Lucene search
+L
CisaMost viewed

4188 matches found

CISA
CISA
added 2010/04/23 12:0 a.m.12 views

Microsoft Revokes Security Update

The Microsoft Security Response Center has posted a blog entry indicating that it has revoked the update related to Microsoft security bulletin MS10-025 because it does not effectively correct the underlying vulnerability. This vulnerability affects Windows Media Services running on Windows 2000...

6.5AI score
Exploits0References3
CISA
CISA
added 2010/04/21 12:0 a.m.12 views

Google Releases Chrome 4.1.249.1059

Google has released Chrome 4.1.249.1059 for Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, conduct cross-site scripting attacks, or conduct cross-site request forgery attacks. US-CERT encourages users and administrators to revie...

7.1AI score
Exploits0References1
CISA
CISA
added 2010/03/26 12:0 a.m.12 views

US Tax Season Phishing Scams and Malware Campaigns

In the past, US-CERT has received reports of an increased number of phishing scams and malware campaigns that take advantage of the United States tax season. Due to the upcoming tax deadline, US-CERT reminds users to remain cautious when receiving unsolicited email that could be part of a potenti...

6.7AI score
Exploits0References3
CISA
CISA
added 2010/03/02 12:0 a.m.12 views

Microsoft Releases Security Advisory to Address VBScript Vulnerability

Microsoft has released a security advisory to address a vulnerability in VBScript. The advisory indicates that this vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer. By convincing a user to view a specially crafted HTML document web page...

6.8AI score
Exploits0References3
CISA
CISA
added 2010/02/12 12:0 a.m.12 views

Adobe Releases Security Bulletins for Acrobat, Reader, and Flash Player

Adobe has released two security bulletins to address vulnerabilities in Adobe Acrobat, Reader, and Flash Player. The first bulletin, APSB10-06, is a security update for Adobe Flash Player and Adobe AIR that addresses a critical vulnerability. Exploitation of these vulnerabilities may allow an...

7.6AI score
Exploits0References4
CISA
CISA
added 2010/01/28 12:0 a.m.12 views

Cisco Releases Security Advisory for Unified MeetingPlace

Cisco has released a security advisory to address multiple vulnerabilities in Unified MeetingPlace. These vulnerabilities may allow a remote, unauthenticated attacker to obtain sensitive information, manipulate configuration data, create unauthorized accounts, operate with elevated privileges or...

7AI score
Exploits0References2
CISA
CISA
added 2026/05/08 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-42208link is external BerriAI LiteLLM SQL Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses...

9.8CVSS6.1AI score0.86607EPSS
Exploits7References6
CISA
CISA
added 2026/04/28 12:0 p.m.11 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2024-1708link is external ConnectWise ScreenConnect Path Traversal Vulnerability CVE-2026-32202link is external Microsoft Windows Protection Mechanism Failure...

8.4CVSS8.7AI score0.87624EPSS
Exploits8References7
CISA
CISA
added 2026/04/22 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-33825link is external Microsoft Defender Insufficient Granularity of Access Control Vulnerability This type of vulnerability is a frequent attack vector for...

7.8CVSS5.8AI score0.06749EPSS
Exploits3References6
CISA
CISA
added 2026/04/02 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-3502link is external TrueConf Client Download of Code Without Integrity Check Vulnerability This type of vulnerability is a frequent attack vector for...

7.8CVSS6.1AI score0.0575EPSS
Exploits2References6
CISA
CISA
added 2026/03/19 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-20131link is external Cisco Secure Firewall Management Center FMC Software and Cisco Security Cloud Control SCC Firewall Management Deserialization of...

10CVSS5.9AI score0.27551EPSS
Exploits4References6
CISA
CISA
added 2026/02/25 12:0 p.m.11 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2022-20775link is external Cisco Catalyst SD-WAN Path Traversal Vulnerability CVE-2026-20127link is external Cisco Catalyst SD-WAN Controller and Manager...

10CVSS5.6AI score0.57793EPSS
Exploits11References7
CISA
CISA
added 2026/01/23 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2024-37079link is external Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability This type of vulnerability is a frequent attack vector for malicious...

9.8CVSS5.5AI score0.22377EPSS
Exploits0References6
CISA
CISA
added 2026/01/21 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-20045link is external Cisco Unified Communications Products Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious...

9.8CVSS5.6AI score0.04307EPSS
Exploits1References6
CISA
CISA
added 2025/12/29 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-14847link is external MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability This type of vulnerability is a frequent...

8.7CVSS6.9AI score0.83007EPSS
Exploits39References6
CISA
CISA
added 2025/12/23 12:0 p.m.11 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS Advisory. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-177-01 Mitsubishi Electric Air Conditioning Systems Update B CISA encourages users and administrators to...

6.6AI score
Exploits0References1
CISA
CISA
added 2025/12/17 12:0 p.m.11 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-20393link is external Cisco Multiple Products Improper Input Validation Vulnerability CVE-2025-40602link is external SonicWall SMA1000 Missing...

10CVSS6.7AI score0.2951EPSS
Exploits3References8
CISA
CISA
added 2025/11/06 12:0 p.m.12 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-310-01 Advantech DeviceOn iEdge ICSA-25-310-02 Ubia Ubox ICSA-25-310-03 ABB FLXeon Controllers...

6.6AI score
Exploits0References4
CISA
CISA
added 2025/10/30 12:0 p.m.11 views

New Guidance Released on Microsoft Exchange Server Security Best Practices

Today, CISA, in partnership with the National Security Agency and international cybersecurity partners, released Microsoft Exchange Server Security Best Practices, a guide to help network defenders harden on-premises Exchange servers against exploitation by malicious actors. Threat activity...

6.9AI score
Exploits0References2
CISA
CISA
added 2025/08/06 12:0 p.m.11 views

CISA Releases Malware Analysis Report Associated with Microsoft SharePoint Vulnerabilities

CISA published a Malware Analysis Report MAR with analysis and associated detection signatures on files related to Microsoft SharePoint vulnerabilities: CVE-2025-49704link is external CWE-94: Code Injectionlink is external, CVE-2025-49706link is external CWE-287: Improper Authenticationlink is...

9.8CVSS7.7AI score0.99979EPSS
Exploits41References14
CISA
CISA
added 2025/07/07 12:0 p.m.11 views

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2014-3931link is external Multi-Router Looking Glass MRLG Buffer Overflow Vulnerability CVE-2016-10033link is external PHPMailer Command Injection Vulnerabilit...

9.8CVSS7.9AI score0.99714EPSS
Exploits87References9
CISA
CISA
added 2024/12/13 12:0 p.m.11 views

CISA and EPA Release Joint Fact Sheet Detailing Risks Internet-Exposed HMIs Pose to WWS Sector

Today, CISA and the Environmental Protection Agency EPA released Internet-Exposed HMIs Pose Cybersecurity Risks to Water and Wastewater Systems. This joint fact sheet provides Water and Wastewater Systems WWS facilities with recommendations for limiting the exposure of Human Machine Interfaces HM...

7.2AI score
Exploits0References3
CISA
CISA
added 2024/09/10 12:0 p.m.11 views

Citrix Releases Security Updates for Citrix Workspace App for Windows

Citrix released security updates to address multiple vulnerabilities in the Citrix Workspace App for Windows. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessar...

7.3CVSS7.3AI score0.00246EPSS
Exploits1References1
CISA
CISA
added 2024/09/03 12:0 p.m.11 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-20123link is external Draytek VigorConnect Path Traversal Vulnerability CVE-2021-20124link is external Draytek VigorConnect Path Traversal Vulnerability...

9.3CVSS8AI score0.74279EPSS
Exploits2References8
CISA
CISA
added 2024/08/27 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38856link is external Apache OFBiz Incorrect Authorization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors an...

9.8CVSS7.3AI score0.99427EPSS
Exploits10References6
CISA
CISA
added 2024/03/29 12:0 p.m.11 views

Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094

CISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094link is external. XZ Utils is data compression software and may be present in Linux distributions. The malicious code may all...

10CVSS9.6AI score0.85974EPSS
Exploits40References2
CISA
CISA
added 2024/02/12 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-43770link is external Roundcube Webmail Persistent Cross-Site Scripting XSS Vulnerability These types of vulnerabilities are frequent attack vectors for maliciou...

6.1CVSS6.3AI score0.58483EPSS
Exploits2References6
CISA
CISA
added 2024/01/18 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-35082 Ivanti Endpoint Manager Mobile EPMM and MobileIron Core Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for...

10CVSS7.2AI score0.99999EPSS
Exploits2References6
CISA
CISA
added 2023/12/19 12:0 p.m.11 views

CISA and FBI Release Advisory on ALPHV Blackcat Affiliates

Today, CISA and the Federal Bureau of Investigation FBI released a joint Cybersecurity Advisory CSA, StopRansomware: ALPHV Blackcat, to disseminate known ALPHV Blackcat affiliates’ tactics, techniques, and procedures TTPs and indicators of compromise IOCs identified through FBI investigations as...

7.2AI score
Exploits0References4
CISA
CISA
added 2023/09/14 12:0 p.m.11 views

CISA Adds One Known Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-26369 Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

7.8CVSS7.1AI score0.07036EPSS
Exploits0References7
CISA
CISA
added 2023/09/06 12:0 p.m.11 views

CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

The Cybersecurity and Infrastructure Security Agency CISA has released an update to a previously published Cybersecurity Advisory CSA, Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells. The CSA—originally released to warn network defenders of critical infrastructure organizations...

9.8CVSS10AI score0.99445EPSS
Exploits16References4
CISA
CISA
added 2023/08/07 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2017-18368 Zyxel P660HN-T1A Routers Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

10CVSS7.3AI score0.94508EPSS
Exploits2References6
CISA
CISA
added 2023/06/23 12:0 p.m.11 views

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-32434 Apple Multiple Products Integer Overflow Vulnerability CVE-2023-32435 Apple iOS and iPadOS WebKit Memory Corruption Vulnerability CVE-2023-32439 Apple...

9.8CVSS6.7AI score0.84195EPSS
Exploits3References10
CISA
CISA
added 2023/02/14 12:0 a.m.11 views

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security updates page for the following products and apply the...

1.7AI score
Exploits0References3
CISA
CISA
added 2023/02/14 12:0 a.m.11 views

Mozilla Releases Security Updates for Firefox 110 and Firefox ESR

Mozilla has released security updates to address vulnerabilities in Firefox 110 and Firefox ESR. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla’s security advisories for Firefox 110 and Firefox ESR...

2.2AI score
Exploits0References2
CISA
CISA
added 2023/01/10 12:0 a.m.11 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on January 10, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

2.9AI score
Exploits0References2
CISA
CISA
added 2022/12/13 12:0 a.m.11 views

CISA Updates Advisory on #StopRansomware: Cuba Ransomware

The Federal Bureau of Investigation FBI and CISA have updated joint Cybersecurity Advisory AA22-335A: StopRansomware: Cuba Ransomware, originally released on December 01, 2022. The advisory has been updated to include additional indicators of compromise IOCs. CISA encourages organizations to revi...

2.8AI score
Exploits0References2
CISA
CISA
added 2022/12/13 12:0 a.m.11 views

NSA, CISA, and ODNI Release Guidance on Potential Threats to 5G Network Slicing

Today, the National Security Agency NSA, CISA, and the Office of the Director of National Intelligence ODNI, published Potential Threats to 5G Network Slicing. This guidance—created by the Enduring Security Framework ESF, a public-private cross-sector working group led by the NSA and CISA—present...

2.7AI score
Exploits0References3
CISA
CISA
added 2022/12/13 12:0 a.m.11 views

VMware Releases Security Updates for Multiple products

VVMware has released security updates to address multiple vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisories VMSA-2022-0031,...

2.5AI score
Exploits0References2
CISA
CISA
added 2022/12/09 12:0 a.m.11 views

Cisco Releases Security Advisory for IP Phone 7800 and 8800 Series

Cisco released a security advisory for a vulnerability affecting IP Phone 7800 and 8800 Series. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For more information, see the Cisco Security Advisories page. CISA encourages users and administrators to revi...

1.9AI score
Exploits0References2
CISA
CISA
added 2022/12/01 12:0 a.m.11 views

CISA Releases Three Industrial Control Systems Advisories

CISA has released three 3 Industrial Control Systems ICS advisories on December 1, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories f...

2.4AI score
Exploits0References3
CISA
CISA
added 2022/11/03 12:0 a.m.11 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates for vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

2.2AI score
Exploits0References1
CISA
CISA
added 2022/10/19 12:0 a.m.11 views

Oracle Releases October 2022 Critical Patch Update

Oracle has released its Critical Patch Update for October 2022. This update addresses 366 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Oracle’s...

2.4AI score
Exploits0References1
CISA
CISA
added 2022/10/07 12:0 a.m.11 views

CISA Releases Three Industrial Control Systems Advisories

CISA has released three Industrial Control Systems ICS advisories on October 11, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

1.3AI score
Exploits0References3
CISA
CISA
added 2022/09/30 12:0 a.m.11 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates for vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing high and low severity vulnerabilities, see the Cisco Security Advisories page. CISA...

1.5AI score
Exploits0References1
CISA
CISA
added 2022/09/30 12:0 a.m.11 views

Hurricane-Related Scams 

CISA warns users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following a hurricane. Fraudulent emails—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with...

1.5AI score
Exploits0References6
CISA
CISA
added 2022/09/27 12:0 a.m.11 views

CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite

CISA and the Multi-State Information Sharing & Analysis Center MS-ISAC has updated joint Cybersecurity Advisory AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite, originally released August 16, 2022. The advisory has been updated to include additional Malware...

1.3AI score
Exploits0References2
CISA
CISA
added 2022/09/26 12:0 a.m.11 views

CISA Releases Three Industrial Control Systems Advisories

CISA has released three 3 Industrial Control Systems ICS advisories on September 27th, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisori...

2AI score
Exploits0References3
CISA
CISA
added 2022/09/22 12:0 a.m.11 views

CISA Has Added One Known Exploited Vulnerability to Catalog 

CISA has added one new vulnerability to it's Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added...

1.7AI score
Exploits0References5
CISA
CISA
added 2022/09/21 12:0 a.m.11 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

2.8AI score
Exploits0References3
Total number of security vulnerabilities4188