Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2010/05/10 12:0 a.m.10 views

Apple Safari Vulnerability

US-CERT is aware of a vulnerability affecting Apple Safari. By convincing a user to open a specially crafted web page, an attacker may be able to execute arbitrary code. Exploit code for this vulnerability is publicly available. US-CERT encourages users and administrators to disable JavaScript as...

7.3AI score
Exploits0References2
CISA
CISA
added 2010/04/30 12:0 a.m.10 views

Microsoft Releases Security Advisory 983438

Microsoft has released security advisory 983438 to notify users of a vulnerability in Microsoft Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007. The advisory states that Microsoft is investigating public reports of exploitation of the vulnerability that may allow the...

6.7AI score
Exploits0References2
CISA
CISA
added 2010/04/22 12:0 a.m.10 views

Cisco Releases Security Advisory for Small Business Video Surveillance Cameras and 4-Port Gigabit Security Routers

Cisco has released a security advisory to address a vulnerability that affects Cisco Small Business Video Surveillance Cameras and Cisco RVS4000 4-Port Gigabit Security Routers. This vulnerability may allow an unprivileged user to gain full administrative access on the device or obtain sensitive...

6.9AI score
Exploits0References1
CISA
CISA
added 2010/04/21 12:0 a.m.10 views

Google Releases Chrome 4.1.249.1059

Google has released Chrome 4.1.249.1059 for Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, conduct cross-site scripting attacks, or conduct cross-site request forgery attacks. US-CERT encourages users and administrators to revie...

7.1AI score
Exploits0References1
CISA
CISA
added 2010/04/15 12:0 a.m.10 views

Apple Releases Security Update 2010-003

Apple has released security update 2010-003 to address a vulnerability in the ATS package. This vulnerability may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review Apple article HT4131 and apply any necessary updates to help mitigate the risks. Thi...

7.3AI score
Exploits0References1
CISA
CISA
added 2010/04/13 12:0 a.m.10 views

Adobe Releases Security Updates for Adobe Reader and Acrobat

Adobe has released security updates to address multiple vulnerabilities that affect the following: Adobe Reader 9.3.1 and earlier Adobe Acrobat 9.3.1 and earlier Adobe Reader 8.2.1 and earlier Adobe Acrobat 8.2.1 and earlier These vulnerabilities may allow an attacker to execute arbitrary code or...

7.8AI score
Exploits0References1
CISA
CISA
added 2010/03/02 12:0 a.m.10 views

Microsoft Releases Security Advisory to Address VBScript Vulnerability

Microsoft has released a security advisory to address a vulnerability in VBScript. The advisory indicates that this vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer. By convincing a user to view a specially crafted HTML document web page...

6.8AI score
Exploits0References3
CISA
CISA
added 2026/05/22 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-9082link is external Drupal Core SQL Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses...

9.8CVSS6.1AI score0.84631EPSS
Exploits13References6
CISA
CISA
added 2026/05/07 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-6973link is external Ivanti Endpoint Manager Mobile EPMM Improper Input Validation Vulnerability This type of vulnerability is a frequent attack vector for...

7.2CVSS6AI score0.34454EPSS
Exploits0References6
CISA
CISA
added 2026/04/30 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-41940link is external WebPros cPanel & WHM and WP2 WordPress Squared Missing Authentication for Critical Function Vulnerability This type of vulnerability is...

9.8CVSS5.6AI score0.981EPSS
Exploits64References6
CISA
CISA
added 2026/04/28 12:0 p.m.9 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2024-1708link is external ConnectWise ScreenConnect Path Traversal Vulnerability CVE-2026-32202link is external Microsoft Windows Protection Mechanism Failure...

8.4CVSS8.7AI score0.87624EPSS
Exploits8References7
CISA
CISA
added 2026/04/01 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-5281link is external Google Dawn Use-After-Free Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses...

8.8CVSS6.1AI score0.05036EPSS
Exploits0References6
CISA
CISA
added 2026/03/25 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-33017link is external Langflow Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses...

9.8CVSS5.9AI score0.98412EPSS
Exploits17References6
CISA
CISA
added 2026/03/20 12:0 p.m.9 views

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-31277link is external Apple Multiple Products Buffer Overflow Vulnerability CVE-2025-32432link is external Craft CMS Code Injection Vulnerability...

10CVSS5.7AI score0.99803EPSS
Exploits21References10
CISA
CISA
added 2026/03/16 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-47813link is external Wing FTP Server Information Disclosure Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors...

4.3CVSS5.8AI score0.56366EPSS
Exploits3References6
CISA
CISA
added 2026/02/25 12:0 p.m.9 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2022-20775link is external Cisco Catalyst SD-WAN Path Traversal Vulnerability CVE-2026-20127link is external Cisco Catalyst SD-WAN Controller and Manager...

10CVSS5.6AI score0.57793EPSS
Exploits10References7
CISA
CISA
added 2026/01/21 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-20045link is external Cisco Unified Communications Products Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious...

9.8CVSS5.6AI score0.04307EPSS
Exploits1References6
CISA
CISA
added 2026/01/07 12:0 p.m.9 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2009-0556link is external Microsoft Office PowerPoint Code Injection Vulnerability CVE-2025-37164link is external HPE OneView Code Injection Vulnerability These...

10CVSS7.1AI score0.89733EPSS
Exploits13References7
CISA
CISA
added 2025/12/22 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2023-52163link is external Digiever DS-2105 Pro Missing Authorization Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

8.8CVSS6.9AI score0.96285EPSS
Exploits1References6
CISA
CISA
added 2025/12/09 12:0 p.m.9 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-343-01 Universal Boot Loader U-Boot ICSA-25-343-02 Festo LX Appliance ICSA-25-343-03 Multiple India-Base...

6.6AI score
Exploits0References3
CISA
CISA
added 2025/11/19 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-13223link is external Google Chromium V8 Type Confusion Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and...

8.8CVSS6.9AI score0.04835EPSS
Exploits1References6
CISA
CISA
added 2025/11/06 12:0 p.m.10 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-310-01 Advantech DeviceOn iEdge ICSA-25-310-02 Ubia Ubox ICSA-25-310-03 ABB FLXeon Controllers...

6.6AI score
Exploits0References4
CISA
CISA
added 2025/10/15 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-54253link is external Adobe Experience Manager Forms Code Execution Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

10CVSS7.2AI score0.89824EPSS
Exploits7References6
CISA
CISA
added 2025/07/28 12:0 p.m.9 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-20281link is external Cisco Identity Services Engine Injection Vulnerability CVE-2025-20337link is external Cisco Identity Services Engine Injection...

10CVSS7.9AI score0.96732EPSS
Exploits11References8
CISA
CISA
added 2025/07/20 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability, CVE-2025-53770 “ToolShell,” to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. See CISA’s Alert Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability CVE-2025-53770 for more information and to apply the recommended mitigations...

9.8CVSS7.7AI score0.99982EPSS
Exploits41References7
CISA
CISA
added 2025/04/29 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-31324link is external SAP NetWeaver Unrestricted File Upload Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors...

10CVSS7.3AI score0.99359EPSS
Exploits18References6
CISA
CISA
added 2025/01/28 12:0 p.m.9 views

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems ICS advisories on January 28, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-028-01 B&R Automation Runtime ICSA-25-028-02 Schneider Electric Power Logic...

7AI score
Exploits0References7
CISA
CISA
added 2024/12/17 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-55956link is external Cleo Multiple Products Unauthenticated File Upload Vulnerability These types of vulnerabilities are frequent attack vectors for malicious...

9.8CVSS9.7AI score0.93804EPSS
Exploits4References6
CISA
CISA
added 2024/12/13 12:0 p.m.9 views

CISA and EPA Release Joint Fact Sheet Detailing Risks Internet-Exposed HMIs Pose to WWS Sector

Today, CISA and the Environmental Protection Agency EPA released Internet-Exposed HMIs Pose Cybersecurity Risks to Water and Wastewater Systems. This joint fact sheet provides Water and Wastewater Systems WWS facilities with recommendations for limiting the exposure of Human Machine Interfaces HM...

7.2AI score
Exploits0References3
CISA
CISA
added 2024/12/05 12:0 p.m.9 views

Cisco Releases Security Updates for NX-OS Software

Cisco released security updates to address a vulnerability in Cisco NX-OS software. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the following advisory and apply the necessary updates: Cisco NX-OS...

7.3AI score
Exploits0References1
CISA
CISA
added 2024/11/26 12:0 p.m.9 views

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on November 26, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-331-01 Schneider Electric PowerLogic PM55xx and PowerLogic PM8ECC ICSA-24-331-02...

6.7AI score
Exploits0References6
CISA
CISA
added 2024/06/21 12:0 p.m.9 views

Juniper Networks Releases Security Bulletin for Juniper Secure Analytics

Juniper Networks released a security bulletin to address multiple vulnerabilities affecting Juniper Secure Analytics optional applications. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the...

7.6AI score
Exploits0References1
CISA
CISA
added 2024/05/14 12:0 p.m.9 views

Microsoft Releases May 2024 Security Updates

Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following advisory and apply the necessary updates...

7.6AI score
Exploits0References1
CISA
CISA
added 2024/05/01 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-7028 GitLab Community and Enterprise Editions Improper Access Control Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cybe...

10CVSS7.1AI score0.94955EPSS
Exploits16References6
CISA
CISA
added 2023/12/14 12:0 p.m.9 views

CISA Releases Seventeen Industrial Control Systems Advisories

CISA released seventeen Industrial Control Systems ICS advisories on December 14, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-348-01 Cambium ePMP 5GHz Force 300-25 Radio ICSA-23-348-02 Johnson Controls...

7AI score
Exploits0References17
CISA
CISA
added 2023/12/11 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-6448 Unitronics Vision PLC and HMI Insecure Default Password These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

9.8CVSS9.5AI score0.02089EPSS
Exploits0References6
CISA
CISA
added 2023/12/04 12:0 p.m.9 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-42917 Apple Multiple Products WebKit Memory Corruption Vulnerability CVE-2023-42916 Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability These types...

8.8CVSS7.2AI score0.17963EPSS
Exploits0References7
CISA
CISA
added 2023/10/26 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-5631 Roundcube Webmail Persistent Cross-Site Scripting XSS Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors an...

6.1CVSS6.2AI score0.73445EPSS
Exploits2References6
CISA
CISA
added 2023/09/14 12:0 p.m.9 views

CISA Adds One Known Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-26369 Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

7.8CVSS7.1AI score0.07036EPSS
Exploits0References7
CISA
CISA
added 2023/09/13 12:0 p.m.9 views

CISA Adds Three Known Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-35674 Android Framework Privilege Escalation Vulnerability CVE-2023-20269 Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access...

9.1CVSS7.5AI score0.99739EPSS
Exploits9References8
CISA
CISA
added 2023/08/07 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2017-18368 Zyxel P660HN-T1A Routers Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

10CVSS7.3AI score0.94508EPSS
Exploits2References6
CISA
CISA
added 2023/08/03 12:0 p.m.9 views

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on August 3, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-215-01 Mitsubishi Electric GOT2000 and GOT SIMPLE ICSA-23-215-02 Mitsubishi Electric GT...

7AI score
Exploits0References5
CISA
CISA
added 2023/06/15 12:0 p.m.9 views

CISA, FBI, and MS-ISAC Update Joint CSA on Progress Telerik Vulnerabilities

Today, CISA, the Federal Bureau of Investigation FBI, and Multi-State Information Sharing and Analysis Center MS-ISAC released an update for joint Cybersecurity Advisory CSA Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server. This iteration of the CSA—now renamed...

9.8CVSS7.4AI score0.99737EPSS
Exploits19References3
CISA
CISA
added 2023/05/01 12:0 p.m.9 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-1389 TP-Link Archer AX-21 Command Injection Vulnerability CVE-2021-45046 Apache Log4j2 Deserialization of Untrusted Data Vulnerability CVE-2023-21839 Oracle...

9CVSS7.5AI score0.99999EPSS
Exploits56References8
CISA
CISA
added 2023/04/19 12:0 p.m.9 views

CISA and Partners Release Cybersecurity Best Practices for Smart Cities

Today, CISA, NSA, FBI, NCSC-UKlink is external, ACSClink is external, CCCSlink is external and NCSC-NZlink is external released a joint guide: Cybersecurity Best Practices for Smart Cities. Smart cities may create safer, more efficient, resilient communities through technological innovation and...

7.4AI score
Exploits0References8
CISA
CISA
added 2023/02/02 12:0 a.m.9 views

Drupal Releases Security Update to Address a Vulnerability in Apigee Edge

Drupal released a security update to address a vulnerability affecting the Apigee Edge module for Drupal 9.x. An attacker could exploit this vulnerability to bypass access authorization or disclose sensitive information. CISA encourages users and administrators to review Drupal’s security advisor...

2.1AI score
Exploits0References1
CISA
CISA
added 2023/02/02 12:0 a.m.9 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly adde...

1.6AI score
Exploits0References5
CISA
CISA
added 2023/02/01 12:0 a.m.9 views

VMware Releases Security Update for VMware vRealize Operations

VMware released a security update that addresses a cross-site request forgery bypass vulnerability affecting VMware vRealize Operations. A malicious user could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security...

2.2AI score
Exploits0References1
CISA
CISA
added 2023/01/25 12:0 a.m.9 views

CISA, NSA, and MS-ISAC Release Advisory on the Malicious Use of RMM Software

Today, the Cybersecurity and Infrastructure Security Agency CISA, the National Security Agency NSA, and the Multi-State Information Sharing and Analysis Center MS-ISAC released joint Cybersecurity Advisory CSA Protecting Against Malicious Use of Remote Monitoring and Management Software. The...

1.1AI score
Exploits0References1
CISA
CISA
added 2023/01/10 12:0 a.m.9 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly adde...

1.6AI score
Exploits0References5
Total number of security vulnerabilities4188