Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2021/02/08 12:0 a.m.29 views

Mozilla Releases Security Updates for Firefox and Firefox ESR

Mozilla has released security updates addressing a vulnerability affecting Firefox and Firefox ESR. An attacker can take advantage of this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisory for Firefox 85.0.1 and...

6.9AI score
Exploits0References1
CISA
CISA
added 2021/01/07 12:0 a.m.29 views

Google Releases Security Updates for Chrome

Google has released Chrome version 87.0.4280.141 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release and apply the necessary updates. This...

7AI score
Exploits0References1
CISA
CISA
added 2020/02/28 12:0 a.m.29 views

National Consumer Protection Week

National Consumer Protection Week NCPW is March 1–7. This annual event encourages individuals and businesses to learn about their consumer rights and how to keep themselves secure. The Federal Trade Commission FTC and its NCPW partners provide free resources to protect consumers from fraud, scams...

6.9AI score
Exploits0References4
CISA
CISA
added 2019/09/04 12:0 a.m.29 views

Samba Releases Security Updates

The Samba Team has released security updates to address a vulnerability in all versions of Samba from 4.9.0 onward. An attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...

6.4CVSS2.3AI score0.03182EPSS
Exploits0References1
CISA
CISA
added 2019/08/27 12:0 a.m.29 views

Protect Against Romance Scams

The Federal Trade Commission FTC has released a short video to help users spot and defend against romance scams. In this type of fraud, cyber criminals gain the confidence of their victims and trick them into sending money. The video includes stories that romance scammers tell to online daters to...

7.1AI score
Exploits0References5
CISA
CISA
added 2018/11/27 12:0 a.m.29 views

Samba Releases Security Updates

The Samba Team has released security updates to address several vulnerabilities in Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Samba Security Announcements for CVE-2018-14629,...

4.3CVSS2.5AI score0.05192EPSS
Exploits1References6
CISA
CISA
added 2018/04/04 12:0 a.m.29 views

Microsoft Releases Security Update

Microsoft has released a security update to address a vulnerability in the Microsoft Malware Protection Engine. A remote attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and administrators to review the Microsoft Security Advisory and apply t...

9.3CVSS8.2AI score0.61482EPSS
Exploits2References1
CISA
CISA
added 2016/09/16 12:0 a.m.29 views

VMWare Releases Security Updates

VMware has released a security update to address vulnerabilities in vSphere Hypervisor ESXi, Workstation Pro, Workstation Player, Fusion, and Tools. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and...

6.9AI score
Exploits0References1
CISA
CISA
added 2016/02/08 12:0 a.m.29 views

Oracle Releases Security Updates for Java

Oracle has released security updates to address a vulnerability in Java SE versions 6, 7, and 8 for Windows. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle security alert and apply...

7.6CVSS3.6AI score0.04066EPSS
Exploits2References1
CISA
CISA
added 2015/09/11 12:0 a.m.29 views

IC3 Issues Alert on IoT Devices

The Internet Crime Complaint Center IC3 has issued an alert to individuals and businesses about the security risks involved with the Internet of Things IoT. IoT refers to the emerging network of devices e.g., smart TVs, home automation systems that connect to one another via the Internet, often...

6.9AI score
Exploits0References1
CISA
CISA
added 2013/11/13 12:0 a.m.29 views

Adobe Releases Security Update for Adobe ColdFusion

Adobe has released a security hotfix for ColdFusion versions 10, 9.0.2, 9.0.1, and 9.0 for Windows, Macintosh and Linux to address multiple vulnerabilities. This hotfix addresses a reflected cross site scripting vulnerability CVE-2013-5326 that could be exploited by a remote, authenticated user a...

7.8CVSS5.8AI score0.03113EPSS
Exploits0References1
CISA
CISA
added 2026/05/14 12:0 p.m.28 views

CISA and Partners Release Guidance for Ongoing Global Exploitation of Cisco SD-WAN Systems

Update May 14, 2026: CISA has updated this Alert to include additional vulnerabilities, CVE-2026-20133 and CVE-2026-20182 and associated resources. The purpose of this Alert is to provide resources for organizations with Cisco Software-Defined Wide-Area Networking SD-WAN systems, including Federa...

10CVSS7.4AI score0.88496EPSS
Exploits15References18
CISA
CISA
added 2025/12/16 12:0 p.m.28 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-59718link is external Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability This type of vulnerability is a frequent atta...

9.8CVSS6.8AI score0.66322EPSS
Exploits1References6
CISA
CISA
added 2025/12/02 12:0 p.m.28 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-48572link is external Android Framework Privilege Escalation Vulnerability CVE-2025-48633link is external Android Framework Information Disclosure...

7.8CVSS6.6AI score0.00249EPSS
Exploits0References7
CISA
CISA
added 2025/11/21 12:0 p.m.28 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-61757link is external Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability This type of vulnerability is a frequent attack...

9.8CVSS6.8AI score0.88312EPSS
Exploits1References6
CISA
CISA
added 2025/08/25 12:0 p.m.28 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2024-8069link is external Citrix Session Recording Deserialization of Untrusted Data Vulnerability CVE-2024-8068link is external Citrix Session Recording...

8CVSS8.1AI score0.14736EPSS
Exploits11References8
CISA
CISA
added 2025/03/06 12:0 p.m.28 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on March 6, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-065-01 Hitachi Energy PCU400 ICSA-25-065-02 Hitachi Energy Relion 670/650/SAM600-IO...

7AI score
Exploits0References3
CISA
CISA
added 2025/01/30 12:0 p.m.28 views

CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware

CISA released a fact sheet, Contec CMS8000 Contains a Backdoor, detailing an analysis of three firmware package versions of the Contec CMS8000, a patient monitor used by the U.S. Healthcare and Public Health HPH sector. Analysts discovered that an embedded backdoor function with a hard-coded IP...

8.2CVSS8AI score0.01116EPSS
Exploits0References8
CISA
CISA
added 2022/12/13 12:0 a.m.28 views

CISA Releases Three Industrial Control Systems Advisories

CISA has released three 3 Industrial Control Systems ICS advisories on December 13, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories...

1.2AI score
Exploits0References3
CISA
CISA
added 2022/11/16 12:0 a.m.28 views

CISA and FBI Release Advisory on Iranian Government-Sponsored APT Actors Compromising Federal Network

Today, CISA and the Federal Bureau of Investigation FBI published a joint Cybersecurity Advisory CSA, Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester. The CSA provides information on an incident at a Federal Civilian Executive Branch...

1.2AI score
Exploits0References4
CISA
CISA
added 2021/10/24 12:0 a.m.28 views

Critical RCE Vulnerability in Discourse 

Discourse—an open source discussion platform—has released a security advisory to address a critical remote code execution RCE vulnerability CVE-2021-41163 in Discourse versions 2.7.8 and earlier. CISA urges developers to update to patched versions 2.7.9 or later or apply the necessary workarounds...

7.5CVSS9.5AI score0.19812EPSS
Exploits0References3
CISA
CISA
added 2021/10/05 12:0 a.m.28 views

CISA Releases Security Advisory for Honeywell Experion and ACE Controllers

CISA has released an Industrial Controls Systems ICS advisory detailing multiple vulnerabilities affecting all versions of Honeywell Experion Process Knowledge System C200, C200E, C300, and ACE controllers. A remote attacker could exploit some of these vulnerabilities to take control of an affect...

7.1AI score
Exploits0References3
CISA
CISA
added 2021/04/08 12:0 a.m.28 views

Using Aviary to Analyze Post-Compromise Threat Activity in M365 Environments

Aviary is a new dashboard that CISA and partners developed to help visualize and analyze outputs from its Sparrow detection tool released in December 2020. Sparrow helps network defenders detect possible compromised accounts and applications in Azure/Microsoft O365 environments. CISA created...

6.7AI score
Exploits0References7
CISA
CISA
added 2021/04/06 12:0 a.m.28 views

Malicious Cyber Activity Targeting Critical SAP Applications

SAP systems running outdated or misconfigured software are exposed to increased risks of malicious attacks. SAP applications help organizations manage critical business processes—such as enterprise resource planning, product lifecycle management, customer relationship management, and supply chain...

6.3AI score
Exploits0References6
CISA
CISA
added 2021/03/10 12:0 a.m.28 views

Microsoft Releases March 2021 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s March 2021 Security Update Summary and...

7.2AI score
Exploits0References2
CISA
CISA
added 2021/01/21 12:0 a.m.28 views

Drupal Releases Security Updates

Drupal has released security updates to address a vulnerability affecting Drupal. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Drupal Advisory SA-CORE-2021-001 and apply the necessary updates or mitigations...

6.8AI score
Exploits0References1
CISA
CISA
added 2020/08/11 12:0 a.m.28 views

SAP Releases August 2020 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. This includes a cross-site scripting vulnerability CVE-2020-6284 in NetWeaver Knowledge Management The...

8.5CVSS8.4AI score0.018EPSS
Exploits0References1
CISA
CISA
added 2019/06/20 12:0 a.m.28 views

Microsoft Releases Outlook for Android Security Update

Microsoft has released an update to address a vulnerability in Outlook for Android. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Microsoft Security...

3.5CVSS5.4AI score0.01817EPSS
Exploits0References1
CISA
CISA
added 2019/02/22 12:0 a.m.28 views

ISC Releases Security Updates for BIND

The Internet Systems Consortium ISC has released security updates that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain BIND. A remote attacker could exploit one of these vulnerabilities to cause a denial-of-service condition. The Cybersecurity and...

5CVSS1.9AI score0.037EPSS
Exploits0References3
CISA
CISA
added 2017/07/21 12:0 a.m.28 views

IBM Cisco Security Update

IBM has released a security update to address some vulnerabilities in its IBM Cisco MDS Series Switches Data Center Network Manager DCNM software. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators t...

10CVSS9.1AI score0.35388EPSS
Exploits0References1
CISA
CISA
added 2013/02/14 12:0 a.m.28 views

Adobe Releases Security Updates for Adobe Reader and Acrobat

Adobe has released a security advisory for Adobe Reader and Acrobat to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or take control of the affected system. Adobe is aware of reports that two vulnerabilities...

9.3CVSS6.4AI score0.86979EPSS
Exploits4References3
CISA
CISA
added 2010/11/03 12:0 a.m.28 views

Microsoft Releases Security Advisory for Internet Explorer

Microsoft has released Microsoft security advisory 2458511 to alert users of a vulnerability affecting all supported versions of Internet Explorer. This vulnerability may allow an attacker to execute arbitrary code. Update: Microsoft has released two Fix it tools in Microsoft Support article...

7.2AI score
Exploits0References5
CISA
CISA
added 2026/03/05 12:0 p.m.27 views

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2017-7921link is external Hikvision Multiple Products Improper Authentication Vulnerability CVE-2021-22681link is external Rockwell Multiple Products...

9.8CVSS7AI score0.99998EPSS
Exploits18References10
CISA
CISA
added 2026/01/07 12:0 p.m.27 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2009-0556link is external Microsoft Office PowerPoint Code Injection Vulnerability CVE-2025-37164link is external HPE OneView Code Injection Vulnerability These...

10CVSS7.1AI score0.89733EPSS
Exploits13References7
CISA
CISA
added 2025/01/14 12:0 p.m.27 views

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-55591link is external Fortinet FortiOS Authorization Bypass Vulnerability CVE-2025-21333link is external Microsoft Windows Hyper-V NT Kernel Integration VSP...

9.8CVSS9.1AI score0.98259EPSS
Exploits14References9
CISA
CISA
added 2021/04/16 12:0 a.m.27 views

WordPress Releases Security and Maintenance Update

WordPress versions 4.7-5.7 are affected by multiple vulnerabilities. An attacker could exploit one of these vulnerabilities to take control of an affected website. CISA encourages users and administrators to review the WordPress Security and Maintenance Release and upgrade to WordPress 5.7.1. Thi...

7.3AI score
Exploits0References1
CISA
CISA
added 2021/03/09 12:0 a.m.27 views

Guidance on Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise

Since December 2020, CISA has been responding to a significant cybersecurity incident involving an advanced persistent threat APT actor targeting networks of multiple U.S. government agencies, critical infrastructure entities, and private sector organizations. The APT actor added malicious code t...

7AI score
Exploits0References5
CISA
CISA
added 2021/01/07 12:0 a.m.27 views

Mozilla Releases Security Updates for Firefox, Firefox for Android, and Firefox ESR

Mozilla has released security updates to address a vulnerability in Firefox, Firefox for Android, and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory and apply the...

6.8AI score
Exploits0References1
CISA
CISA
added 2019/11/01 12:0 a.m.27 views

National Critical Infrastructure Security and Resilience Month

November is National Critical Infrastructure Security and Resilience Month. The Nation’s critical infrastructure CI relies on a highly interdependent environment, in which physical and cyber systems converge. CI plays a vital role in keeping our Nation and communities safe and secure. Everyone is...

6.6AI score
Exploits0References7
CISA
CISA
added 2019/09/10 12:0 a.m.27 views

Adobe Releases Security Updates

Adobe has released security updates to address vulnerabilities affecting Flash Player and Application Manager. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...

7AI score
Exploits0References2
CISA
CISA
added 2019/05/14 12:0 a.m.27 views

Samba Releases Security Updates

The Samba Team has released security updates to address a vulnerability in Samba. An attacker could exploit this vulnerability take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Samba Security Announcemen...

6CVSS2.7AI score0.02486EPSS
Exploits0References1
CISA
CISA
added 2018/10/03 12:0 a.m.27 views

Cybersecurity Threats to Precision Agriculture

DHS has released a report to address cybersecurity threats to new precision agriculture technologies used in crop and livestock production. Precision agriculture employs a variety of embedded and connected technologies to generate data used to enhance agricultural and livestock management. As...

6.7AI score
Exploits0References1
CISA
CISA
added 2017/11/21 12:0 a.m.27 views

Symantec Releases Security Update

Symantec has released an update to address a vulnerability in the Symantec Management Console. A remote attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review the Symantec Security Advisory and apply the necessary...

6.8AI score
Exploits0References1
CISA
CISA
added 2017/04/12 12:0 a.m.27 views

ISC Releases Security Updates for BIND

The Internet Systems Consortium ISC has released updates that address multiple vulnerabilities in BIND. A remote attacker could exploit any of these vulnerabilities to cause a denial-of-service condition. Available updates include: BIND 9 version 9.9.9-P8 BIND 9 version 9.10.4-P8 BIND 9 version...

5CVSS1.7AI score0.11093EPSS
Exploits0References3
CISA
CISA
added 2015/06/25 12:0 a.m.27 views

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in Web Security Virtual Appliance WSAv, Email Security Virtual Appliance ESAv, and Content Security Management Virtual Appliance SMAv software. Exploitation of one of these vulnerabilities may allow a remote attacker to take control o...

7AI score
Exploits0References1
CISA
CISA
added 2012/02/02 12:0 a.m.27 views

Apple Releases Multiple Security Updates

Apple has released security updates for Apple OS X Lion 10.7 to 10.7.2, OS X Lion Server 10.7 to 10.7.2, Mac OS 10.6.8, and Mac OS X Server v 10.6.8 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition,...

7.5CVSS6.9AI score0.02682EPSS
Exploits2References4
CISA
CISA
added 2026/02/05 12:0 p.m.26 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-11953link is external React Native Community CLI OS Command Injection Vulnerability CVE-2026-24423link is external SmarterTools SmarterMail Missing...

9.8CVSS5.5AI score0.87693EPSS
Exploits5References7
CISA
CISA
added 2023/12/05 12:0 p.m.26 views

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-33106 Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability CVE-2023-33063 Qualcomm Multiple Chipsets Use-After-Free Vulnerability...

8.4CVSS7.4AI score0.00892EPSS
Exploits0References9
CISA
CISA
added 2022/12/29 12:0 a.m.26 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly adde...

1.6AI score
Exploits0References5
CISA
CISA
added 2022/11/29 12:0 a.m.26 views

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven 7 Industrial Control Systems ICS advisories on November 29, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

0.2AI score
Exploits0References7
Total number of security vulnerabilities4188