Security News

CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog

2023-11-17 05:57

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active...

#cisa #exploitation #KEV #security #CVE-2023-36584 #CVE-2023-1671

CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks

2023-08-17 05:10

The U.S. Cybersecurity and Infrastructure Security Agency has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities catalog, based on evidence of active in-the-wild exploitation. "This vulnerability affects all currently supported versions of customer-managed ShareFile storage zones controller before version 5.11.24," Citrix said in an advisory released in June.

#attack #cisa #citrix #KEV #CVE-2023-24489 #CVE-2023-3519

CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation

2023-08-11 03:38

The U.S. Cybersecurity and Infrastructure Security Agency has added a recently patched security flaw in Microsoft's.NET and Visual Studio products to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation.

#exploitation #KEV #vulnerability #cisa #microsoft

CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug

2023-04-22 06:00

The U.S. Cybersecurity and Infrastructure Security Agency on Friday added three security flaws to its Known Exploited Vulnerabilities catalog, based on evidence of active exploitation. "In a cluster deployment, MinIO returns all environment variables, including MINIO SECRET KEY and MINIO ROOT PASSWORD, resulting in information disclosure," MinIO maintainers said in an advisory published on March 21, 2023.

#cisa #critical #KEV #papercut #CVE-2023-28432

15 million public-facing services vulnerable to CISA KEV flaws

2023-03-31 19:23

Over 15 million publicly facing services are susceptible to at least one of the 896 vulnerabilities listed in CISA's KEV catalog. Using these custom search queries, the researchers found 15 million instances vulnerable to 200 CVEs from the catalog.

#cisa #KEV #CVE-2021-40438

CISA's KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems

2023-03-08 06:30

The U.S. Cybersecurity and Infrastructure Security Agency has added three security flaws to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation. The most critical of the three is CVE-2022-35914, which concerns a remote code execution vulnerability in the third-party library htmlawed present in Teclib GLPI, an open source asset and IT management software package.

#cisa #KEV #management #CVE-2022-35914

U.S. Cybersecurity Agency CISA Adds Three New Vulnerabilities in KEV Catalog

2023-02-22 05:38

The U.S. Cybersecurity and Infrastructure Security Agency on Tuesday added three security flaws to its Known Exploited Vulnerabilities catalog, based on evidence of active exploitation.CVE-2022-47986 is described as a YAML deserialization flaw in the file transfer solution that could allow a remote attacker to execute code on the system.

#cybersecurity #vulnerabilities #cisa #KEV #CVE-2022-47986

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}