Known Exploited Vulnerabilities Catalog Archives - Page 13 of 18

Pierluigi Paganini August 22, 2023

CISA adds critical Adobe ColdFusion flaw to its Known Exploited Vulnerabilities catalog

US CISA added critical vulnerability CVE-2023-26359 in Adobe ColdFusion to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a critical flaw CVE-2023-26359 (CVSS score 9.8) affecting Adobe ColdFusion to its Known Exploited Vulnerabilities Catalog. Adobe fixed the critical flaw in March 2023, it is a deserialization of untrusted data issue in Adobe ColdFusion that can […]

Pierluigi Paganini August 16, 2023

CISA adds flaw in Citrix ShareFile to its Known Exploited Vulnerabilities catalog

US CISA added critical vulnerability CVE-2023-24489 in Citrix ShareFile to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added critical flaw CVE-2023-24489 (CVSS score 9.8) affecting Citrix ShareFile to its Known Exploited Vulnerabilities Catalog. Citrix ShareFile is a secure file sharing and storage platform designed for businesses and professionals to collaborate on documents, exchange […]

Pierluigi Paganini August 10, 2023

CISA adds actively exploited flaw in .NET, Visual Studio to its Known Exploited Vulnerabilities catalog

US CISA added zero-day vulnerability CVE-2023-38180 affecting .NET and Visual Studio to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added an actively exploited zero-day vulnerability CVE-2023-38180 (CVSS score 7.5) affecting .NET and Visual Studio to its Known Exploited Vulnerabilities Catalog. The vulnerability can be exploited to trigger a denial-of-service (DoS) condition, […]

Pierluigi Paganini August 02, 2023

CISA adds second Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalog

US CISA added a second actively exploited Ivanti ‘s Endpoint Manager Mobile (EPMM) vulnerability to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the second actively exploited Ivanti ‘s Endpoint Manager Mobile (EPMM, formerly MobileIron Core) vulnerability, tracked as CVE-2023-35081, to its Known Exploited Vulnerabilities Catalog. “The Cybersecurity and Infrastructure Security […]

Pierluigi Paganini July 03, 2023

CISA adds Samsung and D-link bugs to its Known Exploited Vulnerabilities catalog

US CISA added actively exploited Samsung and D-Link vulnerabilities to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added six Samsung and two D-Link vulnerabilities to its Known Exploited Vulnerabilities Catalog. Below is the list of flaws added to the catalog: The CVE-2019-17621 flaw is a remote command execution flaw that resides in […]

Pierluigi Paganini June 23, 2023

CISA orders govt agencies to fix recently disclosed flaws in Apple devices

U.S. Cybersecurity and Infrastructure Security Agency (CISA) added six new vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added six new security flaws to its Known Exploited Vulnerabilities Catalog. Below is the list of the issues added to the catalog: According to Binding Operational Directive (BOD) 22-01: Reducing the […]

Pierluigi Paganini June 02, 2023

CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog

US CISA added actively exploited Progress MOVEit Transfer zero-day vulnerability to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a Progress MOVEit Transfer SQL injection vulnerability, tracked as CVE-2023-34362, to its Known Exploited Vulnerabilities Catalog. Threat actors are actively exploiting a zero-day vulnerability in the Progress MOVEit Transfer file transfer product […]

Pierluigi Paganini May 22, 2023

CISA adds iPhone bugs to its Known Exploited Vulnerabilities catalog

US CISA added three zero-day vulnerabilities affecting iPhones, Macs, and iPads to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added three zero-day vulnerabilities affecting iPhones, Macs, and iPads to its Known Exploited Vulnerabilities Catalog. The three issues reside in the WebKit browser engine and are tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373. Below […]

Pierluigi Paganini May 16, 2023

CISA adds Ruckus bug and another six flaws to its Known Exploited Vulnerabilities catalog

US Cybersecurity and Infrastructure Security Agency (CISA) added seven new flaws to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following three new issues to its Known Exploited Vulnerabilities Catalog: CVE-2023-25717 – Ruckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the […]

Pierluigi Paganini May 02, 2023

CISA adds TP-Link, Apache, and Oracle bugs to its Known Exploited Vulnerabilities catalog

US Cybersecurity and Infrastructure Security Agency (CISA) added TP-Link, Apache, and Oracle vulnerabilities to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following three new issues to its Known Exploited Vulnerabilities Catalog: CVE-2023-1389 (CVSS score: 8.8) – TP-Link Archer AX-21 Command Injection Vulnerability. The CVE-2023-1389 flaw is an unauthenticated […]