Lucene search
+L
CisaMost viewed

4188 matches found

cisa
cisa
added 2024/10/08 12:0 p.m.12 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-43047link is external Qualcomm Multiple Chipsets Use-After-Free Vulnerability CVE-2024-43572link is external Microsoft Windows Management Console Remote Code...

8.1CVSS7.7AI score0.66571EPSS
Exploits0References8
cisa
cisa
added 2024/08/07 12:0 p.m.12 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-36971 Android Kernel Remote Code Execution Vulnerability CVE-2024-32113 Apache OFBiz Path Traversal Vulnerability These types of vulnerabilities are frequent...

9.8CVSS8.3AI score0.99426EPSS
Exploits8References7
cisa
cisa
added 2024/07/02 12:0 p.m.12 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20399 Cisco NX-OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risk...

6.7CVSS9.9AI score0.04271EPSS
Exploits1References6
cisa
cisa
added 2024/05/20 12:0 p.m.12 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-4947 Google Chromium V8 Type Confusion Vulnerability CVE-2023-43208 NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability These type...

9.8CVSS7.2AI score0.82708EPSS
Exploits23References7
cisa
cisa
added 2024/04/11 12:0 p.m.12 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-3272 D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability CVE-2024-3273 D-Link Multiple NAS Devices Command Injection Vulnerability These...

10CVSS7.5AI score0.99997EPSS
Exploits10References7
cisa
cisa
added 2024/02/09 12:0 p.m.12 views

Fortinet Releases Security Advisories for FortiOS

Fortinet released security updates to address critical remote code execution vulnerabilities in FortiOS CVE-2024-21762, CVE-2024-23313. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. Note : According to Fortinet, CVE-2024-21762 is potentially being...

9.8CVSS10AI score0.83428EPSS
Exploits13References2
cisa
cisa
added 2024/02/01 12:0 p.m.12 views

Moby and Open Container Initiative Release Critical Updates for Multiple Vulnerabilities Affecting Docker-related Components

Moby and the Open Container Initiative OCI have released updates for multiple vulnerabilities CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-21626 affecting Docker-related components, including Moby BuildKit and OCI runc. A cyber threat actor could exploit these vulnerabilities to take...

10CVSS9.4AI score0.18087EPSS
Exploits18References7
cisa
cisa
added 2024/01/10 12:0 p.m.12 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29357 Microsoft SharePoint Server Privilege Escalation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and po...

9.8CVSS7.2AI score0.99649EPSS
Exploits10References6
cisa
cisa
added 2023/12/12 12:0 p.m.12 views

The Apache Software Foundation Updates Struts 2

The Apache Software Foundation has released security updates to address a vulnerability CVE-2023-50164 in Struts 2. A remote attacker could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the Apache Security Bulletinlink is...

9.8CVSS9.6AI score0.80819EPSS
Exploits15References1
cisa
cisa
added 2023/11/14 12:0 p.m.12 views

VMware Releases Security Update for Cloud Director Appliance

VMware has released a security advisory addressing a vulnerability in VMWare Cloud Director Appliance. Cyber threat actors may exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the following VMware security advisory and apply the...

9.8CVSS8.8AI score0.01345EPSS
Exploits4References1
cisa
cisa
added 2023/11/08 12:0 p.m.12 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29552 Service Location Protocol SLP Denial-of-Service Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pos...

7.5CVSS7.1AI score0.65873EPSS
Exploits1References6
cisa
cisa
added 2023/09/06 12:0 p.m.12 views

CISA Adds One Known Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-33246 Apache RocketMQ Command Execution Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant...

9.8CVSS7.3AI score0.96604EPSS
Exploits11References6
cisa
cisa
added 2023/08/17 12:0 p.m.12 views

Atlassian Releases Security Update for Confluence Server and Data Center

Atlassian has released its security bulletin for August 2023 to address a vulnerability in Confluence Server and Data Center, CVE-2023-28709. A remote attacker can exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Atlassian’s...

7.5CVSS7.5AI score0.51547EPSS
Exploits1References1
cisa
cisa
added 2023/08/09 12:0 p.m.12 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-38180 Microsoft .NET Core and Visual Studio Denial of Service Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors...

7.5CVSS7.1AI score0.15519EPSS
Exploits0References6
cisa
cisa
added 2023/04/28 12:0 p.m.12 views

CISA Requests for Comment on Secure Software Self-Attestation Form

CISA has issued requests for comment on the Secure Software Self-Attestation Form. CISA, in coordination with the Office of Budget and Management OMB, released proposed guidance on secure software. This guidance seeks to secure software leveraged by the federal government. CISA expects agencies t...

7AI score
Exploits0References3
cisa
cisa
added 2023/01/24 12:0 a.m.12 views

Apple Releases Security Updates for Multiple Products 

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security updates page for the following products and app...

2.2AI score
Exploits0References9
cisa
cisa
added 2023/01/24 12:0 a.m.12 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on January 24, 2023.These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

2.6AI score
Exploits0References2
cisa
cisa
added 2023/01/18 12:0 a.m.12 views

Mozilla Releases Security Updates for Firefox

Mozilla has released security updates to address vulnerabilities in Firefox ESR and Firefox. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla’s security advisories for Firefox ESR 102.7 and...

2.5AI score
Exploits0References2
cisa
cisa
added 2022/11/16 12:0 a.m.12 views

Cisco Releases Security Updates for Identity Services Engine

Cisco has released security updates for vulnerabilities affecting Cisco Identity Services Engine ISE. A remote attacker could exploit some of these vulnerabilities to bypass authorization and access system files. For updates addressing vulnerabilities, see the Cisco Security Advisories page. CISA...

1.9AI score
Exploits0References3
cisa
cisa
added 2022/11/09 12:0 a.m.12 views

Citrix Releases Security Updates for ADC and Gateway

Citrix has released security updates to address vulnerabilities in Citrix ADC and Citrix Gateway. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Citrix Security Updates CTX463706 and apply the...

2.7AI score
Exploits0References1
cisa
cisa
added 2022/11/03 12:0 a.m.12 views

Apple Releases Security Update for Xcode

Apple has released a security update to address vulnerabilities in Xcode. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Apple security...

2.6AI score
Exploits0References1
cisa
cisa
added 2022/10/25 12:0 a.m.12 views

CISA Upgrades to Version 2.0 of Traffic Light Protocol in One Week – Join Us!

On Nov. 1, 2022, CISA will upgrade from Traffic Light Protocol TLP 1.0 to TLP 2.0 in accordance with the recommendation by the Forum of Incident Response Security Teams FIRST that organizations move to 2.0 by the end of 2022. TLP Version 2.0 brings the following key updates: TLP:CLEAR replaces...

0.4AI score
Exploits0References8
cisa
cisa
added 2022/10/07 12:0 a.m.12 views

FBI and CISA Publish a PSA on Information Manipulation Tactics for 2022 Midterm Elections

The Federal Bureau of Investigation FBI and CISA have published a joint public service announcement that: Describes methods that foreign actors use to spread and amplify false information—including reports of alleged malicious cyber activity—in attempts to undermine trust in election...

0.9AI score
Exploits0References1
cisa
cisa
added 2022/10/04 12:0 a.m.12 views

CISA Releases Five Industrial Control Systems Advisories

CISA has released five 5 Industrial Control Systems ICS advisories on October 04, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for...

1.2AI score
Exploits0References5
cisa
cisa
added 2022/09/15 12:0 a.m.12 views

CISA Releases Eleven Industrial Control Systems Advisories

CISA has released eleven 11 Industrial Control Systems ICS advisories on September 15, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisori...

1.3AI score
Exploits0References11
cisa
cisa
added 2022/09/13 12:0 a.m.12 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary...

1.5AI score
Exploits0References8
cisa
cisa
added 2022/09/02 12:0 a.m.12 views

CISA, NSA, and ODNI Release Part One of Guidance on Securing the Software Supply Chain

CISA, the National Security Agency NSA, and the Office of the Director of National Intelligence ODNI, have published part one of a three-part joint publication series, Securing Software Supply Chain Series - Recommended Practices for Developers. This guidance—created by the Enduring Security...

1.5AI score
Exploits0References4
cisa
cisa
added 2022/08/03 12:0 a.m.12 views

VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities in VMware’s Workspace ONE Access, Access Connector, Identity Manager, Identity Manager Connector, and vRealize Automation. A remote attacker could exploit some of these vulnerabilities to take control of an affected system...

3AI score
Exploits0References1
cisa
cisa
added 2022/07/22 12:0 a.m.12 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple products. Some of these vulnerabilities could allow a remote attacker to execute take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA...

3.6AI score
Exploits0References1
cisa
cisa
added 2022/07/12 12:0 a.m.12 views

CISA Adds One Known Exploited Vulnerability to Catalog 

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

1.7AI score
Exploits0References5
cisa
cisa
added 2022/06/30 12:0 a.m.12 views

#StopRansomware: MedusaLocker

CISA, the Federal Bureau of Investigation FBI, the Department of the Treasury Treasury, and the Financial Crimes Enforcement Network FinCEN have released a joint Cybersecurity Advisory CSA, StopRansomware: MedusaLocker, to provide information on MedusaLocker ransomware. MedusaLocker actors target...

2.3AI score
Exploits0References4
cisa
cisa
added 2022/06/27 12:0 a.m.12 views

CISA Adds Eight Known Exploited Vulnerabilities to Catalog  

CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly...

1.7AI score
Exploits0References5
cisa
cisa
added 2022/06/22 12:0 a.m.12 views

Google Releases Security Updates for Chrome

Google has released Chrome version 103.0.5060.53 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update. Thi...

2.2AI score
Exploits0References1
cisa
cisa
added 2022/06/02 12:0 a.m.12 views

CISA Updates Advisory on Threat Actors Chaining Unpatched VMware Vulnerabilities

CISA has updated Cybersecurity Advisory AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control, originally released May 18, 2022. The advisory has been updated to include additional indicators of compromise and detection signatures, as well as tactics,...

2.2AI score
Exploits0References2
cisa
cisa
added 2022/06/01 12:0 a.m.12 views

Karakurt Data Extortion Group

CISA, the Federal Bureau of Investigation FBI, the Department of Treasury, and the Financial Crimes Enforcement Network FinCEN have released a joint Cybersecurity Advisory CSA to provide information on the Karakurt data extortion group. Karakurt actors steal data and threaten to auction it off or...

1.5AI score
Exploits0References1
cisa
cisa
added 2022/05/26 12:0 a.m.12 views

Citrix Releases Security Updates for ADC and Gateway

Citrix has released security updates to address vulnerabilities in ADC and Gateway. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review Citrix Security Update CTX457048 and apply the necessary updates. This...

2.4AI score
Exploits0References1
cisa
cisa
added 2022/05/26 12:0 a.m.12 views

CISA and DoD Release 5G Security Evaluation Process Investigation Study

CISA and the Department of Defense DoD have released their 5G Security Evaluation Process Investigation Study for federal agencies. The new features, capabilities, and services offered by fifth-generation 5G cellular network technology can transform mission and business operations; and federal...

0.3AI score
Exploits0References2
cisa
cisa
added 2022/05/05 12:0 a.m.12 views

Cisco Releases Security Updates for Enterprise NFV Infrastructure Software

Cisco has released security updates to address multiple vulnerabilities in Enterprise NFV Infrastructure Software. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Cisco advisory cisco-sa-NFVIS-MUL-7DySRX9 an...

2.3AI score
Exploits0References2
cisa
cisa
added 2022/04/28 12:0 a.m.12 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Cisco Security Advisories page and apply the necessary...

1.6AI score
Exploits0References1
cisa
cisa
added 2022/04/13 12:0 a.m.12 views

CISA Adds 10 Known Exploited Vulnerabilities to Catalog

CISA has added 10 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

1.7AI score
Exploits0References5
cisa
cisa
added 2022/04/07 12:0 a.m.12 views

Guidance on Sharing Cyber Incident Information

CISA’s Sharing Cyber Event Information Fact Sheet provides our stakeholders with clear guidance and information about what to share, who should share, and how to share information about unusual cyber incidents or activity. CISA uses this information from partners to build a common understanding o...

1.6AI score
Exploits0References3
cisa
cisa
added 2022/04/06 12:0 a.m.12 views

Google Releases Security Updates for Chrome

Google has released Chrome version 100.0.4896.75 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates as...

2.2AI score
Exploits0References1
cisa
cisa
added 2022/03/30 12:0 a.m.12 views

Google Releases Security Updates for Chrome

Google has released Chrome version 100.0.4896.60 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update. Thi...

2.2AI score
Exploits0References1
cisa
cisa
added 2022/03/30 12:0 a.m.12 views

FBI Releases PIN on Phishing Campaign against U.S. Election Officials

The Federal Bureau of Investigation FBI has released a Private Industry Notification PIN to warn U.S. election and other state and local government officials about invoice-themed phishing emails that could be used to harvest officials’ login credentials. CISA encourages federal, state, and local...

0.8AI score
Exploits0References1
cisa
cisa
added 2022/03/16 12:0 a.m.12 views

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security page and apply the necessary updates. This...

6.9AI score
Exploits0References1
cisa
cisa
added 2022/03/08 12:0 a.m.12 views

SAP Releases March 2022 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for March 2022 and apply the necessary...

7.1AI score
Exploits0References1
cisa
cisa
added 2022/03/08 12:0 a.m.12 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary...

7AI score
Exploits0References3
cisa
cisa
added 2022/02/26 12:0 a.m.12 views

CISA Releases Advisory on Destructive Malware Targeting Organizations in Ukraine

CISA and the Federal Bureau of Investigation have released an advisory on destructive malware targeting organizations in Ukraine. The advisory also provides recommendations and strategies to prepare for and respond to destructive malware. Additionally, CISA has created a new Shields Up Technical...

6.8AI score
Exploits0References4
cisa
cisa
added 2022/02/24 12:0 a.m.12 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit one of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

7.4AI score
Exploits0References4
cisa
cisa
added 2022/02/03 12:0 a.m.12 views

Cisco Releases Security Updates for RV Series Routers

Cisco has released security updates to address vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the...

7AI score
Exploits0References2
Total number of security vulnerabilities4188