Known Exploited Vulnerabilities – Page 7 – Experimental News Clipping Site

Alerts: CISA Adds Three Known Exploited Vulnerabilities to Catalog

Nov 18, 2024

—

by

Source URL: https://www.cisa.gov/news-events/alerts/2024/11/18/cisa-adds-three-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Three Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-1212 Progress Kemp LoadMaster OS Command Injection Vulnerability CVE-2024-0012 Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability CVE-2024-9474 Palo Alto Networks PAN-OS…

The Register: Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit

Nov 15, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/15/palo_alto_networks_firewall_zeroday/ Source: The Register Title: Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit Feedly Summary: Yank access to management interface, stat A critical zero-day vulnerability in Palo Alto Networks’ firewall management interface that can allow an unauthenticated attacker to remotely execute code is now officially under active exploitation.… AI Summary and…

Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog

Nov 14, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2024/11/14/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-9463 Palo Alto Networks Expedition OS Command Injection Vulnerability CVE-2024-9465 Palo Alto Networks Expedition SQL Injection Vulnerability These types of vulnerabilities are frequent…

Alerts: CISA Adds Five Known Exploited Vulnerabilities to Catalog

Nov 13, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2024/11/12/cisa-adds-five-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Five Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-26086 Atlassian Jira Server and Data Center Path Traversal Vulnerability CVE-2014-2120 Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability CVE-2021-41277 Metabase GeoJSON API Local…

The Register: Admins can give thanks this November for dollops of Microsoft patches

Nov 13, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/13/november_patch_tuesday/ Source: The Register Title: Admins can give thanks this November for dollops of Microsoft patches Feedly Summary: Don’t be a turkey – get these fixed Patch Tuesday Patch Tuesday has swung around again, and Microsoft has released fixes for 89 CVE-listed security flaws in its products – including two under active attack…

Alerts: CISA Adds Four Known Exploited Vulnerabilities to Catalog

Nov 7, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2024/11/07/cisa-adds-four-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Four Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-43093 Android Framework Privilege Escalation Vulnerability CVE-2024-51567 CyberPanel Incorrect Default Permissions Vulnerability CVE-2019-16278 Nostromo nhttpd Directory Traversal Vulnerability CVE-2024-5910 Palo Alto Expedition Missing…

Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog

Nov 4, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2024/11/04/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8957 PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability CVE-2024-8956 PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors…

Alerts: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation

Oct 30, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2024/10/30/fortinet-updates-guidance-and-indicators-compromise-following-fortimanager-vulnerability Source: Alerts Title: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation Feedly Summary: Fortinet has updated their security advisory addressing a critical FortiManager vulnerability (CVE-2024-47575) to include additional workarounds and indicators of compromise (IOCs). A remote, unauthenticated cyber threat actor could exploit this vulnerability to gain access to sensitive…

The Register: Emergency patch: Cisco fixes bug under exploit in brute-force attacks

Oct 24, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/24/cisco_bug_brute_force/ Source: The Register Title: Emergency patch: Cisco fixes bug under exploit in brute-force attacks Feedly Summary: Who doesn’t love abusing buggy appliances, really? Cisco has patched an already exploited security hole in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software that miscreants have been brute-forcing in attempted denial of…

Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog

Oct 24, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2024/10/24/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20481 Cisco ASA and FTD Denial-of-Service Vulnerability CVE-2024-37383 RoundCube Webmail Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities are frequent attack vectors for malicious…

Tag: Known Exploited Vulnerabilities