01 
Security Affairs
JANUARY 11, 2023
US CISA added Microsoft Exchange elevation of privileges bug CVE-2022-41080 to its Known Exploited Vulnerabilities Catalog. The first issue, tracked as CVE-2022-41080 , is a Microsoft Exchange server privilege escalation vulnerability. The issue can be chained with CVE-2022-41082 (ProxyNotShell) to achieve remote code execution.
Security Affairs
JANUARY 9, 2024
In April 2022, Horizon3 researchers discovered a remote code execution, tracked as CVE-2023-27524 (CVSS score: 8.9), in Apache Superset. The above issues must be fixed by January 29, 2024, no one is known to be used in ransomware campaigns. D-Link DSL-2750B Devices Command Injection Vulnerability CVE-2016-20017 ; Joomla!
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
SEPTEMBER 9, 2022
According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities , FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog. Now CISA added this flaw to the Catalog.
Security Affairs
APRIL 8, 2023
US CISA has added Veritas Backup Exec flaws, which were exploited in ransomware attacks, to its Known Exploited Vulnerabilities catalog. Mandiant researchers first observed this affiliate targeting Veritas issues in the wild on October 22, 2022. CISA orders federal agencies to fix this flaw by April 28, 2023.
Security Affairs
MAY 15, 2022
Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.
Security Affairs
FEBRUARY 11, 2023
US CISA added actively exploited flaws in Fortra MFT, Intel driver, and TerraMaster NAS, respectively tracked as CVE-2023-0669 , CVE-2015-2291 , and CVE-2022-24990 , to its Known Exploited Vulnerabilities Catalog. The CVE-2015-2291 flaw (CVSS v3 score 7.8) sys and IQVW64.sys.
Security Affairs
AUGUST 19, 2022
The US Cybersecurity and Infrastructure Security Agency (CISA) added a critical SAP vulnerability, tracked as CVE-2022-22536 , to its Known Exploited Vulnerabilities Catalog a few days after researchers shared details about the issue at the Black Hat and Def Con hacker conferences. The flaw received a CVSSv3 score of 10.0.
Expert insights. Personalized for you.
98 
Let's personalize your content