Security News > 2024 > January > CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe , D-Link, Joomla Under Attack
![CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe , D-Link, Joomla Under Attack](/static/build/img/news/cisa-flags-6-vulnerabilities-apple-apache-adobe-d-link-joomla-under-attack-medium.jpg)
2024-01-10 04:50
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This includes CVE-2023-27524 (CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution.
News URL
https://thehackernews.com/2024/01/cisa-flags-6-vulnerabilities-apple.html
Related news
- Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks (source)
- CISA warns of Windows bug exploited in ransomware attacks (source)
- 'Almost every Apple device' vulnerable to CocoaPods supply chain attack (source)
- Millions of Apple Applications Were Vulnerable to CocoaPods Supply Chain Attack (source)
- CISA urges devs to weed out OS command injection vulnerabilities (source)
- Apple Is Alerting iPhone Users of Spyware Attacks (source)
- CISA warns critical Geoserver GeoTools RCE flaw is exploited in attacks (source)
- Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP (source)
- SAP AI Core Vulnerabilities Expose Customer Data to Cyber Attacks (source)
- CISA Adds Twilio Authy and IE Flaws to Exploited Vulnerabilities List (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-24 | CVE-2023-27524 | Insecure Default Initialization of Resource vulnerability in Apache Superset Session Validation attacks in Apache Superset versions up to and including 2.0.1. | 9.8 |