961 Results for:CVE

  • Sort by: 

Microsoft addresses Office vulnerability attacked by Russian spooks in latest update

By Alex Scroxton 09 Aug 2023

Microsoft has issued fixes for over 70 vulnerabilities in its August Patch Tuesday drop, including remedies for CVE-2023-36884, which was disclosed without a fix in July and has been the subject of Kremlin-backed ... Read More

NSA’s top CVE list a timely reminder to patch

By Alex Scroxton 21 Oct 2020

Many of the CVEs detailed on the NSA’s top 25 chart are golden oldies Read More

Latest Atlassian Confluence vulnerability raises concerns

By Alex Scroxton 25 Jul 2022

CVE-2022-26138 is the second major vulnerability disclosure made for Atlassian’s Confluence collaboration platform in recent months Read More

Microsoft corks Windows zero-day on April Patch Tuesday

By Tom Walat 09 Apr 2024

The company delivered one of its largest security update releases in recent years with a proxy driver spoofing vulnerability topping the patching priority list. Read More

CISA: Threat actors exploiting multiple Zimbra flaws

By Alexander Culafi 17 Aug 2022

Cybersecurity vendor Volexity found earlier this month that one flaw, CVE-2022-27925, had compromised more than 1,000 Zimbra Collaboration Suite instances. Read More

Cisco zero-day flaws in ASA, FTD software under attack

By Alexander Culafi 25 Apr 2024

Cisco revealed that a nation-state threat campaign dubbed 'ArcaneDoor' exploited two zero-day vulnerabilities in its Adaptive Security Appliance and Firepower Threat Defense products. Read More

Microsoft: Austrian company DSIRF selling Subzero malware

By Alexander Culafi 28 Jul 2022

Microsoft said Austrian penetration testing firm DSIRF exploited multiple zero-day vulnerabilities, including the recently patched CVE-2022-22047. Read More

Patch Tuesday: Windows Server 2008 receives emergency security patch

By Cliff Saran 10 Apr 2024

Support for the OS ended in 2020, but four years on and there's a live exploit of a security flaw that impacts all Windows users Read More

Microsoft CredSSP: How was it exploited by CVE-2018-0886?

By Judith Myerson 29 Jun 2018

The CVE-2018-0886 vulnerability found within Microsoft's CredSSP was recently patched. Discover what this vulnerability is and how it affects the CredSSP protocol with Judith Myerson. Read More

Critical CrushFTP zero-day vulnerability under attack

By Arielle Waldman 24 Apr 2024

While a patch is now available, a critical CrushFTP vulnerability came under attack as a zero-day and could allow attackers to exfiltrate all files on the server. Read More