CISA KEV

CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability

CISA KEV, exploited, Malware & Threats, Oracle WebLogic /

CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability 2024-06-04 at 15:46 By Eduard Kovacs CISA has added an old Oracle WebLogic flaw tracked as CVE-2017-3506 to its known exploited vulnerabilities catalog. The post CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS […]

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability Read More »

CISA Warns of Exploited Linux Kernel Vulnerability

CISA KEV, exploited, kernel, Linux, Vulnerabilities /

CISA Warns of Exploited Linux Kernel Vulnerability 2024-05-31 at 14:46 By Ionut Arghire CISA instructs federal agencies to mitigate CVE-2024-1086, a Linux kernel flaw leading to privilege escalation. The post CISA Warns of Exploited Linux Kernel Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

CISA Warns of Exploited Linux Kernel Vulnerability Read More »

CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw

CISA KEV, exploited, Featured, Government, healthcare, Vulnerabilities /

CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw 2024-05-21 at 14:31 By Eduard Kovacs CISA has added CVE-2023-43208, an unauthenticated remote code execution vulnerability, to its KEV catalog.  The post CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw Read More »

CISA Warns of Exploited Vulnerabilities in EOL D-Link Products

CISA KEV, D-Link, router, Vulnerabilities, vulnerability /

CISA Warns of Exploited Vulnerabilities in EOL D-Link Products 2024-05-17 at 17:01 By Ionut Arghire CISA has added two vulnerabilities in discontinued D-Link products to its KEV catalog, including a decade-old flaw. The post CISA Warns of Exploited Vulnerabilities in EOL D-Link Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

CISA Warns of Exploited Vulnerabilities in EOL D-Link Products Read More »

CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation

CISA KEV, exploited, Russia, Vulnerabilities, Windows /

CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation 2024-04-24 at 16:16 By Ionut Arghire CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild. The post CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation Read More »

SAP Applications Increasingly in Attacker Crosshairs, Report Shows

Application Security, CISA KEV, Flashpoint, Onapsis, SAP, Vulnerabilities /

SAP Applications Increasingly in Attacker Crosshairs, Report Shows 2024-04-18 at 19:46 By Ionut Arghire Malicious hackers are targeting SAP applications at an alarming pace, according to warnings from Onapsis and Flashpoint. The post SAP Applications Increasingly in Attacker Crosshairs, Report Shows appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

SAP Applications Increasingly in Attacker Crosshairs, Report Shows Read More »

CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks

CISA KEV, exploited, SharePoint, Vulnerabilities /

CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks 2024-03-27 at 12:46 By Eduard Kovacs CISA says a second SharePoint vulnerability demonstrated last year at Pwn2Own, CVE-2023-24955, has been exploited in the wild. The post CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks Read More »

CISA Warns of Pixel Phone Vulnerability Exploitation

Android, CISA KEV, exploited, Pixel, Vulnerabilities /

CISA Warns of Pixel Phone Vulnerability Exploitation 2024-03-06 at 14:07 By Eduard Kovacs CISA adds Pixel Android phone (CVE-2023-21237) and Sunhillo SureLine (CVE-2021-36380) flaws to its known exploited vulnerabilities catalog.  The post CISA Warns of Pixel Phone Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

CISA Warns of Pixel Phone Vulnerability Exploitation Read More »

CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks

CISA KEV, Cisco, exploited, Vulnerabilities /

CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks 2024-02-16 at 14:02 By Eduard Kovacs CISA has added CVE-2020-3259, an old Cisco ASA vulnerability exploited by ransomware, to its KEV catalog.  The post CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks Read More »

CISA Warns of Roundcube Webmail Vulnerability Exploitation

CISA, CISA KEV, email security, exploited, Roundcube, Vulnerabilities /

CISA Warns of Roundcube Webmail Vulnerability Exploitation 2024-02-13 at 13:31 By Eduard Kovacs CISA has added the Roundcube flaw tracked as CVE-2023-43770 to its known exploited vulnerabilities catalog. The post CISA Warns of Roundcube Webmail Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

CISA Warns of Roundcube Webmail Vulnerability Exploitation Read More »

CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products

CISA KEV, Ivanti, Malware & Threats, VPN, Vulnerabilities, Zero-Day /

CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products 2024-02-01 at 19:01 By Ryan Naraine In an unprecedented move, CISA is demanding that federal agencies disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours. The post CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products appeared first

React to this headline:

Loading spinner

CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products Read More »

After Delays, Ivanti Patches Zero-Days and Confirms New Exploit

CISA KEV, CVE-2023-46805, CVE-2024-21887, CVE-2024-21893, Featured, Ivanti, Malware & Threats, Vulnerabilities /

After Delays, Ivanti Patches Zero-Days and Confirms New Exploit 2024-01-31 at 19:47 By Ryan Naraine Ivanti documents a brand-new zero-day and belatedly ships patches; Mandiant is reporting “broad exploitation activity.” The post After Delays, Ivanti Patches Zero-Days and Confirms New Exploit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

After Delays, Ivanti Patches Zero-Days and Confirms New Exploit Read More »

CISA Warns of Apache Superset Vulnerability Exploitation

Apache, CISA KEV, exploited, Vulnerabilities /

CISA Warns of Apache Superset Vulnerability Exploitation 2024-01-09 at 20:02 By Ionut Arghire CISA has added a critical-severity Apache Superset flaw (CVE-2023-27524) to its Known Exploited Vulnerabilities catalog. The post CISA Warns of Apache Superset Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

CISA Warns of Apache Superset Vulnerability Exploitation Read More »

CISA Urges Federal Agencies to Patch Exploited Qualcomm Vulnerabilities

CISA KEV, Qualcomm, Vulnerabilities /

CISA Urges Federal Agencies to Patch Exploited Qualcomm Vulnerabilities 06/12/2023 at 16:01 By Ionut Arghire CISA has added to its Known Exploited Vulnerabilities Catalog four Qualcomm bugs, including three exploited as zero-days. The post CISA Urges Federal Agencies to Patch Exploited Qualcomm Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

CISA Urges Federal Agencies to Patch Exploited Qualcomm Vulnerabilities Read More »

Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices

CISA KEV, firewall, NAS, Network Security, Ransomware, Vulnerabilities, Zyxel /

Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices 30/11/2023 at 20:18 By Ryan Naraine Zyxel patches at least 15 security flaws that expose users to authentication bypass, command injection and denial-of-service attacks. The post Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices Read More »

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability

CISA KEV, exploited, Featured, Malware & Threats, Sophos /

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability 17/11/2023 at 16:20 By Eduard Kovacs CISA adds Sophos, Oracle and Microsoft product security holes to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability Read More »

CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability 

CISA KEV, exploited, Vulnerabilities /

CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability  11/10/2023 at 13:48 By Ionut Arghire CISA has added five bugs to its Known Exploited Vulnerabilities catalog, including the recent WordPad, Skype, and HTTP/2 zero-days. The post CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability  Read More »

CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws

Bluetooth, CISA, CISA KEV, Featured, Vulnerabilities /

CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws 06/10/2023 at 13:46 By Eduard Kovacs CISA has removed from its KEV catalog five Owl Labs video conferencing flaws that require the attacker to be in Bluetooth range. The post CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws appeared first on

React to this headline:

Loading spinner

CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws Read More »

Faster Patching Pace Validates CISA’s KEV Catalog Initiative

CISA, CISA KEV, Government, Risk Management, Vulnerabilities /

Faster Patching Pace Validates CISA’s KEV Catalog Initiative 22/09/2023 at 15:17 By Ionut Arghire CISA says Known Exploited Vulnerabilities Catalog has helped federal agencies significantly accelerate their vulnerability remediation pace. The post Faster Patching Pace Validates CISA’s KEV Catalog Initiative appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Faster Patching Pace Validates CISA’s KEV Catalog Initiative Read More »

VMware Patches Major Security Flaws in Network Monitoring Product

CISA KEV, Malware & Threats, Network Security, VMWare, VMware aria Operations for Logs, Vulnerabilities /

VMware Patches Major Security Flaws in Network Monitoring Product 29/08/2023 at 23:02 By Ryan Naraine VWware patches critical flaws that allow hackers to bypass SSH authentication and gain access to the Aria Operations for Networks command line interface. The post VMware Patches Major Security Flaws in Network Monitoring Product appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

VMware Patches Major Security Flaws in Network Monitoring Product Read More »

Scroll to Top