Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2021/11/17 12:0 a.m.102 views

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, which require remediation from federal civilian executive branch FCEB agencies by December 1, 2021. CISA has evidence that threat actors are actively exploiting the vulnerabilities listed in the table below...

6.8CVSS8.4AI score0.99981EPSS
Exploits60References9
CISA
CISA
added 2017/03/30 12:0 a.m.101 views

Internet Information Services (IIS) 6.0 Vulnerability

US-CERT is aware of active exploitation of a vulnerability in Windows Server 2003 Operating System Internet Information Services IIS 6.0. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. On June 15, 2015, Microsoft ended support for Windows...

10CVSS1.7AI score0.99823EPSS
Exploits39References2
CISA
CISA
added 2021/03/13 12:0 a.m.100 views

Updates on Microsoft Exchange Server Vulnerabilities

CISA has added seven Malware Analysis Reports MARs to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities. Each MAR identifies a webshell associated with exploitation of the vulnerabilities in Microsoft Exchange Server products. After successful exploiting a Microsoft Exchange...

6.8AI score
Exploits0References11
CISA
CISA
added 2021/02/02 12:0 a.m.100 views

Sudo Heap-Based Buffer Overflow Vulnerability — CVE-2021-3156

Sudo has released an advisory addressing a heap-based buffer overflow vulnerability—CVE-2021-3156—affecting sudo legacy versions 1.8.2 through 1.8.31p2 and stable versions 1.9.0 through 1.9.5p1. Sudo is a utility included in many Unix- and Linux-based operating systems that allows a user to run...

7.2CVSS3.5AI score0.99295EPSS
Exploits81References3
CISA
CISA
added 2026/06/11 12:0 p.m.99 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-10520link is external Ivanti Sentry OS Command Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and...

10CVSS5.8AI score0.99041EPSS
Exploits6References7
CISA
CISA
added 2020/05/28 12:0 a.m.99 views

NSA Releases Advisory on Sandworm Actors Exploiting an Exim Vulnerability

The National Security Agency NSA has released a cybersecurity advisory on Russian advanced persistent threat APT group Sandworm exploiting a vulnerability—CVE-2019-10149—in Exim Mail Transfer Agent MTA software. An unauthenticated remote attacker can use this vulnerability to send a specially...

10CVSS3.1AI score0.99961EPSS
Exploits27References3
CISA
CISA
added 2022/04/01 12:0 a.m.97 views

Spring Releases Security Updates Addressing "Spring4Shell" and Spring Cloud Function Vulnerabilities

Spring by VMWare has released Spring Cloud Function versions 3.1.7 and 3.2.3 to address remote code execution RCE vulnerability CVE-2022-22963 as well as Spring Framework versions 5.3.18 and 5.2.20 to address RCE vulnerability CVE-2022-22965, known as “Spring4Shell.” A remote attacker could explo...

7.5CVSS2.3AI score0.99939EPSS
Exploits139References5
CISA
CISA
added 2021/12/15 12:0 a.m.97 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types an...

6.8CVSS1.8AI score0.10295EPSS
Exploits1References5
CISA
CISA
added 2021/09/24 12:0 a.m.97 views

Google Releases Security Updates for Chrome

Google has released Chrome version 94.0.4606.61 for Windows, Mac, and Linux. This version addresses a vulnerability—CVE-2021-37973—that an attacker could exploit to take control of an affected system. An exploit for this vulnerability exists in the wild. CISA encourages users and administrators t...

6.8CVSS1.6AI score0.11735EPSS
Exploits0References1
CISA
CISA
added 2022/05/18 12:0 a.m.96 views

CISA Issues Emergency Directive and Releases Advisory Related to VMware Vulnerabilities

CISA has issued Emergency Directive ED 22-03 and released a Cybersecurity Advisory CSA in response to active and expected exploitation of multiple vulnerabilities in the following VMware products: VMware Workspace ONE Access Access, VMware Identity Manager vIDM, VMware vRealize Automation vRA,...

10CVSS1AI score0.99997EPSS
Exploits34References8
CISA
CISA
added 2021/12/02 12:0 a.m.94 views

CISA and FBI Release Alert on Active Exploitation of CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus

CISA and the Federal Bureau of Investigation FBI have released a joint Cybersecurity Advisory identifying active exploitation of a vulnerability—CVE-2021-44077—in Zoho ManageEngine ServiceDesk Plus. CVE-2021-44077 is an unauthenticated remote code execution vulnerability that affects all...

7.5CVSS2.4AI score0.93514EPSS
Exploits6References3
CISA
CISA
added 2021/09/24 12:0 a.m.94 views

VMware vCenter Server Vulnerability CVE-2021-22005 Under Active Exploit

On September 21, 2021, VMware disclosed that its vCenter Server is affected by an arbitrary file upload vulnerability—CVE-2021-22005—in the Analytics service. A malicious cyber actor with network access to port 443 can exploit this vulnerability to execute code on vCenter Server. On September 24,...

7.5CVSS1.8AI score0.99999EPSS
Exploits11References4
CISA
CISA
added 2019/05/16 12:0 a.m.94 views

Microsoft Releases Security Updates to Address Remote Code Execution Vulnerability

Microsoft has released security updates to address a remote code execution vulnerability in the following in-support and out-of-support operating systems: In-support systems: Windows 7, Windows Server 2008 R2, and Windows Server 2008 Out-of-support systems: Windows 2003 and Windows XP A remote...

10CVSS4AI score0.99999EPSS
Exploits123References2
CISA
CISA
added 2020/07/01 12:0 a.m.93 views

Microsoft Releases Security Updates for Windows 10, Windows Server

Microsoft has released security updates to address vulnerabilities in Windows 10 and Windows Server. These vulnerabilities could allow a remote attacker to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review t...

6.8CVSS7.4AI score0.123EPSS
Exploits0References2
CISA
CISA
added 2023/02/14 12:0 a.m.92 views

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly add...

1.5AI score
Exploits0References5
CISA
CISA
added 2022/04/13 12:0 a.m.92 views

Microsoft Releases Advisory to Address Critical Remote Code Execution Vulnerability (CVE-2022-26809)

Microsoft has released an advisory to address CVE-2022-26809, a critical remote code execution vulnerability in Remote Procedure Call Runtime Library. A remote, unauthenticated attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrator...

10CVSS4.5AI score0.91316EPSS
Exploits14References2
CISA
CISA
added 2022/03/07 12:0 a.m.92 views

CISA Adds 11 Known Exploited Vulnerabilities to Catalog 

CISA has added 11 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and...

10CVSS1AI score0.99781EPSS
Exploits44References5
CISA
CISA
added 2021/07/27 12:0 a.m.91 views

Microsoft Releases Guidance for Mitigating PetitPotam NTLM Relay Attacks

On July 23, Microsoft released KB5005413: Mitigating NTLM Relay Attacks on Active Directory Certificate Services AD CS to address a NTLM Relay Attack named PetitPotam. CISA encourages users and administrators to review KB5005413 and apply the necessary mitigations. This product is provided subjec...

6.7AI score
Exploits0References2
CISA
CISA
added 2017/09/25 12:0 a.m.91 views

Oracle Patches Apache Vulnerabilities

Oracle has released security updates to address Apache Struts 2 vulnerabilities found across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Oracle Security Alert and...

6.8CVSS2.6AI score0.99461EPSS
Exploits23References1
CISA
CISA
added 2022/07/01 12:0 a.m.90 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

9CVSS1.7AI score0.83277EPSS
Exploits8References7
CISA
CISA
added 2020/09/18 12:0 a.m.90 views

CISA Releases Emergency Directive on Microsoft Windows Netlogon Remote Protocol

The Cybersecurity and Infrastructure Security Agency CISA has released Emergency Directive ED 20-04 addressing a critical vulnerability— CVE-2020-1472—affecting Microsoft Windows Netlogon Remote Protocol. An unauthenticated attacker with network access to a domain controller could exploit this...

9.3CVSS1.2AI score0.99512EPSS
Exploits75References6
CISA
CISA
added 2017/10/03 12:0 a.m.90 views

Apache Releases Security Updates for Apache Tomcat

The Apache Software Foundation has released Apache Tomcat 9.0.1 and 8.5.23 to address a vulnerability in previous versions of the software. A remote attacker could exploit this vulnerability to take control of an affected server. US-CERT encourages users and administrators to review the Apache...

6.8CVSS3AI score0.99988EPSS
Exploits23References1
CISA
CISA
added 2022/06/02 12:0 a.m.89 views

CISA Adds One Known Exploited Vulnerability (CVE-2022-26134) to Catalog  

CISA has added one new vulnerability—CVE-2022-26134—to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view t...

7.5CVSS2.2AI score0.99999EPSS
Exploits76References6
CISA
CISA
added 2021/06/04 12:0 a.m.89 views

Unpatched VMware vCenter Software

CISA is aware of the likelihood that cyber threat actors are attempting to exploit CVE-2021-21985, a remote code execution vulnerability in VMware vCenter Server and VMware Cloud Foundation. Although patches were made available on May 25, 2021, unpatched systems remain an attractive target and...

10CVSS2.4AI score0.99999EPSS
Exploits13References5
CISA
CISA
added 2024/03/05 12:0 p.m.88 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-21237 Android Pixel Information Disclosure Vulnerability CVE-2021-36380 Sunhillo SureLine OS Command Injection Vulnerablity These types of vulnerabilities are...

10CVSS7.5AI score0.97599EPSS
Exploits1References7
CISA
CISA
added 2022/12/13 12:0 a.m.88 views

Citrix Releases Security Updates for Citrix ADC, Citrix Gateway

Citrix has released security updates to address a critical vulnerability CVE-2022-27518 in Citrix ADC and Citrix Gateway. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability has been exploited in the wild. CISA encourages users and administrators...

1.1AI score0.06931EPSS
Exploits1References3
CISA
CISA
added 2020/09/21 12:0 a.m.88 views

Samba Releases Security Update for CVE-2020-1472

The Samba Team has released a security update to address a critical vulnerability—CVE-2020-1472—in multiple versions of Samba. This vulnerability could allow a remote attacker to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...

9.3CVSS2.6AI score0.99512EPSS
Exploits75References1
CISA
CISA
added 2021/10/06 12:0 a.m.87 views

Apache Releases Security Update for Apache HTTP Server

Updated October 7, 2021 Apache has released additional fixes for CVE-2021-41773, which is tracked as CVE-2021-42013. For more information see the Apache vulnerabilities page. Originally published October 6, 2021 The Apache Software Foundation has released Apache HTTP Server version 2.4.50 to...

7.5CVSS0.8AI score0.99992EPSS
Exploits175References4
CISA
CISA
added 2021/09/21 12:0 a.m.87 views

NETGEAR Releases Security Updates for RCE Vulnerability

NETGEAR has released security updates to address a remote code execution vulnerability—CVE-2021-40847—in multiple NETGEAR routers. A remote attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review NETGEAR’s Security Adviso...

9.3CVSS8.6AI score0.10051EPSS
Exploits1References3
CISA
CISA
added 2023/01/17 12:0 a.m.85 views

CISA Updates Best Practices for Mapping to MITRE ATT&CK®

Today, CISA updated Best Practices for MITRE ATT&CK® Mapping. The MITRE ATT&CK® framework is a lens through which network defenders can analyze adversary behavior and, as CISA Executive Assistant Director Eric Goldstein noted in his June 2021 blog post on the framework, it directly supports...

1.4AI score
Exploits0References2
CISA
CISA
added 2022/02/04 12:0 a.m.85 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and...

7.2CVSS1.6AI score0.55711EPSS
Exploits7References6
CISA
CISA
added 2021/07/12 12:0 a.m.83 views

Critical ForgeRock Access Management Vulnerability

Malicious cyber actors are actively exploiting a pre-authorization remote code execution vulnerability CVE-2021-35464 in ForgeRock Access Management—a commercial open access management solution that is based on OpenAM, an open-source access management solution. An attacker exploiting this...

10CVSS3.3AI score0.99999EPSS
Exploits8References3
CISA
CISA
added 2021/12/06 12:0 a.m.82 views

Zoho Releases Security Advisory for ManageEngine Desktop Central and Desktop Central MSP

Zoho has released a security advisory to address an authentication bypass vulnerability in ManageEngine Desktop Central and Desktop Central MSP. An attacker could exploit this vulnerability to take control of an affected system. According to Zoho, this vulnerability is being actively exploited in...

10CVSS9AI score0.99867EPSS
Exploits2References3
CISA
CISA
added 2020/09/24 12:0 a.m.82 views

Unpatched Domain Controllers Remain Vulnerable to Netlogon Vulnerability, CVE-2020-1472

The Cybersecurity and Infrastructure Security Agency CISA is aware of active exploitation of CVE-2020-1472, an elevation of privilege vulnerability in Microsoft’s Netlogon. A remote attacker can exploit this vulnerability to breach unpatched Active Directory domain controllers and obtain domain...

9.3CVSS1.3AI score0.99512EPSS
Exploits75References8
CISA
CISA
added 2023/01/27 12:0 a.m.81 views

ISC Releases Security Advisories for Multiple Versions of BIND 9

The Internet Systems Consortium ISC has released security advisories that address vulnerabilities affecting multiple versions of the ISC’s Berkeley Internet Name Domain BIND 9. A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions and system...

2.5AI score0.5017EPSS
Exploits0References4
CISA
CISA
added 2018/08/14 12:0 a.m.81 views

Samba Releases Security Updates

The Samba Team has released security updates to address several vulnerabilities in Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Samba Security Announcements for CVE-2018-10858,...

6.5CVSS2.5AI score0.10839EPSS
Exploits0References5
CISA
CISA
added 2022/03/18 12:0 a.m.79 views

CRI-O Security Update for Kubernetes

CRI-O has released a security update addressing a critical vulnerability—CVE-2022-0811—in CRI-O 1.19. A local attacker could exploit this vulnerability to take control of an affected Kubernetes environment as well as other software or platforms that use CRI-O runtime containers. CISA encourages...

9CVSS2AI score0.18561EPSS
Exploits0References2
CISA
CISA
added 2021/11/09 12:0 a.m.79 views

Security Researchers Reveal Activity Targeting ManageEngine ADSelfService Plus

On September 16, CISA released a joint alert on exploitation of a vulnerability CVE-2021-40539 in ManageEngine ADSelfService Plus. On November 8, security researchers from Palo Alto Networks and Microsoft Threat Intelligence Center MSTIC released separate reports on targeted attacks against...

7.5CVSS8.7AI score0.9896EPSS
Exploits8References3
CISA
CISA
added 2021/04/21 12:0 a.m.79 views

SonicWall Releases Patches for Email Security Products

CISA is aware of three vulnerabilities affecting SonicWall Email Security products: CVE-2021-20021, CVE-2021-20022, and CVE-2021-20023. A remote attacker could exploit these vulnerabilities to take control of an affected system. According to SonicWall, "In at least one known case, these...

7.5CVSS2.7AI score0.83425EPSS
Exploits0References4
CISA
CISA
added 2015/03/06 12:0 a.m.79 views

FREAK

FREAK Factoring Attack on RSA-EXPORT Keys CVE-2015-0204 is a weakness in some implementations of SSL/TLS that may allow an attacker to decrypt secure communications between vulnerable clients and servers. Google has released an updated version of its Android OS and Chrome browser for OS X to...

4.3CVSS1.8AI score0.98685EPSS
Exploits0References4
CISA
CISA
added 2014/09/24 12:0 a.m.79 views

Mozilla Network Security Services (NSS) Library Vulnerability

A vulnerability in the Mozilla NSS library could allow an attacker to forge an RSA signature, such as an SSL certificate. The package is often included in 3rd party software, including Linux distributions, Google Chrome, and others. It is possible that other cryptographic libraries may be similar...

6.6AI score
Exploits0References3
CISA
CISA
added 2024/04/24 12:0 p.m.78 views

Cisco Releases Security Updates Addressing ArcaneDoor, Vulnerabilities in Cisco Firewall Platforms

Today, Cisco released security updates to address ArcaneDoor—exploitation of Cisco Adaptive Security Appliances ASA devices and Cisco Firepower Threat Defense FTD software. A cyber threat actor could exploit vulnerabilities CVE-2024-20353link is external, CVE-2024-20359link is external,...

8.6CVSS8AI score0.70686EPSS
Exploits2References7
CISA
CISA
added 2021/05/28 12:0 a.m.78 views

FBI Update on Exploitation of Fortinet FortiOS Vulnerabilities

The Federal Bureau of Investigation FBI has released an FBI FLASH, APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity, which describes advanced persistent threat APT actors exploiting known Fortinet FortiOS vulnerabilities. APT actors may exploit these...

7.4AI score
Exploits0References4
CISA
CISA
added 2020/09/17 12:0 a.m.78 views

CERT/CC Releases Information on Critical Vulnerability in Microsoft Windows Netlogon Remote Protocol

The CERT Coordination Center CERT/CC has released information on CVE-2020-1472, a vulnerability affecting Microsoft Windows Netlogon Remote Protocol. An unauthenticated attacker could exploit this vulnerability to obtain Active Directory domain administrator access. Although Microsoft provided...

9.3CVSS2.4AI score0.99512EPSS
Exploits75References3
CISA
CISA
added 2023/02/08 12:0 a.m.77 views

CISA and FBI Release ESXiArgs Ransomware Recovery Guidance

Today, CISA and the Federal Bureau of Investigation FBI released a joint Cybersecurity Advisory, ESXiArgs Ransomware Virtual Machine Recovery Guidance. This advisory describes the ongoing ransomware campaign known as “ESXiArgs.” Malicious cyber actors may be exploiting known vulnerabilities in...

1.7AI score
Exploits0References2
CISA
CISA
added 2020/10/16 12:0 a.m.77 views

NCSC Releases Alert on Microsoft SharePoint Vulnerability

The United Kingdom UK National Cyber Security Centre NCSC has released an Alert to address a vulnerability—CVE-2020-16952—affecting Microsoft SharePoint server. An attacker could exploit this vulnerability to take control of an affected system. Applying patches from Microsoft’s October 2020...

6.8CVSS1.9AI score0.70894EPSS
Exploits5References4
CISA
CISA
added 2025/02/19 12:0 p.m.76 views

CISA and Partners Release Advisory on Ghost (Cring) Ransomware

Today, CISA—in partnership with the Federal Bureau of Investigation FBI and Multi-State Information Sharing and Analysis Center MS-ISAC—released a joint Cybersecurity Advisory, StopRansomware: Ghost Cring Ransomware. This advisory provides network defenders with indicators of compromise IOCs,...

10CVSS7.5AI score0.99999EPSS
Exploits65References10
CISA
CISA
added 2025/01/07 12:0 p.m.76 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-41713link is external Mitel MiCollab Path Traversal Vulnerability CVE-2024-55550link is external Mitel MiCollab Path Traversal Vulnerability CVE-2020-2883lin...

9.8CVSS8.7AI score0.99698EPSS
Exploits32References11
CISA
CISA
added 2021/11/19 12:0 a.m.75 views

Updated: APT Exploitation of ManageEngine ADSelfService Plus Vulnerability

The Federal Bureau of Investigation FBI, CISA, and Coast Guard Cyber Command CGCYBER have updated the Joint Cybersecurity Advisory CSA published on September 16, 2021, which details the active exploitation of an authentication bypass vulnerability CVE-2021-40539 in Zoho ManageEngine ADSelfService...

7.5CVSS9.3AI score0.9896EPSS
Exploits8References4
CISA
CISA
added 2025/12/15 12:0 p.m.74 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-14611link is external Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability CVE-2025-43529link is external Apple Multiple Products...

9.8CVSS6.7AI score0.50949EPSS
Exploits11References7
Total number of security vulnerabilities4188