Lucene search
+L
CisaMost viewed

4188 matches found

cisa
cisa
added 2010/04/05 12:0 a.m.14 views

Foxit Reader 3.2.1.0401 Released

The Foxit Corporation has released Foxit Reader 3.2.1.0401 to address a critical vulnerability. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Foxit notice regarding the release a...

7.5AI score
Exploits0References2
cisa
cisa
added 2010/03/23 12:0 a.m.14 views

Mozilla Releases Firefox 3.6.2

The Mozilla Foundation has released Firefox 3.6.2 to address multiple security issues, including a critical vulnerability that may allow a remote attacker to execute arbitrary code. US-CERT encourages users and administrators to do the following to help mitigate the risks: Review the Firefox 3.6....

7.5AI score
Exploits0References4
cisa
cisa
added 2010/03/04 12:0 a.m.14 views

Microsoft Releases Advance Notification for March Security Bulletin

Microsoft has issued a Security Bulletin Advance Notification, indicating that its March release cycle will contain two bulletins. These bulletins will have a severity rating of Important and will be for Microsoft Windows and Microsoft Office. Release of these bulletins is scheduled for Tuesday,...

6.6AI score
Exploits0References1
cisa
cisa
added 2010/02/04 12:0 a.m.14 views

Apple Releases iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod touch

Apple has released iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod touch to address vulnerabilities in the CoreAudio, ImageIO, Recovery Mode and WebKit packages. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or obtain...

7.5AI score
Exploits0References1
cisa
cisa
added 2010/01/20 12:0 a.m.14 views

Adobe Releases Shockwave Player Update

Adobe has released an update for Shockwave Player to address multiple vulnerabilities. These vulnerabilities affect Adobe Shockwave Player 11.5.2.602 and earlier versions for Windows and Macintosh. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code. US-CERT...

7.8AI score
Exploits0References1
cisa
cisa
added 2010/01/12 12:0 a.m.14 views

Oracle Releases Critical Patch Update for January 2010

Oracle has released its Critical Patch Update for January 2010 to address 24 vulnerabilities across several products. This update contains the following security fixes: 10 for Oracle Database 3 for Oracle Application Server 3 for the Oracle Applications Suite 1 for PeopleSoft and JD Edwards Suite...

6.6AI score
Exploits0References3
cisa
cisa
added 2026/06/12 12:0 p.m.13 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-35273link is external Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability This type of vulnerability is a...

9.8CVSS5.8AI score0.9233EPSS
Exploits3References7
cisa
cisa
added 2026/05/26 12:0 p.m.13 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-48172link is external LiteSpeed cPanel Plugin Privilege Escalation Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

10CVSS6AI score0.18914EPSS
Exploits1References6
cisa
cisa
added 2026/05/21 12:0 p.m.13 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-34291link is external Langflow Origin Validation Error Vulnerability CVE-2026-34926link is external Trend Micro Apex One On-Premise Directory Traversal...

9.4CVSS7.4AI score0.7889EPSS
Exploits3References7
cisa
cisa
added 2026/03/18 12:0 p.m.13 views

CISA Urges Endpoint Management System Hardening After Cyberattack Against US Organization

CISA is aware of malicious cyber activity targeting endpoint management systems of U.S. organizations based on the March 11, 2026 cyberattack against U.S.-based medical technology firm Stryker Corporation, which affected their Microsoft environment.1 To defend against similar malicious cyber...

5.9AI score
Exploits0References10
cisa
cisa
added 2026/01/26 12:0 p.m.13 views

Avoid Scams After Disaster Strikes

As natural disasters occur, CISA urges individuals to remain on alert for potential malicious cyber activity. Fraudulent emails and social media messages—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with...

5.9AI score
Exploits0References7
cisa
cisa
added 2025/12/09 12:0 p.m.13 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-6218link is external RARLAB WinRAR Path Traversal Vulnerability CVE-2025-62221link is external Microsoft Windows Use After Free Vulnerability These types o...

7.8CVSS6.8AI score0.86192EPSS
Exploits10References7
cisa
cisa
added 2025/11/18 12:0 p.m.13 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-58034link is external Fortinet FortiWeb OS Command Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

7.2CVSS7.3AI score0.5511EPSS
Exploits9References8
cisa
cisa
added 2025/07/14 12:0 p.m.13 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-47812link is external Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability These types of vulnerabilities are frequent attack...

10CVSS7.3AI score0.95343EPSS
Exploits23References6
cisa
cisa
added 2025/06/24 12:0 p.m.13 views

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems ICS advisories on June 24, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-175-01 Kaleris Navis N4 Terminal Operating System ICSA-25-175-02 Delta Electronics...

7AI score
Exploits0References8
cisa
cisa
added 2024/11/20 12:0 p.m.13 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38812link is external VMware vCenter Server Heap-Based Buffer Overflow Vulnerability CVE-2024-38813link is external VMware vCenter Server Privilege Escalation...

9.8CVSS7.4AI score0.54143EPSS
Exploits0References7
cisa
cisa
added 2024/11/12 12:0 p.m.13 views

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-26086link is external Atlassian Jira Server and Data Center Path Traversal Vulnerability CVE-2014-2120link is external Cisco Adaptive Security Appliance ASA...

10CVSS7.6AI score0.99999EPSS
Exploits12References10
cisa
cisa
added 2024/09/18 12:0 p.m.13 views

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-27348link is external Apache HugeGraph-Server Improper Access Control Vulnerability CVE-2020-0618link is external Microsoft SQL Server Reporting Services Remo...

9.8CVSS9.7AI score0.9921EPSS
Exploits28References10
cisa
cisa
added 2024/08/28 12:0 p.m.13 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-7965link is external Google Chromium V8 Inappropriate Implementation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber...

8.8CVSS9.2AI score0.17227EPSS
Exploits2References6
cisa
cisa
added 2024/08/23 12:0 p.m.13 views

CISA Adds One Known Exploited Vulnerability to Catalog for Versa Networks Director

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-39717link is external Versa Director Dangerous File Type Upload Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber acto...

7.2CVSS7.4AI score0.04006EPSS
Exploits1References6
cisa
cisa
added 2024/08/19 12:0 p.m.13 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-23897 Jenkins Command Line Interface CLI Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and...

9.8CVSS7.2AI score0.99999EPSS
Exploits46References6
cisa
cisa
added 2024/06/28 12:0 p.m.13 views

Progress Software Releases Security Bulletin for MOVEit Transfer

Progress Software released a security bulletin to address a vulnerability in MOVEit Transfer. A cyber threat actor could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the following bulletin and apply the necessary updates: MOVE...

9.8CVSS7AI score0.75812EPSS
Exploits3References1
cisa
cisa
added 2024/04/30 12:0 p.m.13 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-29988 Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors an...

8.8CVSS7AI score0.45151EPSS
Exploits1References6
cisa
cisa
added 2024/04/12 12:0 p.m.13 views

Citrix Releases Security Updates for XenServer and Citrix Hypervisor

Citrix released security updates to address multiple vulnerabilities in XenServer and Citrix Hypervisor. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review and apply the necessary updates:...

7.5CVSS7AI score0.17444EPSS
Exploits0References1
cisa
cisa
added 2024/01/31 12:0 p.m.13 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2022-48618 Apple Multiple Products Memory Corruption Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

7CVSS6.9AI score0.00487EPSS
Exploits0References6
cisa
cisa
added 2023/12/21 12:0 p.m.13 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-49897 FXC AE1021, AE1021PE OS Command Injection Vulnerability CVE-2023-47565 QNAP VioStor NVR OS Command Injection Vulnerability These types of vulnerabilities...

8.8CVSS7.5AI score0.73277EPSS
Exploits1References7
cisa
cisa
added 2023/11/21 12:0 p.m.13 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-4911 GNU C Library Buffer Overflow Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks...

7.8CVSS7.5AI score0.81422EPSS
Exploits28References6
cisa
cisa
added 2023/11/16 12:0 p.m.13 views

Citrix Releases Security Updates for Citrix Hypervisor

Citrix has released security updates addressing vulnerabilities in Citrix Hypervisor 8.2 CU1 LTSR. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Citrix Hypervisor Security Bulletin for...

8.8CVSS7.7AI score0.01728EPSS
Exploits0References1
cisa
cisa
added 2023/09/12 12:0 p.m.13 views

CISA Adds Two Known Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-36761 Microsoft Word Information Disclosure Vulnerability CVE-2023-36802 Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability These types of...

7.8CVSS7.1AI score0.261EPSS
Exploits4References7
cisa
cisa
added 2023/06/07 12:0 p.m.13 views

Mozilla Releases Security Updates for Multiple Products

Mozilla has released security updates to address vulnerabilities for Firefox 114 and Firefox ESR 102.12. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla’s security advisories for Firefox 114link is...

7.4AI score
Exploits0References2
cisa
cisa
added 2023/05/01 12:0 p.m.13 views

CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans

The Federal Communications Commission FCC maintains a Covered List of communications equipment and services that have been determined by the U.S. government to pose an unacceptable risk to the national security of the United States or the security and safety of United States persons to national...

7.7AI score
Exploits0References7
cisa
cisa
added 2023/02/16 12:0 a.m.13 views

Cisco Releases Security Advisories for Multiple Products

Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA...

2.3AI score
Exploits0References4
cisa
cisa
added 2023/01/20 12:0 a.m.13 views

Drupal Releases Security Advisories to Address Multiple Vulnerabilities

Drupal has released security advisories to address vulnerabilities affecting multiple products. An attacker could exploit these vulnerabilities to access sensitive information. CISA encourages users and administrators to review Drupal’s security advisories SA-CORE-2023-001, SA-CONTRIB-2023-002,...

2.3AI score
Exploits0References4
cisa
cisa
added 2023/01/19 12:0 a.m.13 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on January 19, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical...

1.8AI score
Exploits0References1
cisa
cisa
added 2022/12/13 12:0 a.m.13 views

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose a significant risk to the federal enterprise. Note: To view newly added...

1.6AI score
Exploits0References5
cisa
cisa
added 2022/12/13 12:0 a.m.13 views

Microsoft Releases December 2022 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s December 2022 Security Update Guide and Deployment...

1.6AI score
Exploits0References2
cisa
cisa
added 2022/12/08 12:0 a.m.13 views

CISA Releases Phishing Infographic

Today, CISA published a Phishing Infographic to help protect both organizations and individuals from successful phishing operations. This infographic provides a visual summary of how threat actors execute successful phishing operations. Details include metrics that compare the likelihood of certa...

0.6AI score
Exploits0References1
cisa
cisa
added 2022/11/17 12:0 a.m.13 views

CISA Releases Two Industrial Control Systems Advisories

CISA has released two 2 Industrial Control Systems ICS advisories on November 17, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for...

2.4AI score
Exploits0References2
cisa
cisa
added 2022/11/17 12:0 a.m.13 views

#StopRansomware: Hive

Today, CISA, the Federal Bureau of Investigation FBI, and the Department of Health and Human Services HHS released joint Cybersecurity Advisory CSA StopRansomware: Hive Ransomware to provide network defenders tactics, techniques, and procedures TTPs and indicators of compromise IOCs associated wi...

0.8AI score
Exploits0References3
cisa
cisa
added 2022/11/14 12:0 a.m.13 views

CISA Has Added One Known Exploited Vulnerability to Catalog    

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added...

1.7AI score
Exploits0References5
cisa
cisa
added 2022/11/10 12:0 a.m.13 views

CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite

CISA and the Multi-State Information Sharing & Analysis Center MS-ISAC have updated joint Cybersecurity Advisory AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite, originally released August 16, 2022. The advisory has been updated to include an additional Malwar...

1.3AI score
Exploits0References2
cisa
cisa
added 2022/11/01 12:0 a.m.13 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on November 1, 2022. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical...

2.2AI score
Exploits0References1
cisa
cisa
added 2022/10/28 12:0 a.m.13 views

VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities in VMware Cloud Foundation. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2022-002 and...

2.5AI score
Exploits0References1
cisa
cisa
added 2022/10/25 12:0 a.m.13 views

CISA Releases Eight Industrial Control Systems Advisories

CISA has released eight 8 Industrial Control Systems ICS advisories on October 25, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for...

0.8AI score
Exploits0References8
cisa
cisa
added 2022/10/24 12:0 a.m.13 views

CISA Adds Six Known Exploited Vulnerabilities to Catalog

CISA has added six vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

1.7AI score
Exploits0References5
cisa
cisa
added 2022/09/30 12:0 a.m.13 views

Mozilla Releases Security Update for Thunderbird

Mozilla has released a security update to address a vulnerability in Thunderbird. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisory for Thunderbird 102.3.1 and make the necessary...

3.2AI score
Exploits0References1
cisa
cisa
added 2022/09/29 12:0 a.m.13 views

CISA Publishes User Guide to Prepare for Nov. 1 Move to TLP 2.0

CISA has published its Traffic Light Protocol 2.0 User Guide and Traffic Light Protocol: Moving to Version 2.0 fact sheet in preparation for its November 1, 2022 move from Traffic Light Protocol TLP Version 1.0 to TLP 2.0. Managed by the Forum of Incident Response and Security Teams FIRST, TLP is...

0.7AI score
Exploits0References7
cisa
cisa
added 2022/09/23 12:0 a.m.13 views

CISA Has Added One Known Exploited Vulnerability to Catalog 

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added...

1.7AI score
Exploits0References5
cisa
cisa
added 2022/09/21 12:0 a.m.13 views

Iranian State Actors Conduct Cyber Operations Against the Government of Albania

CISA and the Federal Bureau of Investigation FBI have released a joint Cybersecurity Advisory CSA, Iranian State Actors Conduct Cyber Operations Against the Government of Albania, detailing malicious cyber operations that included ransomware and disk wiper, rendering websites and services...

2.4AI score
Exploits0References3
cisa
cisa
added 2022/09/13 12:0 a.m.13 views

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security updates page for the following products and app...

2.1AI score
Exploits0References6
Total number of security vulnerabilities4188