Lucene search
+L
CisaMost viewed

4188 matches found

cisa
cisa
•added 2015/08/20 12:0 a.m.•11 views

Apple Releases Security Update for QuickTime

Apple has released a security update to address multiple vulnerabilities in QuickTime for Windows 7 and Windows Vista. Exploitation of one of these vulnerabilities may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Apple security...

7AI score
Exploits0References1
cisa
cisa
•added 2015/08/13 12:0 a.m.•11 views

Apple Releases Security Updates for OS X Server, iOS, Safari, and Yosemite

Apple has released security updates for OS X Server, iOS, Safari, and Yosemite to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: iOS 8.4.1 for iPhone 4s and later, iPod...

7AI score
Exploits0References4
cisa
cisa
•added 2015/08/12 12:0 a.m.•11 views

Lenovo Service Engine (LSE) BIOS Vulnerability

Certain Lenovo personal computers contain a vulnerability in LSE a Lenovo BIOS feature. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Lenovo Security Advisories for notebooks and desktops...

6.9AI score
Exploits0References2
cisa
cisa
•added 2015/08/11 12:0 a.m.•11 views

Adobe Releases Security Updates for Flash Player

Adobe has released security updates to address multiple vulnerabilities in Flash Player for Windows, Macintosh, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe...

7.1AI score
Exploits0References1
cisa
cisa
•added 2015/07/31 12:0 a.m.•11 views

IC3 Issues Alert on DDoS Extortion Campaigns

The Internet Crime Complaint Center IC3 has issued an alert to U.S. businesses about a rise in extortion campaigns. In a typical incident, a business receives an e-mail threatening a Distributed Denial of Service DDoS attack to its website unless it pays a ransom. Businesses are warned against...

6.6AI score
Exploits0References2
cisa
cisa
•added 2015/07/21 12:0 a.m.•11 views

Google Releases Security Update for Chrome

Google has released Chrome version 44.0.2403.89 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases page and...

7.1AI score
Exploits0References1
cisa
cisa
•added 2015/04/15 12:0 a.m.•11 views

Adobe Releases Security Updates for Flash Player, ColdFusion, and Flex

Adobe has released three security updates to address multiple vulnerabilities in Flash Player, ColdFusion, and Flex. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system, or lead to a reflected cross-site scripting attack. Users and...

6.4AI score
Exploits0References3
cisa
cisa
•added 2015/04/08 12:0 a.m.•11 views

Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)

The Network Time Foundation's NTP Project has released an update addressing multiple vulnerabilities in ntpd. Exploitation of these vulnerabilities may allow an attacker to conduct a man-in-the-middle attack or cause a denial of service condition. Users and administrators are encouraged to review...

6.7AI score
Exploits0References2
cisa
cisa
•added 2015/03/20 12:0 a.m.•11 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and SeaMonkey

The Mozilla Foundation has released security updates to address vulnerabilities in Firefox, Firefox ESR, and SeaMonkey. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 36.0.4 Firefox ESR 31.5.3 SeaMonkey...

7.1AI score
Exploits0References3
cisa
cisa
•added 2015/03/12 12:0 a.m.•11 views

Adobe Releases Security Updates for Flash Player

Adobe has released security updates to address multiple vulnerabilities in Flash Player. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-05 and apply the...

7.1AI score
Exploits0References1
cisa
cisa
•added 2015/02/20 12:0 a.m.•11 views

Lenovo Computers Vulnerable to HTTPS Spoofing

Lenovo consumer personal computers employing the pre-installed Superfish VisualDiscovery software contain a critical vulnerability through a compromised root CA certificate. Exploitation of this vulnerability could allow a remote attacker to read all encrypted web browser traffic HTTPS,...

6.5AI score
Exploits0References2
cisa
cisa
•added 2015/02/10 12:0 a.m.•11 views

Microsoft Releases Critical Security Bulletin

Microsoft has released Security Bulletin MS15-011 to address a critical vulnerability in Windows. Exploitation of this vulnerability could allow a remote attacker to take complete control of an affected system. This security update contains a new policy feature UNC Hardened Access which is not...

6.7AI score
Exploits0References2
cisa
cisa
•added 2014/12/05 12:0 a.m.•11 views

VMware Releases Security Updates for vCenter Server, vCenter Server Appliance, and ESXi

VMware has released a security advisory to address multiple vulnerabilities in vCenter Server, vCenter Server Appliance, and ESXi. Exploitation of these vulnerabilities may allow a remote attacker to perform man-in-the-middle or cross-site scripting attacks. US-CERT encourages users and...

6.4AI score
Exploits0References1
cisa
cisa
•added 2014/11/11 12:0 a.m.•11 views

Microsoft Releases November 2014 Security Bulletin

Microsoft has released updates to address vulnerabilities in Windows, Office, Exchange, .NET Framework, SharePoint, and Internet Explorer as part of the Microsoft Security Bulletin Summary for November 2014. Some of these vulnerabilities could allow remote code execution, elevation of privilege, ...

7.4AI score
Exploits0References1
cisa
cisa
•added 2014/10/17 12:0 a.m.•11 views

Apple Releases Security Update 2014-005

Apple has released Security Update 2014-005 to address vulnerabilities in SSL 3.0. US-CERT recommends users and administrators review Apple Security Update HT6531 for additional details. This product is provided subject to this Notification and this Privacy & Use policy. Please share your thought...

6.8AI score
Exploits0References1
cisa
cisa
•added 2014/10/16 12:0 a.m.•11 views

OpenSSL Patches Four Vulnerabilities

OpenSSL has released updates patching four vulnerabilities, some of which may allow an attacker to cause a Denial of Service DoS condition or execute man-in-the-middle attacks. The following updates are available: OpenSSL 1.0.1 users should upgrade to 1.0.1j OpenSSL 1.0.0 users should upgrade to...

6.7AI score
Exploits0References1
cisa
cisa
•added 2014/10/08 12:0 a.m.•11 views

Cisco Releases Security Advisory for ASA Software

Cisco has released an advisory to address multiple vulnerabilities in the Cisco Adaptive Security Appliance ASA Software that could result in a denial of service condition. Cisco has released free software updates that address these vulnerabilities. Users and administrators are encouraged to revi...

6.9AI score
Exploits0References1
cisa
cisa
•added 2014/09/11 12:0 a.m.•11 views

Cisco Integrated Management Controller Vulnerability

Cisco has released an advisory to address a vulnerability in the Cisco Integrated Management Controller Cisco IMC SSH module of the Cisco Unified Computing System E-Series Blade servers that could allow an unauthenticated, remote attacker to cause a denial of service condition. Migration to relea...

6.7AI score
Exploits0References1
cisa
cisa
•added 2014/08/12 12:0 a.m.•11 views

Adobe Releases Security Updates for Flash Player, Adobe Reader and Acrobat

Adobe has released security updates to address multiple vulnerabilities in Flash Player, Adobe Reader and Acrobat. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system. Users and administrators are encouraged to review Adobe Security...

7AI score
Exploits0References2
cisa
cisa
•added 2014/07/15 12:0 a.m.•11 views

Oracle Releases July 2014 Security Advisory

Oracle has released its Critical Patch Update for July 2014 to address 113 vulnerabilities across multiple products. This update contains the following security fixes: 5 for Oracle Database Server 29 for Oracle Fusion Middleware 7 for Oracle Hyperion 1 for Oracle Enterprise Manager Grid Control 5...

6.9AI score
Exploits0References1
cisa
cisa
•added 2014/07/09 12:0 a.m.•11 views

Cisco Addresses Apache Struts 2 Vulnerability

Multiple Cisco products include an implementation of Apache Struts 2 which contains a vulnerability that could allow an unauthenticated, remote attacker to bypass security restrictions and execute arbitrary commands on a targeted system. Cisco products affected by this vulnerability include: Cisc...

7.6AI score
Exploits0References1
cisa
cisa
•added 2014/05/13 12:0 a.m.•11 views

Microsoft Releases May 2014 Security Bulletin

Microsoft has released updates to address vulnerabilities in Windows, Office, Internet Explorer, Server Software, Office Services, Web Apps, and Productivity Software as part of the Microsoft Security Bulletin Summary for May 2014. These vulnerabilities could allow remote code executions. US-CERT...

7.3AI score
Exploits0References1
cisa
cisa
•added 2014/05/13 12:0 a.m.•11 views

Google Releases Security Update for Chrome

Google has released Chrome 34.0.1847.137 for Windows, Mac, and Linux to address multiple vulnerabilities. Some of these vulnerabilities could potentially allow an attacker to take control of the affected system. US-CERT encourages users and administrators to review the Google Chrome Blog post and...

7AI score
Exploits0References1
cisa
cisa
•added 2014/04/08 12:0 a.m.•11 views

Microsoft Releases April 2014 Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Office, Office Services, Web Apps, Windows and Internet Explorer as part of the Microsoft Security Bulletin Summary for April, 2014. These vulnerabilities could allow remote code executions. US-CERT encourages users and...

7.3AI score
Exploits0References1
cisa
cisa
•added 2014/03/12 12:0 a.m.•11 views

Google Releases Chrome Update

Google has released Google Chrome 33.0.1750.149 for Windows, Mac, and Linux to address multiple vulnerabilities, some of which could allow a remote, unauthenticated attacker to compromise a vulnerable system. US-CERT encourages users and administrators to review the Google Chrome release blog ent...

6.8AI score
Exploits0References1
cisa
cisa
•added 2014/02/21 12:0 a.m.•11 views

Cisco UCS Director Default Credentials Vulnerability

Cisco has released a security advisory to address a vulnerability in Cisco Unified Computing System UCS Director. This vulnerability could allow an unauthenticated, remote attacker to take complete control of the affected device due to a default root user account created during installation...

6.8AI score
Exploits0References1
cisa
cisa
•added 2014/02/14 12:0 a.m.•11 views

Internet Explorer 10 Use-After-Free Vulnerability Being Actively Exploited In The Wild

An unpatched Internet Explorer 10 use-after-free vulnerability is being exploited in the wild. CERT/CC Vulnerability Note VU732479 has been published with further details about the vulnerability. US-CERT recommends users protect themselves against this exploit by using Microsoft's EMET utility,...

6.8AI score
Exploits0References2
cisa
cisa
•added 2014/02/04 12:0 a.m.•11 views

Mozilla Releases Multiple Updates

The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities: Firefox 27 Firefox ESR 24.3 Thunderbird 24.3 Seamonkey 2.24 These vulnerabilities could allow a remote attacker to execute arbitrary code, bypass intended access restrictions, cause a...

7.7AI score
Exploits0References4
cisa
cisa
•added 2014/01/22 12:0 a.m.•11 views

Cisco Releases Multiple Security Advisories

Cisco has released three security advisories to address multiple vulnerabilities. These vulnerabilities may allow a local unauthenticated user to execute arbitrary commands with escalated privileges or cause a denial-of-service DoS condition. These vulnerabilities affect the following: Cisco...

8AI score
Exploits0References3
cisa
cisa
•added 2014/01/14 12:0 a.m.•11 views

Oracle Releases January 2014 Security Advisory

Oracle has released its Critical Patch Update for January 2014 to address 144 vulnerabilities across multiple products. This update contains the following security fixes: 5 for Oracle Database Server 22 for Oracle Fusion Middleware 2 for Oracle Hyperion 4 for Oracle E-Business Suite 16 for Oracle...

6.9AI score
Exploits0References1
cisa
cisa
•added 2013/11/13 12:0 a.m.•11 views

Adobe Releases Security Updates for Adobe Flash Player

Adobe has released security updates for Adobe Flash Player to address multiple vulnerabilities. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system. Adobe has released updates to the following products: Adobe Flas...

7AI score
Exploits0References1
cisa
cisa
•added 2013/10/29 12:0 a.m.•11 views

Mozilla Releases Updates for Firefox, Thunderbird, and Seamonkey

The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities: Firefox 25.0 Firefox ESR 24.1 Firefox ESR 17.0.10 Thunderbird 24.1 Thunderbird ESR 17.0.10 Seamonkey 2.22 These vulnerabilities could allow a remote attacker to execute arbitrary code, bypa...

7.7AI score
Exploits0References6
cisa
cisa
•added 2013/10/04 12:0 a.m.•11 views

Apple Releases OS X Mountain Lion v10.8.5 Supplemental Update

Apple has released an OS X Mountain Lion v10.8.5 Supplemental Update to address a vulnerability. This vulnerability could potentially allow a local attacker to bypass authentication controls. US-CERT encourages users and administrator to review Apple Security Article HT5964 and apply any necessar...

6.7AI score
Exploits0References1
cisa
cisa
•added 2013/10/03 12:0 a.m.•11 views

Google Releases Google Chrome 30

Google has released Chrome 30 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to cause a denial of service condition, spoof the address bar, or obtain sensitive information. US-CERT encourages users and...

6.9AI score
Exploits0References1
cisa
cisa
•added 2013/09/06 12:0 a.m.•11 views

Cisco Releases Security Advisory for Cisco WebEx Players

Cisco has released a security advisory to address multiple vulnerabilities in Cisco WebEx Recording Format WRF and Advanced Recording Format ARF Players. These vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial of service condition. US-CERT encourages users...

7.8AI score
Exploits0References1
cisa
cisa
•added 2013/08/24 12:0 a.m.•11 views

Cisco Releases Security Advisories

Cisco has released three security advisories to address multiple vulnerabilities. These vulnerabilities may allow an unauthenticated, remote attacker the ability to modify data, execute arbitrary commands, or cause a denial of service DoS condition. US-CERT encourages users and administrators to...

7.5AI score
Exploits0References3
cisa
cisa
•added 2013/08/01 12:0 a.m.•11 views

Google Releases Google Chrome 28.0.1500.95

Google has released Google Chrome 28.0.1500.95 for Chrome Frame, Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to bypass intended restrictions or cause a denial-of-service condition. US-CERT encourages users and administrators to...

7AI score
Exploits0References1
cisa
cisa
•added 2013/06/26 12:0 a.m.•11 views

Mozilla Releases Multiple Updates

The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities. Firefox 22.0 Firefox ESR 17.0.7 Thunderbird 17.0.7 Thunderbird ESR 17.0.7 These vulnerabilities could allow a remote attacker to execute arbitrary code and potentially cause a cross-site...

7.1AI score
Exploits0References4
cisa
cisa
•added 2013/05/16 12:0 a.m.•11 views

Adobe Releases Security Updates for Adobe Flash Player

Adobe has released security updates for Adobe Flash Player to address multiple vulnerabilities. These vulnerabilities could cause a denial-of-service condition and potentially allow an attacker to execute arbitrary code and take control of an affected system. The following versions of Adobe Flash...

7.9AI score
Exploits0References2
cisa
cisa
•added 2013/04/11 12:0 a.m.•11 views

Google Releases Google Chrome 26.0.1410.57

Google has released Google Chrome 26.0.1410.57 for all Chrome OS devices to address a vulnerability. This vulnerability could allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Release blog entry and follow best-practice security...

7.3AI score
Exploits0References1
cisa
cisa
•added 2013/04/10 12:0 a.m.•11 views

Adobe Releases Security Update for ColdFusion

Adobe has released a security hotfix for Adobe ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX to address multiple vulnerabilities. These vulnerabilities could allow an unauthorized user to bypass authentication controls. US-CERT recommends that users and administrators review...

7.2AI score
Exploits0References1
cisa
cisa
•added 2013/03/15 12:0 a.m.•11 views

Apple Releases Security Updates for Safari on OS X

Apple has released security updates for Safari Webkit 6.0.3 to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to execute arbitrary code or cause a cross-site scripting attack. Safari 6.0.3 WebKit updates are available for the following versions: OSX Lion...

7.1AI score
Exploits0References1
cisa
cisa
•added 2013/02/21 12:0 a.m.•11 views

Updated Release of the February 2013 Oracle Java SE Critical Patch Update

Oracle has released an updated February 2013 Critical Patch Update for Oracle Java SE to address a vulnerability. This vulnerability could allow a remote unauthenticated attacker to execute arbitrary code on vulnerable systems or to provide unauthorized disclosure of information. The following...

7.4AI score
Exploits0References2
cisa
cisa
•added 2013/02/21 12:0 a.m.•11 views

Mozilla Releases Multiple Updates

The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities. Firefox 19.0 Firefox ESR 17.0.3 Thunderbird 17.0.3 Thunderbird ESR 17.0.3 SeaMonkey 2.16 These vulnerabilities could allow an attacker to execute arbitrary code, bypass security features, o...

7.7AI score
Exploits0References5
cisa
cisa
•added 2013/02/14 12:0 a.m.•11 views

Research In Motion Releases Security Update for BlackBerry Enterprise Server

Research In Motion RIM has released a security advisory for BlackBerry Enterprise Server to address multiple vulnerabilities. Exploitation of these vulnerabilities could allow an attacker to execute arbitrary code or allow elevation of privileges. RIM has released updates for the following...

7.7AI score
Exploits0References1
cisa
cisa
•added 2013/02/08 12:0 a.m.•11 views

Adobe Releases Security Advisory for Adobe Flash Player

Adobe has released a security advisory for Adobe Flash Player to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or take control of the affected system. Adobe has released updates for the following versions: Adob...

7AI score
Exploits0References1
cisa
cisa
•added 2013/01/17 12:0 a.m.•11 views

Adobe Releases Security Update for ColdFusion

Adobe has released a security hotfix to address multiple vulnerabilities in Adobe ColdFusion versions 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh, and UNIX. These vulnerabilities could allow an attacker to bypass authentication controls. US-CERT recommends that users and administrators review...

7.2AI score
Exploits0References1
cisa
cisa
•added 2013/01/03 12:0 a.m.•11 views

Microsoft Releases Security Advisory on Fraudulent Digital Certificates

Microsoft has released Security Advisory 2798897 in response to active attacks using fraudulent digital certificates issued by TURKTRUST Inc. These fraudulent certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This vulnerability affects al...

6.5AI score
Exploits0References2
cisa
cisa
•added 2012/11/27 12:0 a.m.•11 views

Google Releases Google Chrome 23.0.1271.91

Google has released Google Chrome 23.0.1271.91 for Windows, Mac, Linux, and ChromeFrame to address multiple vulnerabilities. These vulnerabilities could result in a denial of service or allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google...

7.5AI score
Exploits0References1
cisa
cisa
•added 2012/07/18 12:0 a.m.•11 views

Mozilla Releases Multiple Updates

The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities: Firefox 14 Firefox ESR 10.0.6 Thunderbird 14 Thunderbird ESR 10.0.6 SeaMonkey 2.11 These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition...

7.1AI score
Exploits0References5
Total number of security vulnerabilities4188