CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2026-21643 CVSS score: 9.1 - An SQL injection...

Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability

Microsoft Visual Basic for Applications VBA contains an insecure library loading vulnerability that could allow for remote code execution...

CVE-2026-20058 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Denial of Service Vulnerability

Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnerabilities are due to improper error checking when decompressing VBA data. An attacker could exploit...

CVE-2026-20057

CVE-2026-20057 affects multiple Cisco products via the Snort 3 VBA feature. The issue stems from lack of proper error checking when decompressing VBA data, enabling an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash and restart, resulting in a DoS (availability imp...

CVE-2026-20053 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Heap Overflow Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper range checking when decompressing VBA data, which is user controlled. An...

PT-2026-23020

Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications VBA feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to lack of proper error checking when decompressing VBA...

Update for Windows 7 SP1 and Windows Server 2008 R2 SP1: August 16, 2019

Update for Windows 7 SP1 and Windows Server 2008 R2 SP1: August 16, 2019 Summary This non-security update for Windows 7 SP1 and Windows Server 2008 R2 SP1 includes the quality improvements from KB4512486 released August 16, 2019, in addition to these key changes: Addresses an issue in which the...

August 13, 2019—KB4512518 (Monthly Rollup)

August 13, 2019—KB4512518 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4507447 released July 16, 2019 and addresses the following issues: Security updates to Windows App Platform and Frameworks, Windows Wireless Networking...

Update for Windows Server 2008 SP2: April 25, 2019

Update for Windows Server 2008 SP2: April 25, 2019 Summary This update includes the quality improvements from KB4493458, in addition to new Japanese Era related changes. Key changes include: Updates the NLS registry to support the new Japanese Era. Addresses an issue that causes the Date and Time...

CVE-2012-1854

Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications VBA; and Summit Microsoft Visual Basic for Applications SDK allows local users to gain privileges via a Trojan horse DLL in the current...

Security update 1970-01-01

...