Security News

The Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution...

The Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute...

Ultra-Reliable Wireless Backhaul doesn't live up to its name Cisco is issuing a critical alert notice about a flaw that makes its so-called Ultra-Reliable Wireless Backhaul systems easy to subvert.…

Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these scores provide some insight into the potential...

UK veterinary services provider CVS Group has announced that it suffered a cyberattack that disrupted IT services at its practices across the country. CVS Group operates 500 veterinary practices throughout the UK, Australia, the Netherlands, and the Republic of Ireland, including nine specialist referral hospitals, 39 dedicated out-of-hours sites, three laboratories, and seven pet crematoria.

The newest version of the vulnerability scoring system CVSS 4.0 is here! After a lengthy gap between version 3, as of November 2023 version 4.0 is officially live. Version 3.0 and CVSS in general, while being quite good at measuring the "Impact" of a vulnerability, wasn't very good at scoring its "Exploitability".

The Forum of Incident Response and Security Teams (FIRST) has officially announced CVSS v4.0, the next generation of the Common Vulnerability Scoring System standard, more than eight years after...

The Forum of Incident Response and Security Teams has officially released CVSS v4.0, the next generation of its Common Vulnerability Scoring System standard, eight years after CVSS v3.0, the previous major version.CVSS is a standardized framework for assessing software security vulnerabilities' severity used to assign numerical scores or qualitative representation based on exploitability, impact on confidentiality, integrity, availability, and required privileges, with higher scores denoting more severe vulnerabilities.

Google has assigned a new CVE identifier for a critical security flaw in the libwebp image library for rendering images in the WebP format that has come under active exploitation in the wild....

Abstract: The Common Vulnerability Scoring System is a popular method for evaluating the severity of vulnerabilities in vulnerability management. The goal of CVSS is to provide comparable scores across different evaluators.