Lucene search
K

94 matches found

CISA
CISA
added 2026/04/20 12:0 p.m.11 views

CISA Adds Eight Known Exploited Vulnerabilities to Catalog

CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2023-27351link is external PaperCut NG/MF Improper Authentication Vulnerability CVE-2024-27199link is external JetBrains TeamCity Relative Path Traversal...

8.2CVSS5.8AI score0.99991EPSS
In wildExploits26References13
The Hacker News
The Hacker News
added 2026/04/17 7:14 a.m.10 views

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

The National Institute of Standards and Technology NIST has announced changes to the way it handles cybersecurity vulnerabilities and exposures CVEs listed in its National Vulnerability Database NVD, stating it will only enrich those that fulfil certain conditions owing to an explosion in CVE...

5.8AI score
Exploits0
CISA
CISA
added 2026/04/13 12:0 p.m.7 views

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2012-1854link is external Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability CVE-2020-9715link is external Adobe Acrobat...

9.8CVSS5.9AI score0.94085EPSS
In wildExploits9References12
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.5 views

PT-2026-30585

The setup: 4 agents chain off each other in a loop, each reacting to the previous response. Dominus — finds a new vulnerability angle from the CISA KEV catalog Axiom — adds one new technical detail to the finding Cipher — identifies one specific flaw in the previous argument Vector — names one...

5.9AI score
Exploits0References3
The Hacker News
The Hacker News
added 2026/01/24 8:9 a.m.13 views

CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The vulnerability ...

9.8CVSS7AI score0.54143EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/10/07 12:0 a.m.2 views

Debian: Security Advisory (DLA-4323-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS6.8AI score0.02775EPSS
Exploits9References4
Information Security Automation
Information Security Automation
added 2025/05/29 9:46 p.m.15 views

About Cross Site Scripting – MDaemon Email Server (CVE-2024-11182)

About Cross Site Scripting - MDaemon Email Server CVE-2024-11182. An attacker can send an HTML-formatted email containing malicious JavaScript code embedded in an img tag. If the user opens the email in the MDaemon Email Server's web interface, the malicious JavaScript code will execute in the...

6.1CVSS7.3AI score0.58483EPSS
Exploits4
The Hacker News
The Hacker News
added 2025/05/06 4:24 a.m.35 views

Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence

A recently disclosed critical security flaw impacting the open-source Langflow platform has been added to the Known Exploited Vulnerabilities KEV catalog by the U.S. Cybersecurity and Infrastructure Security Agency CISA, citing evidence of active exploitation. The vulnerability, tracked as...

9.8CVSS10AI score0.99968EPSS
Exploits33
ATTACKERKB
ATTACKERKB
added 2025/04/25 12:0 a.m.18 views

CVE-2025-3928

Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault advisory: “Webservers can be compromised through bad actors creating and executing webshells.” Fixed in version 11.36.46, 11.32.89, 11.28.141, and 11.20.217...

8.8CVSS8.7AI score0.01932EPSS
In wildExploits0References7
The Hacker News
The Hacker News
added 2025/03/20 9:43 a.m.27 views

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a high-severity security flaw impacting NAKIVO Backup & Replication software to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2024-48248 CVSS...

9.3CVSS8.8AI score0.94557EPSS
Exploits7
The Hacker News
The Hacker News
added 2025/02/05 5:5 a.m.24 views

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added four security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2024-45195 CVSS score: 7.5/9.8 - A forced...

9.8CVSS8.7AI score0.99983EPSS
Exploits13
The Hacker News
The Hacker News
added 2024/12/24 9:25 a.m.13 views

CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a now-patched high-severity security flaw impacting Acclaim Systems USAHERDS to the Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation in the wild. The vulnerability in question is...

8.1CVSS8.2AI score0.17578EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/10/28 1:13 a.m.5 views

webkitgtk: type confusion may lead to arbitrary code execution

A flaw was found in WebKitGTK. Processing malicious web content may lead to remote code execution due to a type confusion issue. This vulnerability is known to be actively exploited in the wild and was included in the CISA's KEV catalog...

8.8CVSS7.8AI score0.10593EPSS
Exploits6References6
The Hacker News
The Hacker News
added 2024/10/22 4:47 a.m.47 views

CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation as a zero-day. The vulnerability in question, tracked as CVE-2024-9537 CV...

9.8CVSS9.7AI score0.61725EPSS
Exploits8
The Hacker News
The Hacker News
added 2024/10/16 4:54 a.m.28 views

CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk WHD software to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. Tracked as CVE-2024-28987 CVSS score: 9.1, the...

9.8CVSS7.3AI score0.93159EPSS
Exploits5
The Hacker News
The Hacker News
added 2024/09/25 6:1 a.m.29 views

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic Manager vTM to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2024-7593 CVSS...

9.8CVSS7.7AI score0.99987EPSS
Exploits7
The Hacker News
The Hacker News
added 2024/08/20 4:53 a.m.58 views

CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities KEV catalog, following its exploitation in ransomware attacks. The vulnerability, tracked as CVE-2024-23897 CVSS score: 9.8, is a path travers...

9.8CVSS9.9AI score0.99999EPSS
Exploits46
The Hacker News
The Hacker News
added 2024/08/06 6:12 a.m.80 views

Google Patches New Android Kernel Vulnerability Exploited in the Wild

Google has addressed a high-severity security flaw impacting the Android kernel that it said has been actively exploited in the wild. The vulnerability, tracked as CVE-2024-36971, has been described as a case of remote code execution impacting the kernel. "There are indications that CVE-2024-3697...

8.8CVSS8AI score0.73469EPSS
Exploits7
hivepro
hivepro
added 2024/07/02 2:59 a.m.8 views

CISA Known Exploited Vulnerability Catalog June 2024

Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce...

7.5AI score
Exploits0
hivepro
hivepro
added 2024/06/05 11:8 a.m.8 views

CISA Known Exploited Vulnerability Catalog May 2024

Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce...

7.5AI score
Exploits0
Rows per page
Query Builder