Pierluigi Paganini
October 16, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe Experience Manager Forms flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Adobe Experience Manager Forms flaw, tracked as CVE-2025-54253 (CVSS score 10.0), to its Known Exploited Vulnerabilities (KEV) catalog. Adobe Experience Manager (AEM) Forms is a component of Adobe […]
Pierluigi Paganini
October 10, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Grafana flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Grafana flaw, tracked as CVE-2021-43798 (CVSS score 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. Grafana is an open-source platform for monitoring and observability. This flaw is a directory traversal vulnerability affecting versions […]
Pierluigi Paganini
October 07, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Synacor Zimbra Collaboration Suite (ZCS) flaw, tracked as CVE-2025-27915, to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-27915 is a stored XSS flaw in Zimbra Collaboration Suite (versions 9.0–10.1) […]
Pierluigi Paganini
October 07, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle, Mozilla, Linux Kernel, Microsoft Windows, and Microsoft IE flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Oracle, Linux Kernel, Mozilla, Microsoft Windows, and Microsoft IE flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: This […]
Pierluigi Paganini
October 04, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these […]
Pierluigi Paganini
September 30, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions […]
Pierluigi Paganini
September 23, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium flaw, tracked as CVE-2025-10585, to its Known Exploited Vulnerabilities (KEV) catalog. In mid-September, Google released security updates to address four vulnerabilities in the Chrome web browser, including CVE-2025-10585, which […]
Pierluigi Paganini
September 12, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Dassault Systèmes DELMIA Apriso flaw, tracked as CVE-2025-5086 (CVSS score of 9.0), to its Known Exploited Vulnerabilities (KEV) catalog. Dassault Systèmes DELMIA Apriso is a Manufacturing Operations Management (MOM) software platform […]
Pierluigi Paganini
September 04, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2023-50224 is a TP-Link TL-WR841N dropbearpwd Improper Authentication Information […]
Pierluigi Paganini
August 26, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix Session Recording, and Git flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix Session Recording, and Git flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2024-8069 is a limited remote code execution with privilege […]
