CISA KEV Update Part IV – July 2024

CISA KEV Update Part IV – July 2024

The US CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-4879 ServiceNow Improper Input Validation Vulnerability. ServiceNow Utah, Vancouver, and Washington DC…
CISA KEV Update Part II- July 2024

CISA KEV Update Part II- July 2024

The US CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-34102 Adobe Commerce and Magento Open Source Improper Restriction of XML External…
CISA KEV Update Part I – July 2024

CISA KEV Update Part I – July 2024

The U.S. CISA added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2024-23692 with a CVSS score of 9.8 is a template injection vulnerability that impacts Rejetto HTTP File Server,…
CISA KEV Catalog Update Part II- June 2024

CISA KEV Catalog Update Part II- June 2024

The U.S. CISA added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2024-32896 Android Pixel Privilege Escalation Vulnerability is an elevation of privilege vulnerability in Pixel Firmware, which has been exploited…
CISA adds CVE-2017-3506 to KEV Catalog

CISA adds CVE-2017-3506 to KEV Catalog

The US CISA added an old Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog after it was seen being exploited by Chinese hackers to deploy cryptocurrency miners. The vulnerability,…
CISA KEV Update April 2024 – Part II

CISA KEV Update April 2024 – Part II

The US. CISA has issued a high-priority alert for federal agencies to patch two critical vulnerabilities found in Cisco products and one in the widely used file transfer tool, CrushFTP.…