Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2010/04/30 12:0 a.m.12 views

Opera Software Releases Opera 10.53

Opera Software has released Opera 10.53 to address a vulnerability. Exploitation of this vulnerability may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Opera Software security advisory related to this vulnerability and upgrade to Opera 10....

7.5AI score
Exploits0References3
CISA
CISA
added 2010/04/23 12:0 a.m.12 views

Microsoft Revokes Security Update

The Microsoft Security Response Center has posted a blog entry indicating that it has revoked the update related to Microsoft security bulletin MS10-025 because it does not effectively correct the underlying vulnerability. This vulnerability affects Windows Media Services running on Windows 2000...

6.5AI score
Exploits0References3
CISA
CISA
added 2010/04/05 12:0 a.m.12 views

Foxit Reader 3.2.1.0401 Released

The Foxit Corporation has released Foxit Reader 3.2.1.0401 to address a critical vulnerability. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Foxit notice regarding the release a...

7.5AI score
Exploits0References2
CISA
CISA
added 2010/03/29 12:0 a.m.12 views

Apple Releases Security Update 2010-002 and Mac OS X v10.6.3

Apple has released Security Update 2010-002 and Mac OS X v10.6.3 to address multiple vulnerabilities that affect a number of applications. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, bypass security...

7.6AI score
Exploits0References1
CISA
CISA
added 2010/03/25 12:0 a.m.12 views

Cisco Releases Security Advisories for IOS Software

Cisco has released a bundled publication, which contains seven security advisories, to address multiple vulnerabilities in Cisco IOS Software. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators ...

7.9AI score
Exploits0References1
CISA
CISA
added 2010/03/23 12:0 a.m.12 views

Mozilla Releases Firefox 3.6.2

The Mozilla Foundation has released Firefox 3.6.2 to address multiple security issues, including a critical vulnerability that may allow a remote attacker to execute arbitrary code. US-CERT encourages users and administrators to do the following to help mitigate the risks: Review the Firefox 3.6....

7.5AI score
Exploits0References4
CISA
CISA
added 2010/02/12 12:0 a.m.12 views

Adobe Releases Security Bulletins for Acrobat, Reader, and Flash Player

Adobe has released two security bulletins to address vulnerabilities in Adobe Acrobat, Reader, and Flash Player. The first bulletin, APSB10-06, is a security update for Adobe Flash Player and Adobe AIR that addresses a critical vulnerability. Exploitation of these vulnerabilities may allow an...

7.6AI score
Exploits0References4
CISA
CISA
added 2010/01/28 12:0 a.m.12 views

Cisco Releases Security Advisory for Unified MeetingPlace

Cisco has released a security advisory to address multiple vulnerabilities in Unified MeetingPlace. These vulnerabilities may allow a remote, unauthenticated attacker to obtain sensitive information, manipulate configuration data, create unauthorized accounts, operate with elevated privileges or...

7AI score
Exploits0References2
CISA
CISA
added 2010/01/13 12:0 a.m.12 views

IRS Warns of Online Scams

US-CERT is aware of reports of tax season phishing scams. The U.S. Internal Revenue Service has issued a news release on its website warning consumers about potential scams. These scams are circulating via fraudulent email or other online messages appearing to come from the IRS. They attempt to...

6.8AI score
Exploits0References4
CISA
CISA
added 2010/01/12 12:0 a.m.12 views

Oracle Releases Critical Patch Update for January 2010

Oracle has released its Critical Patch Update for January 2010 to address 24 vulnerabilities across several products. This update contains the following security fixes: 10 for Oracle Database 3 for Oracle Application Server 3 for the Oracle Applications Suite 1 for PeopleSoft and JD Edwards Suite...

6.6AI score
Exploits0References3
CISA
CISA
added 2010/01/08 12:0 a.m.12 views

VMware Releases Multiple Updates for ESX

VMware has released Security Advisory VMSA-2010-0001 to address multiple vulnerabilities in ESX Service Console packages for Network Security Services NSS and NetScape Portable Runtime NSPR. Exploitation of these vulnerabilities may allow an attacker to obtain sensitive information, cause a...

7AI score
Exploits0References6
CISA
CISA
added 2026/06/12 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-35273link is external Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability This type of vulnerability is a...

9.8CVSS5.8AI score0.9233EPSS
Exploits3References7
CISA
CISA
added 2026/06/03 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-45247link is external Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability This type of vulnerability is a frequent attack vector...

9.8CVSS5.8AI score0.27546EPSS
Exploits1References6
CISA
CISA
added 2026/05/08 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-42208link is external BerriAI LiteLLM SQL Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses...

9.8CVSS6.1AI score0.84518EPSS
Exploits7References6
CISA
CISA
added 2026/04/22 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-33825link is external Microsoft Defender Insufficient Granularity of Access Control Vulnerability This type of vulnerability is a frequent attack vector for...

7.8CVSS5.8AI score0.06749EPSS
Exploits3References6
CISA
CISA
added 2026/04/20 12:0 p.m.11 views

CISA Adds Eight Known Exploited Vulnerabilities to Catalog

CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2023-27351link is external PaperCut NG/MF Improper Authentication Vulnerability CVE-2024-27199link is external JetBrains TeamCity Relative Path Traversal...

8.2CVSS5.8AI score0.99991EPSS
Exploits13References13
CISA
CISA
added 2026/03/19 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-20131link is external Cisco Secure Firewall Management Center FMC Software and Cisco Security Cloud Control SCC Firewall Management Deserialization of...

10CVSS5.9AI score0.27551EPSS
Exploits4References6
CISA
CISA
added 2025/11/21 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-61757link is external Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability This type of vulnerability is a frequent attack...

9.8CVSS6.8AI score0.88312EPSS
Exploits1References6
CISA
CISA
added 2025/11/18 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-58034link is external Fortinet FortiWeb OS Command Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

7.2CVSS7.3AI score0.54376EPSS
Exploits9References8
CISA
CISA
added 2025/11/14 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-64446link is external Fortinet FortiWeb Path Traversal Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and...

9.8CVSS6.9AI score0.89526EPSS
Exploits17References6
CISA
CISA
added 2025/10/06 12:0 p.m.11 views

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2010-3765link is external Mozilla Multiple Products Remote Code Execution Vulnerability CVE-2010-3962link is external Microsoft Internet Explorer Uninitialize...

9.8CVSS7.2AI score0.99722EPSS
Exploits68References12
CISA
CISA
added 2025/10/02 12:0 p.m.11 views

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2014-6278link is external GNU Bash OS Command Injection Vulnerability CVE-2015-7755link is external Juniper ScreenOS Improper Authentication Vulnerability...

10CVSS7.7AI score0.99686EPSS
Exploits80References10
CISA
CISA
added 2025/08/06 12:0 p.m.11 views

UPDATE: Microsoft Releases Guidance on Exploitation of SharePoint Vulnerabilities

Update 08/06/2025: CISA released a Malware Analysis Report MAR on six files related to CVE-2025-49704link is external, CVE-2025-49706link is external, CVE-2025-53770link is external, and CVE-2025-53771link is external. For more information see MAR-251132.c1.v1 Exploitation of SharePoint...

8.8CVSS8.2AI score0.99907EPSS
Exploits9References24
CISA
CISA
added 2025/07/07 12:0 p.m.11 views

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2014-3931link is external Multi-Router Looking Glass MRLG Buffer Overflow Vulnerability CVE-2016-10033link is external PHPMailer Command Injection Vulnerabilit...

9.8CVSS7.9AI score0.99714EPSS
Exploits87References9
CISA
CISA
added 2025/06/10 12:0 p.m.11 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-24016link is external Wazuh Server Deserialization of Untrusted Data Vulnerability CVE-2025-33053link is external Web Distributed Authoring and Versioning...

9.9CVSS7.3AI score0.92579EPSS
Exploits20References7
CISA
CISA
added 2025/06/02 12:0 p.m.11 views

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA added five new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2021-32030link is external ASUS Routers Improper Authentication Vulnerability CVE-2023-39780link is external ASUS RT-AX55 Routers OS Command Injection Vulnerabilit...

9.8CVSS8AI score0.99351EPSS
Exploits11References11
CISA
CISA
added 2025/05/13 12:0 p.m.11 views

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-30400link is external Microsoft Windows DWM Core Library Use-After-Free Vulnerability CVE-2025-32701link is external Microsoft Windows Common Log File System...

7.8CVSS7AI score0.21562EPSS
Exploits9References10
CISA
CISA
added 2024/12/23 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-44207link is external Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability These types of vulnerabilities are frequent attack vectors for malicio...

8.1CVSS7.3AI score0.17578EPSS
Exploits0References6
CISA
CISA
added 2024/10/08 12:0 p.m.11 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-43047link is external Qualcomm Multiple Chipsets Use-After-Free Vulnerability CVE-2024-43572link is external Microsoft Windows Management Console Remote Code...

8.1CVSS7.7AI score0.60954EPSS
Exploits0References8
CISA
CISA
added 2024/09/13 12:0 p.m.11 views

CISA Releases Analysis of FY23 Risk and Vulnerability Assessments

CISA has released an analysis and infographic detailing the findings from the 143 Risk and Vulnerability Assessments RVAs conducted across multiple critical infrastructure sectors in fiscal year 2023 FY23. The analysis details a sample attack path including tactics and steps a cyber threat actor...

7.2AI score
Exploits0References5
CISA
CISA
added 2024/09/10 12:0 p.m.11 views

Citrix Releases Security Updates for Citrix Workspace App for Windows

Citrix released security updates to address multiple vulnerabilities in the Citrix Workspace App for Windows. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessar...

7.3CVSS7.3AI score0.00246EPSS
Exploits1References1
CISA
CISA
added 2024/09/03 12:0 p.m.11 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-20123link is external Draytek VigorConnect Path Traversal Vulnerability CVE-2021-20124link is external Draytek VigorConnect Path Traversal Vulnerability...

9.3CVSS8AI score0.74279EPSS
Exploits2References8
CISA
CISA
added 2024/08/27 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38856link is external Apache OFBiz Incorrect Authorization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors an...

9.8CVSS7.3AI score0.99427EPSS
Exploits10References6
CISA
CISA
added 2024/08/26 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-7971link is external Google Chromium V8 Type Confusion Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and po...

9.6CVSS9.7AI score0.19272EPSS
Exploits2References6
CISA
CISA
added 2024/05/20 12:0 p.m.11 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-4947 Google Chromium V8 Type Confusion Vulnerability CVE-2023-43208 NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability These type...

9.8CVSS7.2AI score0.82708EPSS
Exploits23References7
CISA
CISA
added 2024/04/11 12:0 p.m.11 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-3272 D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability CVE-2024-3273 D-Link Multiple NAS Devices Command Injection Vulnerability These...

10CVSS7.5AI score0.99997EPSS
Exploits10References7
CISA
CISA
added 2024/03/29 12:0 p.m.11 views

Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094

CISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094link is external. XZ Utils is data compression software and may be present in Linux distributions. The malicious code may all...

10CVSS9.6AI score0.85974EPSS
Exploits40References2
CISA
CISA
added 2024/02/12 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-43770link is external Roundcube Webmail Persistent Cross-Site Scripting XSS Vulnerability These types of vulnerabilities are frequent attack vectors for maliciou...

6.1CVSS6.3AI score0.58483EPSS
Exploits2References6
CISA
CISA
added 2024/01/18 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-35082 Ivanti Endpoint Manager Mobile EPMM and MobileIron Core Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for...

10CVSS7.2AI score0.99999EPSS
Exploits2References6
CISA
CISA
added 2024/01/10 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29357 Microsoft SharePoint Server Privilege Escalation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and po...

9.8CVSS7.2AI score0.99618EPSS
Exploits10References6
CISA
CISA
added 2023/12/12 12:0 p.m.11 views

The Apache Software Foundation Updates Struts 2

The Apache Software Foundation has released security updates to address a vulnerability CVE-2023-50164 in Struts 2. A remote attacker could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the Apache Security Bulletinlink is...

9.8CVSS9.6AI score0.80819EPSS
Exploits15References1
CISA
CISA
added 2023/10/30 12:0 p.m.11 views

VMware Releases Advisory for VMware Tools Vulnerabilities

VMware released a security advisory addressing multiple vulnerabilities CVE-2023-34057, CVE-2023-34058 in VMware Tools. A cyber actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the VMware advisory...

7.8CVSS8.1AI score0.00667EPSS
Exploits0References1
CISA
CISA
added 2023/08/09 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-38180 Microsoft .NET Core and Visual Studio Denial of Service Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors...

7.5CVSS7.1AI score0.15519EPSS
Exploits0References6
CISA
CISA
added 2023/05/01 12:0 p.m.11 views

CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans

The Federal Communications Commission FCC maintains a Covered List of communications equipment and services that have been determined by the U.S. government to pose an unacceptable risk to the national security of the United States or the security and safety of United States persons to national...

7.7AI score
Exploits0References7
CISA
CISA
added 2023/02/14 12:0 a.m.11 views

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security updates page for the following products and apply the...

1.7AI score
Exploits0References3
CISA
CISA
added 2023/02/14 12:0 a.m.11 views

Mozilla Releases Security Updates for Firefox 110 and Firefox ESR

Mozilla has released security updates to address vulnerabilities in Firefox 110 and Firefox ESR. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla’s security advisories for Firefox 110 and Firefox ESR...

2.2AI score
Exploits0References2
CISA
CISA
added 2023/01/24 12:0 a.m.11 views

Apple Releases Security Updates for Multiple Products 

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security updates page for the following products and app...

2.2AI score
Exploits0References9
CISA
CISA
added 2022/12/13 12:0 a.m.11 views

NSA, CISA, and ODNI Release Guidance on Potential Threats to 5G Network Slicing

Today, the National Security Agency NSA, CISA, and the Office of the Director of National Intelligence ODNI, published Potential Threats to 5G Network Slicing. This guidance—created by the Enduring Security Framework ESF, a public-private cross-sector working group led by the NSA and CISA—present...

2.7AI score
Exploits0References3
CISA
CISA
added 2022/12/13 12:0 a.m.11 views

VMware Releases Security Updates for Multiple products

VVMware has released security updates to address multiple vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisories VMSA-2022-0031,...

2.5AI score
Exploits0References2
CISA
CISA
added 2022/12/09 12:0 a.m.11 views

Cisco Releases Security Advisory for IP Phone 7800 and 8800 Series

Cisco released a security advisory for a vulnerability affecting IP Phone 7800 and 8800 Series. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For more information, see the Cisco Security Advisories page. CISA encourages users and administrators to revi...

1.9AI score
Exploits0References2
Total number of security vulnerabilities4188