The Hacker News
CISA Warns of Actively Exploited Adobe Acrobat Reader Vulnerability
October 11^th 2023 at 12:26

CISA Warns of Actively Exploited Adobe Acrobat Reader Vulnerability

By: Newsroom

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-21608 (CVSS score: 7.8), the vulnerability has been described as a use-after-free bug that can be exploited to achieve remote code execution (RCE) with the

The Hacker News
Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog
August 22^nd 2023 at 03:36

Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog

By: THN

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, cataloged as CVE-2023-26359 (CVSS score: 9.8), relates to a deserialization flaw present in Adobe ColdFusion 2018 (Update 15 and earlier) and ColdFusion 2021 (

The Hacker News
CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks
August 17^th 2023 at 05:10

CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks

By: THN

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active in-the-wild exploitation. Tracked as CVE-2023-24489 (CVSS score: 9.8), the shortcoming has been described as an improper access control bug that, if successfully exploited

The Hacker News
CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation
August 11^th 2023 at 03:38

CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation

By: THN

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched security flaw in Microsoft's .NET and Visual Studio products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-38180 (CVSS score: 7.5), the high-severity flaw relates to a case denial-of-service (DoS) impacting .NET and Visual Studio. It

The Hacker News
U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog
June 24^th 2023 at 15:30

U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog

By: Ravie Lakshmanan

The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This comprises three vulnerabilities that Apple patched this week (CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439), two flaws in VMware (CVE-2023-20867 and CVE-2023-20887), and one shortcoming impacting Zyxel

FreshRSS

CISA Warns of Actively Exploited Adobe Acrobat Reader Vulnerability

Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog

CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks

CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation

U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog