CISA adds jQuery CVE-2020-11023 to KEV Catalog

CISA adds jQuery CVE-2020-11023 to KEV Catalog

CVE-2020-11023 is a significant security flaw within jQuery, a widely used JavaScript library. The vulnerability is categorized as a persistent cross-site scripting (XSS) issue. This type of vulnerability occurs when…
CISA adds Fortinet flaw CVE-2024-55591 to KEV Catalog

CISA adds Fortinet flaw CVE-2024-55591 to KEV Catalog

CVE-2024-55591 is a critical vulnerability affecting Fortinet's FortiOS and FortiProxy devices. This vulnerability allows a remote attacker to bypass authentication mechanisms and gain super-admin privileges by sending specially crafted requests…
Microsoft Patch Tuesday- January 2025

Microsoft Patch Tuesday- January 2025

Microsoft released the January 2025 Patch Tuesday updates on January 14, 2025, focusing on addressing critical security vulnerabilities across various Microsoft products. This update cycle includes security patches, improvements, and…
CISA KEV Catalog Update Part III- January 2025

CISA KEV Catalog Update Part III- January 2025

The US CISA has recently included two significant vulnerabilities, CVE-2024-12686 and CVE-2023-48365, in its Known Exploited Vulnerabilities (KEV) Catalog. This catalog is an essential resource for organizations to prioritize and…
CVE-2025-0282: Affecting Ivanti Products

CVE-2025-0282: Affecting Ivanti Products

Overview CVE-2025-0282 is a critical stack-based buffer overflow vulnerability. It impacts Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for Zero Trust Access (ZTA) gateways. This vulnerability allows remote,…
CISA KEV UPDATE Part I – January 2025

CISA KEV UPDATE Part I – January 2025

The US CISA has added 3  vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog based on the evidence of active exploitation. CVE-2024-41713: Mitel MiCollab Path Traversal Vulnerability Description:This vulnerability affects…
CISA adds PaloAlto CVE-2024-3393 to its KEV Catalog

CISA adds PaloAlto CVE-2024-3393 to its KEV Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) recently added CVE-2024-3393 to its Known Exploited Vulnerabilities (KEV) Catalog. This vulnerability affects Palo Alto Networks' PAN-OS software and involves a malformed DNS…