17 matches found
CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added four security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The list of flaws is as follows - CVE-2014-3931 CVSS score: 9.8 - A buffer overflow...
PT-2025-27025 · Undefined · Undefined
A Historic First: BMC Vulnerability CVE-2024-054085 Joins CISA's Most Critical List https://t.co/WMMWeavYPb In June 2025, for the first time, CISA added a Baseboard Management Controller vulnerability to its Known Exploited Vulnerabilities catalog. While BMC vulnerabilities h…...
PT-2025-24634 · Undefined · Undefined
CISA has just added three new vulnerabilities to its Known Exploited Vulnerabilities KEV catalog: Erlang OTP CVE-2024-39992 OpenSSH CVE-2024-39993 Roundcube Webmail CVE-2024-39994 These vulnerabilities are actively being exploited in the wild and must be patched by June 25, 2025, as per Binding...
PT-2025-24632 · Undefined · Undefined
CISA has just added three new vulnerabilities to its Known Exploited Vulnerabilities KEV catalog: Erlang OTP CVE-2024-39992 OpenSSH CVE-2024-39993 Roundcube Webmail CVE-2024-39994 These vulnerabilities are actively being exploited in the wild and must be patched by June 25, 2025, as per Binding...
PT-2025-24633 · Undefined · Undefined
CISA has just added three new vulnerabilities to its Known Exploited Vulnerabilities KEV catalog: Erlang OTP CVE-2024-39992 OpenSSH CVE-2024-39993 Roundcube Webmail CVE-2024-39994 These vulnerabilities are actively being exploited in the wild and must be patched by June 25, 2025, as per Binding...
CVE-2025-4364
creationtimestamp| type| source ---|---|--- 2025-05-20 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-140-11...
CVE-2025-24517
creationtimestamp| type| source ---|---|--- 2025-03-25 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-084-04 2025-03-31 05:31:23+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9592 2025-03-31 09:09:22+00:00| seen| https://t.me/cvedetector/21558 2025-08-10...
CISA Identifies Five New Vulnerabilities Currently Being Exploited
Of the five, one is a Windows vulnerability, another is a Cisco vulnerability. We don't have any details about who is exploiting them, or how. News article. Slashdot thread...
CVE-2024-41981
creationtimestamp| type| source ---|---|--- 2024-10-10 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-284-02 2024-12-12 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-347-06...
CVE-2024-24806
creationtimestamp| type| source ---|---|--- 2024-02-07 23:32:00+00:00| seen| https://t.me/ctinow/181034 2024-02-08 13:51:42+00:00| seen| https://t.me/ctinow/181374 2024-02-11 13:42:46+00:00| seen| https://t.me/arpsyndicate/3390 2024-02-15 08:17:10+00:00| seen| https://t.me/ctinow/185329 2024-04-1...
Qualys WAS Unveils New Features in an Upgraded User Interface
Qualys Web Application Scanning WAS has been at the forefront of web application and API security innovation, and today, were excited to announce a significant leap - the launch of our New User Interface UI. From improved performance and reliability to cutting-edge technology adoption and enhance...
CISA Adds Two Known Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-41064 Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow CVE-2023-41061 Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability These types of...
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-38035 Ivanti Sentry Authentication Bypass Vulnerability CVE-2023-27532 Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function...
CVE-2022-4378
creationtimestamp| type| source ---|---|--- 2022-11-19 15:36:37+00:00| seen| https://t.me/itsecnews/1806 2023-01-05 18:22:30+00:00| seen| https://t.me/cibsecurity/55982 2025-04-15 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-08...
CVE-2022-2588
creationtimestamp| type| source ---|---|--- 2022-08-11 06:10:49+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/2911 2022-08-22 23:52:30+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/3001 2022-08-23 06:42:54+00:00| published-proof-of-concept|...
A week in security (March 14 – 20)
Last week on Malwarebytes Labs: Beware of this bogus and phishy “Instagram Support” email Meet Exotic Lily, access broker for ransomware and other malware peddlers Double header: IsaacWiper and CaddyWiper How to protect RDP Online Safety Bill’s provisions for “legal but harmful” content described...
CVE-2018-7857
creationtimestamp| type| source ---|---|--- 2019-05-22 20:48:23+00:00| seen| https://t.me/cvemitreorg/162 2025-04-24 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-01...