Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2011/03/10 12:0 a.m.8 views

Apple Releases Safari 5.0.4

Apple has released Safari 5.0.4 to address multiple vulnerabilities in the ImageIO, libxml, and WebKit packages. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or conduct cross-site scripting attacks. US-CE...

6.9AI score
Exploits0References1
CISA
CISA
added 2010/10/20 12:0 a.m.8 views

Mozilla Releases Firefox 3.6.11

The Mozilla Foundation has released Firefox 3.6.11 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, or cause a denial-of-service condition. The Mozilla Foundation has also released Firefox 3.5.14 to address...

7.7AI score
Exploits0References1
CISA
CISA
added 2010/07/13 12:0 a.m.8 views

Microsoft Releases July Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for July 2010. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the bulletins an...

7.5AI score
Exploits0References2
CISA
CISA
added 2010/06/10 12:0 a.m.8 views

Adobe Releases Flash 10.1

Adobe has released a Security Bulletin to address vulnerabilities in Adobe Flash Player 10.0.45.2 and earlier versions and in Adobe AIR 1.5.3.9130 and earlier versions. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition...

7.8AI score
Exploits0References2
CISA
CISA
added 2010/06/09 12:0 a.m.8 views

Google Releases Chrome 5.0.375.70

Google has released Chrome 5.0.375.70 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, conduct cross-site scripting attacks, bypass security restrictions, or obtain sensitive information. US-CERT encourages use...

7AI score
Exploits0References1
CISA
CISA
added 2010/03/26 12:0 a.m.8 views

Copyright Infringement Lawsuit Email Scam

US-CERT is aware of public reports of an active email scam. These emails, which appear to come from seemingly legitimate law firms, indicate that someone has filed a copyright lawsuit against the message recipient. The messages may contain malicious attachments or web links. If a user opens the...

6.8AI score
Exploits0References3
CISA
CISA
added 2026/04/16 12:0 p.m.7 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-34197link is external Apache ActiveMQ Improper Input Validation Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber acto...

8.8CVSS5.7AI score0.96666EPSS
Exploits13References6
CISA
CISA
added 2026/04/08 12:0 p.m.7 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-1340link is external Ivanti Endpoint Manager Mobile EPMM Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious...

9.8CVSS7.3AI score0.8404EPSS
Exploits6References6
CISA
CISA
added 2025/12/19 12:0 p.m.7 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-14733link is external WatchGuard Firebox Out-of-Bounds Write Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors...

9.8CVSS6.9AI score0.18047EPSS
Exploits1References6
CISA
CISA
added 2025/12/12 12:0 p.m.7 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-14174link is external Google Chromium Out-of-Bounds Memory Access Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

8.8CVSS7AI score0.22721EPSS
Exploits10References6
CISA
CISA
added 2025/12/11 12:0 p.m.7 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-58360link is external OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability This type of vulnerability is a frequent attack...

9.8CVSS6.9AI score0.67357EPSS
Exploits4References6
CISA
CISA
added 2025/12/08 12:0 p.m.7 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2022-37055link is external D-Link Routers Buffer Overflow Vulnerability CVE-2025-66644link is external Array Networks ArrayOS AG OS Command Injection...

9.8CVSS7.3AI score0.57037EPSS
Exploits1References7
CISA
CISA
added 2025/12/04 12:0 p.m.7 views

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-338-01 Mitsubishi Electric GX Works2 ICSA-25-338-02 MAXHUB Pivot ICSA-25-338-03 Johnson Controls OpenBlue...

6.6AI score
Exploits0References9
CISA
CISA
added 2025/11/13 12:0 p.m.7 views

CISA and Partners Release Advisory Update on Akira Ransomware

Today, Cybersecurity and Infrastructure Security Agency CISA, in collaboration with the Federal Bureau of Investigation, Department of Defense Cyber Crime Center, Department of Health and Human Services, and international partners, released an updated joint Cybersecurity Advisory, StopRansomware:...

7.5AI score
Exploits0References2
CISA
CISA
added 2025/11/10 12:0 p.m.7 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-21042link is external Samsung Mobile Devices Out-of-Bounds Write Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

9.8CVSS7.6AI score0.11606EPSS
Exploits1References6
CISA
CISA
added 2025/10/28 12:0 p.m.7 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-6204link is external Dassault Systèmes DELMIA Apriso Code Injection Vulnerability CVE-2025-6205link is external Dassault Systèmes DELMIA Apriso Missing...

9.1CVSS7.3AI score0.76148EPSS
Exploits0References7
CISA
CISA
added 2025/10/22 12:0 p.m.7 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-61932link is external Motex LANSCOPE Endpoint Manager Improper Verification of Source of a Communication Channel Vulnerability This type of vulnerability is ...

9.8CVSS6.9AI score0.02689EPSS
Exploits0References6
CISA
CISA
added 2025/10/09 12:0 p.m.7 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS Advisories on October 9, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-282-01 Hitachi Energy Asset Suite ICSA-25-282-02 Rockwell Automation Lifecycle Service...

6.6AI score
Exploits0References4
CISA
CISA
added 2025/10/02 12:0 p.m.7 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on October 2, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-275-01 Raise3D Pro2 Series 3D Printers ICSA-25-275-02 Hitachi Energy MSM Product CISA...

6.6AI score
Exploits0References2
CISA
CISA
added 2025/09/18 12:0 p.m.7 views

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on September 18, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-261-01 Westermo Network Technologies WeOS 5 ICSA-25-261-02 Westermo Network...

6.6AI score
Exploits0References9
CISA
CISA
added 2025/09/03 12:0 p.m.7 views

CISA, NSA, and Global Partners Release a Shared Vision of Software Bill of Materials (SBOM) Guidance

CISA, in collaboration with NSA and 19 international partners, released joint guidance outliningA Shared Vision of Software Bill of Materials SBOM for Cybersecurity. This marks a significant step forward in strengthening software supply chain transparency and security worldwide. An SBOM is a form...

6.7AI score
Exploits0References3
CISA
CISA
added 2025/09/02 12:0 p.m.7 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2020-24363link is external TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability CVE-2025-55177link is external Meta Platforms WhatsApp...

8.8CVSS7.1AI score0.20689EPSS
Exploits1References7
CISA
CISA
added 2025/08/28 12:0 p.m.7 views

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on August 28, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-240-01 Mitsubishi Electric MELSEC iQ-F Series CPU Module ICSA-25-240-02 Mitsubishi...

6.8AI score
Exploits0References9
CISA
CISA
added 2025/08/27 12:0 p.m.7 views

CISA and Partners Release Joint Advisory on Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage Systems

CISA, along with the National Security Agency, Federal Bureau of Investigation, and international partners, released a joint Cybersecurity Advisory on People’s Republic of China PRC state-sponsored Advanced Persistent Threat APT actors targeting critical infrastructure across sectors and continen...

7.7AI score
Exploits0References3
CISA
CISA
added 2025/08/05 12:0 p.m.7 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2020-25078link is external D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability CVE-2020-25079link is external D-Link DCS-2530L and DCS-2670L...

9CVSS8AI score0.97901EPSS
Exploits8References8
CISA
CISA
added 2025/07/29 12:0 p.m.7 views

CISA and Partners Release Updated Advisory on Scattered Spider Group

CISA, along with the Federal Bureau of Investigation, Canadian Centre for Cyber Security, Royal Canadian Mounted Police, the Australian Cyber Security Centre’s Australian Signals Directorate, and the Australian Federal Police and National Cyber Security Centre, released an updated joint...

7.4AI score
Exploits0References1
CISA
CISA
added 2025/07/18 12:0 p.m.7 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-25257link is external Fortinet FortiWeb SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and...

9.8CVSS8.5AI score0.9671EPSS
Exploits18References6
CISA
CISA
added 2025/07/01 12:0 p.m.7 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-48927link is external TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability CVE-2025-48928link is external TeleMessage TM...

5.3CVSS7.3AI score0.08489EPSS
Exploits0References7
CISA
CISA
added 2025/06/12 12:0 p.m.7 views

CISA Releases Cybersecurity Advisory on SimpleHelp RMM Vulnerability

Today, CISA released Cybersecurity Advisory: Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider. This advisory is in response to ransomware actors targeting customers of a utility billing software provider through...

9.1CVSS7.6AI score0.95151EPSS
Exploits2References4
CISA
CISA
added 2025/06/09 12:0 p.m.7 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-32433link is external Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability CVE-2024-42009link is external RoundCube...

10CVSS6.8AI score0.97859EPSS
Exploits42References7
CISA
CISA
added 2025/04/29 12:0 p.m.7 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on April 29, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-119-01 Rockwell Automation ThinManager ICSA-25-119-02 Delta Electronics ISPSoft...

7AI score
Exploits0References3
CISA
CISA
added 2025/04/24 12:0 p.m.7 views

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems ICS advisories on April 24, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-114-01 Schneider Electric Modicon Controllers ICSA-25-114-02 ALBEDO Telecom Net.Time -...

7AI score
Exploits0References7
CISA
CISA
added 2025/04/17 12:0 p.m.7 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-31200link is external Apple Multiple Products Memory Corruption Vulnerability CVE-2025-31201link is external Apple Multiple Products Arbitrary Read and Write...

9.8CVSS7AI score0.58974EPSS
Exploits26References8
CISA
CISA
added 2025/04/01 12:0 p.m.7 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on April 1, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-091-01 Rockwell Automation Lifecycle Services with Veeam Backup and Replication...

7AI score
Exploits0References2
CISA
CISA
added 2025/03/04 12:0 p.m.7 views

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems ICS advisories on March 4, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-063-01 Carrier Block Load ICSA-25-063-02 Keysight Ixia Vision Product Family...

7AI score
Exploits0References8
CISA
CISA
added 2025/02/24 12:0 p.m.7 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2017-3066link is external Adobe ColdFusion Deserialization Vulnerability CVE-2024-20953link is external Oracle Agile Product Lifecycle Management PLM Deserializatio...

10CVSS7AI score0.90597EPSS
Exploits6References7
CISA
CISA
added 2025/02/20 12:0 p.m.7 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-23209link is external Craft CMS Code Injection Vulnerability CVE-2025-0111link is external Palo Alto Networks PAN-OS File Read Vulnerability These types of...

8.1CVSS7.8AI score0.04714EPSS
Exploits1References7
CISA
CISA
added 2025/02/07 12:0 p.m.7 views

Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software

CISA is collaborating with private industry partners to respond to reports of exploitation of a vulnerability CVE-2025-0994 discovered by Trimble impacting its Cityworks Server AMS Asset Management System. Trimble has released security updates and an advisory addressing a recently discovered...

8.8CVSS8.3AI score0.28261EPSS
Exploits0References2
CISA
CISA
added 2025/01/30 12:0 p.m.7 views

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems ICS advisories on January 30, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-030-01 Hitachi Energy UNEM ICSA-25-030-02 New Rock Technologies Cloud Connected...

7AI score
Exploits0References8
CISA
CISA
added 2025/01/23 12:0 p.m.7 views

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on January 23, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-023-01 mySCADA myPRO Manager ICSA-25-023-02 Hitachi Energy RTU500 Series Product...

7AI score
Exploits0References6
CISA
CISA
added 2025/01/14 12:0 p.m.7 views

Microsoft Releases January 2025 Security Updates

Microsoft released security updates to address vulnerabilities in multiple Microsoft products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates:...

7.6AI score
Exploits0References1
CISA
CISA
added 2024/12/05 12:0 p.m.7 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on December 5, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-340-01 AutomationDirect C-More EA9 Programming Software ICSA-24-340-02 Planet Technolo...

7AI score
Exploits0References2
CISA
CISA
added 2024/11/20 12:0 p.m.7 views

USDA Releases Success Story Detailing the Implementation of Phishing-Resistant Multifactor Authentication

Today, the Cybersecurity and Infrastructure Security Agency CISA and the U.S. Department of Agriculture USDA released Phishing-Resistant Multifactor Authentication MFA Success Story: USDA’s FIDO Implementation. This report details how USDA successfully implemented phishing-resistant authenticatio...

7.2AI score
Exploits0References3
CISA
CISA
added 2024/11/19 12:0 p.m.7 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on November 19, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-324-01 Mitsubishi Electric MELSEC iQ-F Series CISA encourages users and administrators ...

7AI score
Exploits0References1
CISA
CISA
added 2024/11/12 12:0 p.m.7 views

JCDC’s Collaborative Efforts Enhance Cybersecurity for the 2024 Olympic and Paralympic Games

The Cybersecurity and Infrastructure Security Agency CISA, through the Joint Cyber Defense Collaborative JCDC, enabled proactive coordination and information sharing to bolster cybersecurity ahead of the 2024 Olympic and Paralympic Games in Paris. Recognizing the potential for cyber threats...

7AI score
Exploits0References2
CISA
CISA
added 2024/11/12 12:0 p.m.7 views

CISA, FBI, NSA, and International Partners Release Joint Advisory on 2023 Top Routinely Exploited Vulnerabilities

Today, the Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, National Security Agency NSA, and international partners released joint Cybersecurity Advisory, 2023 Top Routinely Exploited Vulnerabilities. This advisory supplies details on the top Common...

7.2AI score
Exploits0References2
CISA
CISA
added 2024/10/10 12:0 p.m.7 views

Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies

CISA has observed cyber threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager LTM module to enumerate other non-internet facing devices on the network. F5 BIG-IP is a suite of hardware and software solutions designed to manage and secure network...

7.3AI score
Exploits0References2
CISA
CISA
added 2024/10/08 12:0 p.m.7 views

CISA and FBI Release Fact Sheet on Protecting Against Iranian Targeting of Accounts Associated with National Political Organizations

Today, CISA and the Federal Bureau of Investigation FBI released joint fact sheet, How to Protect Against Iranian Targeting of Accounts Associated with National Political Organizations. This fact sheet provides information about threat actors affiliated with the Iranian Government’s Islamic...

7AI score
Exploits0References4
CISA
CISA
added 2024/09/26 12:0 p.m.7 views

ASD’s ACSC, CISA, and US and International Partners Release Guidance on Detecting and Mitigating Active Directory Compromises

Today, the Australian Signals Directorate Australian Cyber Security Centre ASD ACSC, the Cybersecurity and Infrastructure Security Agency CISA, and other U.S. and international partners released the joint guide Detecting and Mitigating Active Directory Compromiseslink is external. This guide...

7.1AI score
Exploits0References2
CISA
CISA
added 2024/09/26 12:0 p.m.7 views

Cisco Releases Security Updates for IOS and IOS XE Software

Cisco released its September 2024 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication to address vulnerabilities in IOS and IOS XE. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and...

7.5AI score
Exploits0References1
Total number of security vulnerabilities4188