Lucene search
K

36 matches found

Schneier on Security
Schneier on Security
added 2025/12/29 12:7 p.m.6 views

Are We Ready to Be Governed by Artificial Intelligence?

Artificial Intelligence AI overlords are a common trope in science-fiction dystopias, but the reality looks much more prosaic. The technologies of artificial intelligence are already pervading many aspects of democratic government, affecting our lives in ways both large and small. This has occurr...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/21 7:26 a.m.24 views

CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks

A high-severity security flaw impacting the Craft content management system CMS has been added by the U.S. Cybersecurity and Infrastructure Security Agency CISA to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability in question is...

9.3CVSS8.3AI score0.97446EPSS
Exploits10
CISA
CISA
added 2024/12/30 12:0 p.m.19 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-3393link is external Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber...

8.7CVSS7.8AI score0.26636EPSS
In wildExploits0References6
CISA
CISA
added 2024/12/19 12:0 p.m.15 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-12356link is external BeyondTrust Privileged Remote Access PRA and Remote Support RS Command Injection Vulnerability These types of vulnerabilities are frequent...

9.8CVSS10AI score0.87991EPSS
In wildExploits8References6
CISA
CISA
added 2024/12/16 12:0 p.m.56 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20767link is external Adobe ColdFusion Improper Access Control Vulnerability CVE-2024-35250link is external Microsoft Windows Kernel-Mode Driver Untrusted...

7.8CVSS7.7AI score0.98514EPSS
In wildExploits14References7
CISA
CISA
added 2024/12/03 12:0 p.m.22 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-45727link is external North Grid Proself Improper Restriction of XML External Entity XEE Reference Vulnerability CVE-2024-11680link is external ProjectSend...

9.8CVSS8.9AI score0.99698EPSS
In wildExploits22References11
The Hacker News
The Hacker News
added 2024/10/23 12:54 p.m.44 views

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)

A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities KEV catalog by the U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-38094 CVSS score: 7.2,...

8.1CVSS8.3AI score0.47826EPSS
Exploits2
CISA
CISA
added 2024/10/22 12:0 p.m.23 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38094link is external link is externalMicrosoft SharePoint Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious...

7.2CVSS7.3AI score0.47826EPSS
In wildExploits1References7
CISA
CISA
added 2024/10/15 12:0 p.m.16 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-30088link is external Microsoft Windows Kernel TOCTOU Race Condition Vulnerability CVE-2024-9680link is external Mozilla Firefox Use-After-Free Vulnerability...

9.8CVSS8.8AI score0.93299EPSS
In wildExploits13References9
CISA
CISA
added 2024/09/30 12:0 p.m.13 views

CISA’s VDP Platform 2023 Annual Report Showcases Success

Today, the Cybersecurity and Infrastructure Security Agency CISA released its Vulnerability Disclosure Policy VDP Platform 2023 Annual Report, highlighting the service’s remarkable success in 2023, its second full year of operation. Throughout 2023, CISA focused on advocating for the increased...

7.3AI score
Exploits0References3
The Hacker News
The Hacker News
added 2024/09/25 6:1 a.m.29 views

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic Manager vTM to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2024-7593 CVSS...

9.8CVSS7.7AI score0.99987EPSS
Exploits7
The Hacker News
The Hacker News
added 2024/08/28 6:50 a.m.31 views

CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource planning ERP system to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The...

9.8CVSS8.2AI score0.99442EPSS
Exploits15
CISA
CISA
added 2024/08/26 12:0 p.m.22 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-7971link is external Google Chromium V8 Type Confusion Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and po...

9.6CVSS9.7AI score0.19272EPSS
In wildExploits2References6
CISA
CISA
added 2024/07/15 12:0 p.m.18 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-36401 OSGeo GeoServer GeoTools Eval Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

9.8CVSS7.6AI score0.99813EPSS
In wildExploits25References6
CISA
CISA
added 2024/05/20 12:0 p.m.12 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-4947 Google Chromium V8 Type Confusion Vulnerability CVE-2023-43208 NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability These type...

9.8CVSS7.2AI score0.82708EPSS
In wildExploits23References7
CISA
CISA
added 2024/05/14 12:0 p.m.18 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-30051 Microsoft DWM Core Library Privilege Escalation Vulnerability CVE-2024-30040 Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability Thes...

8.8CVSS7AI score0.05687EPSS
In wildExploits2References7
CISA
CISA
added 2024/04/24 12:0 p.m.17 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20353 Cisco ASA and FTD Denial of Service Vulnerability CVE-2024-20359 Cisco ASA and FTD Privilege Escalation Vulnerability CVE-2024-4040 CrushFTP VFS Sandbo...

10CVSS8.9AI score0.99539EPSS
In wildExploits24References8
The Hacker News
The Hacker News
added 2024/03/27 1:15 p.m.71 views

CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a security flaw impacting the Microsoft Sharepoint Server to its Known Exploited Vulnerabilities KEV catalog based on evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2023-24955 CVSS score: 7.2,...

9.8CVSS8.3AI score0.99649EPSS
Exploits11
CISA
CISA
added 2024/01/31 12:0 p.m.19 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-21893 Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery SSRF Vulnerability These types of vulnerabilities are frequent attack vectors...

8.2CVSS9.7AI score0.99999EPSS
In wildExploits5References6
CISA
CISA
added 2024/01/31 12:0 p.m.13 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2022-48618 Apple Multiple Products Memory Corruption Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

7CVSS6.9AI score0.00487EPSS
In wildExploits0References6
Rows per page
Query Builder