The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on TuesdayΒ addedΒ a high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked asΒ CVE-2023-21608Β (CVSS score: 7.8), the vulnerability has been described as a use-after-free bug that can be exploited to achieve remote code execution (RCE) with the
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) hasΒ addedΒ a critical security flaw in Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability, cataloged asΒ CVE-2023-26359Β (CVSS score: 9.8), relates to a deserialization flaw present in Adobe ColdFusion 2018 (Update 15 and earlier) and ColdFusion 2021 (
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active in-the-wild exploitation.
Tracked asΒ CVE-2023-24489Β (CVSS score: 9.8), the shortcoming has been described as an improper access control bug that, if successfully exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) hasΒ addedΒ a recently patched security flaw in Microsoft's .NET and Visual Studio products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked asΒ CVE-2023-38180Β (CVSS score: 7.5), the high-severity flaw relates to a case denial-of-service (DoS) impacting .NET and Visual Studio.
It
The U.S. Cybersecurity and Infrastructure Security Agency hasΒ addedΒ a batch of six flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
This comprises three vulnerabilities that Apple patched this week (CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439), two flaws in VMware (CVE-2023-20867Β andΒ CVE-2023-20887), and one shortcoming impacting Zyxel
Login
FreshRSS