Tag archive for Cisa

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-6047 GeoVision Devices OS Command Injection Vulnerability CVE-2024-11120 GeoVision Devices OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose…

Continue reading →

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems (ICS) advisories on May 8, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-128-01 Horner Automation Cscape ICSA-25-128-02 Hitachi Energy RTU500 series ICSA-25-128-03 Mitsubishi Electric CC-Link IE TSN  ICSA-25-093-01 Hitachi Energy RTU500…

Continue reading →

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-27363 FreeType Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational…

Continue reading →

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38475 Apache HTTP Server Improper Escaping of Output Vulnerability CVE-2023-44221 SonicWall SMA100 Appliances OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber…

Continue reading →

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-34028 Commvault Command Center Path Traversal Vulnerability CVE-2024-58136 Yiiframework Yii Improper Protection of Alternate Path Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors…

Continue reading →

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems (ICS) advisories on May 1, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-121-01 KUNBUS GmbH Revolution Pi  ICSMA-25-121-01 MicroDicom DICOM Viewer CISA encourages users and administrators to review newly released ICS…

Continue reading →

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-1976 Broadcom Brocade Fabric OS Code Injection Vulnerability CVE-2025-42599 Qualitia Active! Mail Stack-Based Buffer Overflow Vulnerability CVE-2025-3928 Commvault Web Server Unspecified Vulnerability These types of vulnerabilities are frequent attack vectors for…

Continue reading →

CISA Releases Guidance on Credential Risks Associated with Potential Legacy Oracle Cloud Compromise

CISA is aware of public reporting regarding potential unauthorized access to a legacy Oracle cloud environment. While the scope and impact remains unconfirmed, the nature of the reported activity presents potential risk to organizations and individuals, particularly where credential material may be exposed, reused across…

Continue reading →

Page 1 of 64 1 2 3 4 5 ... Last →