing link.
—
February 27, 2017
Service Provider Vulnerability
Cloudflare, an embedded content delivery network and internet security services provider, disclosed a security vulnerability in their edge servers, which could expose information such as HTTP cookies, authentication tokens, and HTTP POST bodies.
—
