The Hacker News
Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog
August 22^nd 2023 at 03:36

Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog

By THN

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, cataloged as CVE-2023-26359 (CVSS score: 9.8), relates to a deserialization flaw present in Adobe ColdFusion 2018 (Update 15 and earlier) and ColdFusion 2021 (

Related tags
August 22^nd 2023 at 03:36

The Hacker News
CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation
August 11^th 2023 at 03:38

CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation

By THN

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched security flaw in Microsoft's .NET and Visual Studio products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-38180 (CVSS score: 7.5), the high-severity flaw relates to a case denial-of-service (DoS) impacting .NET and Visual Studio. It

Related tags
August 11^th 2023 at 03:38

The Hacker News
U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog
June 24^th 2023 at 15:30

U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog

By Ravie Lakshmanan

The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This comprises three vulnerabilities that Apple patched this week (CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439), two flaws in VMware (CVE-2023-20867 and CVE-2023-20887), and one shortcoming impacting Zyxel

Related tags
June 24^th 2023 at 15:30

The Hacker News
CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws
February 11^th 2023 at 05:45

CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws

By Ravie Lakshmanan

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active abuse in the wild. Included among the three is CVE-2022-24990, a bug affecting TerraMaster network-attached storage (TNAS) devices that could lead to unauthenticated remote code execution with the highest privileges. Details

Related tags
February 11^th 2023 at 05:45

The Hacker News
CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability
September 23^rd 2022 at 10:21

CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability

By Ravie Lakshmanan

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a recently disclosed security flaw in Zoho ManageEngine to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. "Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability which allows for remote code execution," the agency

Related tags
September 23^rd 2022 at 10:21

FreshRSS

Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog

CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation

U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog

CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws

CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability