Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2010/03/12 12:0 a.m.15 views

Apple Releases Safari 4.0.5

Apple has released Safari 4.0.5 to address multiple vulnerabilities in ColorSync, ImageIO, PubSub, Safari, and WebKit. These vulnerabilities may allow a remote attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or bypass security restrictions...

7.6AI score
Exploits0References1
CISA
CISA
added 2010/03/08 12:0 a.m.15 views

Energizer DUO USB Battery Charger Software Allows Remote System Access

US-CERT is aware of a backdoor in the software for the Energizer DUO USB battery charger. This backdoor may allow a remote attacker to list directories, send and receive files, and execute programs on an affected system. The software, which has been discontinued, was available for both Windows an...

6.9AI score
Exploits0References1
CISA
CISA
added 2010/01/20 12:0 a.m.15 views

Apple Releases Security Update 2010-001

Apple has released Security Update 2010-001 to address multiple vulnerabilities in a number of applications. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple article HT4004 and...

7.8AI score
Exploits0References1
CISA
CISA
added 2010/01/14 12:0 a.m.15 views

Microsoft Releases Security Advisory 979352

Microsoft has released Security Advisory 979352 to alert users of a vulnerability in Microsoft Internet Explorer. The advisory indicates that exploitation of this vulnerability may allow an attacker to execute arbitrary code. Microsoft also indicates that it is aware of public, active exploitatio...

7.1AI score
Exploits0References3
CISA
CISA
added 2026/06/09 12:0 p.m.14 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-7473link is external Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability CVE-2026-11645link is external Google...

8.8CVSS5.8AI score0.25323EPSS
Exploits7References8
CISA
CISA
added 2025/12/09 12:0 p.m.14 views

CISA Adds One Known Exploited Vulnerability to Catalog

Updated December 9, 2025: Check for signs of potential compromise on all internet accessible REACT instances after applying mitigations. For more information, see React Blog: Critical Security Vulnerability in React Server Componentslink is external. CISA has added one new vulnerability to its...

10CVSS7.8AI score0.99562EPSS
Exploits372References7
CISA
CISA
added 2025/11/18 12:0 p.m.14 views

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-322-01 Schneider Electric EcoStruxure Machine SCADA Expert & Pro-face BLUE Open Studio ICSA-25-322-02 Shel...

6.6AI score
Exploits0References6
CISA
CISA
added 2025/10/24 12:0 p.m.14 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-54236link is external Adobe Commerce and Magento Improper Input Validation Vulnerability CVE-2025-59287link is external Microsoft Windows Server Update...

9.8CVSS6.8AI score0.99962EPSS
Exploits33References7
CISA
CISA
added 2025/07/10 12:0 p.m.14 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-5777link is external Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability These types of vulnerabilities are frequent attack vectors for malicio...

9.3CVSS7.2AI score0.99897EPSS
Exploits18References6
CISA
CISA
added 2025/04/08 12:0 p.m.14 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-30406link is external Gladinet CentreStack Use of Hard-coded Cryptographic Key Vulnerability CVE-2025-29824link is external Microsoft Windows Common Log File...

9.8CVSS7.4AI score0.92727EPSS
Exploits10References7
CISA
CISA
added 2025/04/04 12:0 p.m.14 views

CISA Adds One Vulnerability to the KEV Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-22457link is external Ivanti Connect Secure, Policy Secure and ZTA Gateways Stack-Based Buffer Overflow Vulnerability These types of vulnerabilities are frequent...

9.8CVSS7AI score0.99973EPSS
Exploits7References8
CISA
CISA
added 2025/03/03 12:0 p.m.14 views

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20118link is external Cisco Small Business RV Series Routers Command Injection Vulnerability CVE-2022-43939link is external Hitachi Vantara Pentaho BA Server...

9.8CVSS7.7AI score0.99288EPSS
Exploits8References10
CISA
CISA
added 2024/10/24 12:0 p.m.14 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20481link is external Cisco ASA and FTD Denial-of-Service Vulnerability CVE-2024-37383link is external RoundCube Webmail Cross-Site Scripting XSS Vulnerability...

6.1CVSS6.5AI score0.73296EPSS
Exploits5References7
CISA
CISA
added 2024/09/25 12:0 p.m.14 views

CISA Adds Four Known Exploited Vulnerabilities to Catalog

Updated September 25, 2024 CISA has removed one vulnerability from its Known Exploited Vulnerabilities Catalog, based on information found in the FAQ section of Microsoft's Security Update Guide for CVE-2024-43491link is external. CVE-2024-43491link is external Microsoft Windows Update Remote Cod...

9.8CVSS6.6AI score0.12132EPSS
Exploits3References10
CISA
CISA
added 2024/09/24 12:0 p.m.14 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-7593link is external Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malicious...

9.8CVSS9.8AI score0.99987EPSS
Exploits4References6
CISA
CISA
added 2024/06/13 12:0 p.m.14 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-32896 Android Pixel Privilege Escalation Vulnerability CVE-2024-26169 Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability...

9.8CVSS7.3AI score0.97482EPSS
Exploits14References8
CISA
CISA
added 2024/05/29 12:0 p.m.14 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-4978 Justice AV Solutions JAVS Viewer Installer Embedded Malicious Code Vulnerability These types of vulnerabilities are frequent attack vectors for malicious...

8.7CVSS7.2AI score0.26937EPSS
Exploits1References6
CISA
CISA
added 2024/04/04 12:0 p.m.14 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-29745 Android Pixel Information Disclosure Vulnerability CVE-2024-29748 Android Pixel Privilege Escalation Vulnerability These types of vulnerabilities are...

7.8CVSS7.2AI score0.0068EPSS
Exploits0References7
CISA
CISA
added 2024/03/26 12:0 p.m.14 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-24955 Microsoft SharePoint Server Code Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

7.2CVSS9.9AI score0.85395EPSS
Exploits7References6
CISA
CISA
added 2024/03/05 12:0 p.m.14 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-21237 Android Pixel Information Disclosure Vulnerability CVE-2021-36380 Sunhillo SureLine OS Command Injection Vulnerablity These types of vulnerabilities are...

10CVSS7.5AI score0.97599EPSS
Exploits1References7
CISA
CISA
added 2024/02/26 12:0 p.m.14 views

CISA, NCSC-UK, and Partners Release Advisory on Russian SVR Actors Targeting Cloud Infrastructure

CISA, in partnership with UK National Cyber Security Centre NCSC and other U.S. and international partners released the joint advisory, SVR Cyber Actors Adapt Tactics for Initial Cloud Access. This advisory provides recent tactics, techniques, and procedures TTPs used by Russian Foreign...

7.2AI score
Exploits0References4
CISA
CISA
added 2024/02/09 12:0 p.m.14 views

JetBrains Releases Security Advisory for TeamCity On-Premises

JetBrains released a security advisory to address a vulnerability CVE-2024-23917 in TeamCity On-Premises. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Critical Security Issue Affecting TeamCity...

9.8CVSS7.1AI score0.5373EPSS
Exploits0References1
CISA
CISA
added 2024/01/12 12:0 p.m.14 views

Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways

Ivanti has released a security updatelink is external to address an authentication bypass vulnerability CVE-2023-46805link is external and a command injection vulnerability CVE-2024-21887link is external in all supported versions 9.x and 22.x of Connect Secure and Policy Secure gateways. A cyber...

9.1CVSS10AI score0.99999EPSS
Exploits23References9
CISA
CISA
added 2023/12/13 12:0 p.m.14 views

CISA and Partners Release Advisory on Russian SVR-affiliated Cyber Actors Exploiting CVE-2023-42793

Today, CISA—along with the U.S. Federal Bureau of Investigation FBI, National Security Agency NSA, Polish Military Counterintelligence Service SKW, CERT Polska CERT.PL, and the UK’s National Cyber Security Centre NCSC—released a joint Cybersecurity Advisory CSA, Russian Foreign Intelligence Servi...

9.8CVSS9.9AI score0.99979EPSS
Exploits17References4
CISA
CISA
added 2023/10/31 12:0 p.m.14 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-46747 F5 BIG-IP Authentication Bypass Vulnerability CVE-2023-46748 F5 BIG-IP SQL Injection Vulnerability These types of vulnerabilities are frequent attack...

9.8CVSS8.3AI score0.96515EPSS
Exploits18References7
CISA
CISA
added 2023/10/23 12:0 p.m.14 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20273 Cisco IOS XE Web UI Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

7.2CVSS10AI score0.89634EPSS
Exploits11References6
CISA
CISA
added 2023/10/23 12:0 p.m.14 views

CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities

Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System IOS XE Software Web User Interface UI. The guidance now notes that Cisco has fixed these vulnerabilities for the 17.9 Cisco IOS XE software releas...

10CVSS8.9AI score0.99571EPSS
Exploits27References9
CISA
CISA
added 2023/09/07 12:0 p.m.14 views

CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475

Today, CISA, Federal Bureau of Investigation FBI, and U.S. Cyber Command’s Cyber National Mission Force CNMF published a joint Cybersecurity Advisory CSA, Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475. This CSA provides information on an incident at an Aeronautical...

9.8CVSS9.9AI score0.99753EPSS
Exploits26References6
CISA
CISA
added 2023/02/14 12:0 a.m.14 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on February 14, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical...

2.4AI score
Exploits0References1
CISA
CISA
added 2023/01/20 12:0 a.m.14 views

Cisco Releases Security Advisory for Unified CM and Unified CM SME

Cisco released a security advisory for a vulnerability affecting Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For updat...

2.6AI score
Exploits0References1
CISA
CISA
added 2022/12/15 12:0 a.m.14 views

CISA Releases Forty-One Industrial Control Systems Advisories

CISA has released forty-one 41 Industrial Control Systems ICS advisories on 15 December 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS...

0.6AI score
Exploits0References41
CISA
CISA
added 2022/12/13 12:0 a.m.14 views

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security updates page for the following products and app...

2.6AI score
Exploits0References10
CISA
CISA
added 2022/10/21 12:0 a.m.14 views

Cisco Releases Security Update for Cisco Identity Services Engine 

Cisco has released a security update to address vulnerabilities affecting Cisco Identity Services Engine ISE. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing high and low severity vulnerabilities, see the Cisco Security...

2.1AI score
Exploits0References2
CISA
CISA
added 2022/10/04 12:0 a.m.14 views

Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA, Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization, highlighting advanced persistent threat APT activity...

1.6AI score
Exploits0References2
CISA
CISA
added 2022/09/29 12:0 a.m.14 views

CISA Releases Six Industrial Control Systems Advisories

CISA has released six 6 Industrial Control Systems ICS advisories on September 29, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for...

0.7AI score
Exploits0References6
CISA
CISA
added 2022/09/08 12:0 a.m.14 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on September 08, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

1.2AI score
Exploits0References4
CISA
CISA
added 2022/09/06 12:0 a.m.14 views

CISA Releases Five Industrial Control Systems Advisories

CISA has released five Industrial Control Systems ICS advisories on September 06, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories fo...

1.3AI score
Exploits0References5
CISA
CISA
added 2022/08/25 12:0 a.m.14 views

CISA Adds Ten Known Exploited Vulnerabilities to Catalog

CISA has added ten new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly adde...

1.6AI score
Exploits0References5
CISA
CISA
added 2022/08/23 12:0 a.m.14 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

2.8AI score
Exploits0References5
CISA
CISA
added 2022/06/29 12:0 a.m.14 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

2.8AI score
Exploits0References3
CISA
CISA
added 2022/06/07 12:0 a.m.14 views

People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

CISA, the National Security Agency NSA, and the Federal Bureau of Investigation FBI have released a joint Cybersecurity Advisory CSA to provide information on ways in which People’s Republic of China PRC state-sponsored cyber actors continue to exploit publicly known vulnerabilities in order to...

1.9AI score
Exploits0References1
CISA
CISA
added 2022/05/26 12:0 a.m.14 views

Drupal Releases Security Updates

Drupal has released security updates to address a vulnerability that does not affect Drupal core but may affect some contributed projects or custom code on Drupal sites. Exploitation of this vulnerability could allow a remote attacker to take control of an affected website. CISA encourages users...

3AI score
Exploits0References1
CISA
CISA
added 2022/05/17 12:0 a.m.14 views

Weak Security Controls and Practices Routinely Exploited for Initial Access

The cybersecurity authorities of the United States, Canada, New Zealand, the Netherlands, and the United Kingdom have issued a joint Cybersecurity Advisory CSA on 10 routinely exploited weak security controls, poor configurations, and bad practices that allow malicious actors to compromise...

1.7AI score
Exploits0References2
CISA
CISA
added 2022/05/16 12:0 a.m.14 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly adde...

1.6AI score
Exploits0References5
CISA
CISA
added 2022/05/10 12:0 a.m.14 views

U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actors

CISA and the Federal Bureau of Investigation FBI have updated the joint cybersecurity advisory, Strengthening Cybersecurity of SATCOM Network Providers and Customers, originally released March 17, 2022, with U.S. government attribution to Russian state-sponsored malicious cyber actors. The United...

1.9AI score
Exploits0References9
CISA
CISA
added 2022/04/20 12:0 a.m.14 views

Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom have released a joint Cybersecurity Advisory CSA to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious...

1.3AI score
Exploits0References8
CISA
CISA
added 2022/04/13 12:0 a.m.14 views

APT Actors Target ICS/SCADA Devices

CISA, the Department of Energy DOE, the National Security Agency NSA, and the Federal Bureau of Investigation FBI have released a joint Cybersecurity Advisory CSA, warning that certain advanced persistent threat APT actors have exhibited the capability to gain full system access to multiple...

1.5AI score
Exploits0References2
CISA
CISA
added 2022/04/11 12:0 a.m.14 views

CISA Adds Eight Known Exploited Vulnerabilities to Catalog

CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly...

1.7AI score
Exploits0References5
CISA
CISA
added 2022/04/06 12:0 a.m.14 views

Citrix Releases Security Updates for Hypervisor

Citrix has released security updates to address a vulnerability in Hypervisor. An attacker could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Citrix Security Update CTX390511 and apply the necessary updates. This product is...

1.9AI score
Exploits0References1
CISA
CISA
added 2022/03/03 12:0 a.m.14 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users...

7AI score
Exploits0References4
Total number of security vulnerabilities4188