961 Results for:CVE
- Sort by:
Congress wants CVE program changes from DHS and MITRE
30 Aug 2018In a letter to DHS and MITRE, Congress said CVE program management has been 'insufficient' and called for the program to receive more consistent funding and additional oversight. Read More
How is Oracle Micros POS affected by CVE 2018-2636?
17 Aug 2018A security researcher found a security flaw dubbed CVE-2018-2636 that enables the installation of malware on Oracle Micros POS systems. Learn more about the vulnerability. Read More
March Patch Tuesday fixes critical Hyper-V vulnerabilities
12 Mar 2024Microsoft also corrects a remote code execution flaw on Exchange Server and issues an advisory related to changes with an outdated file-scanning feature on the messaging platform. Read More
'Insane' spread of Log4j exploits won't abate anytime soon
15 Dec 2021Experts say that the explosion in exploits for CVE-2021-44228 is only the early phase of what will be a long and tedious road to remediation for the critical vulnerability. Read More
CISA warns Fortinet zero-day vulnerability under attack
12 Feb 2024CISA alerted federal agencies that a critical zero-day vulnerability in FortiOS is being actively exploited, though Fortinet has yet to confirm reports. Read More
CISA confirms compromise of its Ivanti systems
11 Mar 2024CISA said that approximately one month ago, it identified 'activity indicating the exploitation of vulnerabilities in Ivanti products the agency uses.' Read More
Microsoft patches two zero-days for Valentine’s Day
14 Feb 2024Two security feature bypasses impacting Microsoft SmartScreen are on the February Patch Tuesday docket, among more than 70 issues Read More
XZ backdoor discovery reveals Linux supply chain attack
01 Apr 2024A maintainer for XZ, a popular open source compression library for Linux distributions, compromised the open source project over the course of two years. Read More
Critical JetBrains TeamCity vulnerabilities under attack
05 Mar 2024Exploitation activity has started against two vulnerabilities in JetBrains TeamCity, which has been targeted previously by nation-state threat actors such as Russia's Cozy Bear. Read More
CISA warns Ivanti ICT ineffective for detecting compromises
29 Feb 2024CISA observed ongoing exploitation against four Ivanti vulnerabilities and found problems with the vendor's Integrity Checker Tool, which is designed to detect compromises. Read More