US CISA – TheCyberThrone

CISA KEV Catalog Update Part IV- November 2024

The U.S. CISA added the following vulnerabilities to its Known Exploited Vulnerabilities catalog CVE-2024-1212 with a CVSS score of 10 and CWE-78, is a Progress Kemp LoadMaster OS command injection issue…

PravinKarthik November 19, 2024

CISA adds Palo Alto flaws to KEV Catalog

The US CISA has issued an urgent alert and added two new vulnerabilities related to Palo Alto Networks to its Known Exploited Vulnerabilities Catalog The first vulnerability, CVE-2024-9463 with a…

PravinKarthik November 15, 2024

CISA KEV Catalog Update Part III- November 2024

The US CISA adds Microsoft, Metabase, Cisco, and Atlassian vulnerabilities to its Known Exploited Vulnerabilities Catalog based on the evidence of mass exploitation. CVE-2014-2120 Thr vulnerability with a CVSS score…

PravinKarthik November 13, 2024

CISA KEV Catalog Update Part II – November 2024

The U.S. CISA added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog following the massive exploitation in wild. CVE-2024-43093 Android Framework Privilege Escalation Vulnerability The vulnerability is a privileged escalation issue…

PravinKarthik November 8, 2024

CISA adds PTZOptics flaws to its KEV Catalog

The US CISA has added PTZOptics flaws to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitation. CVE-2024-8956 PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference…

PravinKarthik November 5, 2024

Decoding CISA’s draft guidance on Product Security Bad Practices

The U.S. CISA and the FBI have released a draft ‘Product Security Bad Practices’ guidance aimed at helping software manufacturers reduce customer risk by prioritizing security throughout the product development…

PravinKarthik October 29, 2024

CISA adds Cisco and RoundCube Webmail bugs to its KEV Catalog

The US CISA has added Cisco ASA and FTD flaw, RoundCube Webmail flaw to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitation. CVE-2024-20481 With a CVSS…

PravinKarthik October 25, 2024

CISA ads Fortimanager bug CVE-2024-47575 to KEV Catalog

The US CISA has added the Fortimanager vulnerability to it Known Exploited Vulnerability Catalog based on the evidence of active exploitation. This vulnerability evolved in the last 10-15 days, with…

PravinKarthik October 24, 2024