Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

By Ravie Lakshmanan — April 14^th 2023 at 07:15

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The two flaws are listed below - CVE-2023-20963 (CVSS score: 7.8) - Android Framework Privilege Escalation Vulnerability CVE-2023-29492 (CVSS score: TBD) - Novi Survey Insecure Deserialization Vulnerability

The Hacker News

CISA's KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems

By Ravie Lakshmanan — March 8^th 2023 at 06:30

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is below - CVE-2022-35914 (CVSS score: 9.8) - Teclib GLPI Remote Code Execution Vulnerability CVE-2022-33891 (CVSS score: 8.8) - Apache Spark Command Injection Vulnerability CVE-

The Hacker News

CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability

By Ravie Lakshmanan — September 23^rd 2022 at 10:21

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a recently disclosed security flaw in Zoho ManageEngine to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. "Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability which allows for remote code execution," the agency

FreshRSS

Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

CISA's KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems

CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability