961 Results for:CVE

  • Sort by: 

Congress wants CVE program changes from DHS and MITRE

By Michael Heller 30 Aug 2018

In a letter to DHS and MITRE, Congress said CVE program management has been 'insufficient' and called for the program to receive more consistent funding and additional oversight. Read More

How is Oracle Micros POS affected by CVE 2018-2636?

By Nick Lewis 17 Aug 2018

A security researcher found a security flaw dubbed CVE-2018-2636 that enables the installation of malware on Oracle Micros POS systems. Learn more about the vulnerability. Read More

March Patch Tuesday fixes critical Hyper-V vulnerabilities

By Tom Walat 12 Mar 2024

Microsoft also corrects a remote code execution flaw on Exchange Server and issues an advisory related to changes with an outdated file-scanning feature on the messaging platform. Read More

'Insane' spread of Log4j exploits won't abate anytime soon

By Shaun Nichols 15 Dec 2021

Experts say that the explosion in exploits for CVE-2021-44228 is only the early phase of what will be a long and tedious road to remediation for the critical vulnerability. Read More

CISA warns Fortinet zero-day vulnerability under attack

By Arielle Waldman 12 Feb 2024

CISA alerted federal agencies that a critical zero-day vulnerability in FortiOS is being actively exploited, though Fortinet has yet to confirm reports. Read More

CISA confirms compromise of its Ivanti systems

By Alexander Culafi 11 Mar 2024

CISA said that approximately one month ago, it identified 'activity indicating the exploitation of vulnerabilities in Ivanti products the agency uses.' Read More

Microsoft patches two zero-days for Valentine’s Day

By Alex Scroxton 14 Feb 2024

Two security feature bypasses impacting Microsoft SmartScreen are on the February Patch Tuesday docket, among more than 70 issues Read More

XZ backdoor discovery reveals Linux supply chain attack

By Rob Wright, Alexander Culafi 01 Apr 2024

A maintainer for XZ, a popular open source compression library for Linux distributions, compromised the open source project over the course of two years. Read More

Critical JetBrains TeamCity vulnerabilities under attack

By Arielle Waldman 05 Mar 2024

Exploitation activity has started against two vulnerabilities in JetBrains TeamCity, which has been targeted previously by nation-state threat actors such as Russia's Cozy Bear. Read More

CISA warns Ivanti ICT ineffective for detecting compromises

By Arielle Waldman 29 Feb 2024

CISA observed ongoing exploitation against four Ivanti vulnerabilities and found problems with the vendor's Integrity Checker Tool, which is designed to detect compromises. Read More