CISA has added ten new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2013-3163 Microsoft Internet Explorer Memory Corruption Vulnerability CVE-2014-1776 Microsoft Internet Explorer Memory Corruption Vulnerability CVE-2017-7494 Samba…
The Samba Team has released security updates addressing vulnerabilities in multiple versions of Samba. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users…
In today’s blog post, Associate Director of the Joint Cyber Defense Collaborative (JCDC) Clayton Romans highlighted recent successes of pre-ransomware notification and its impact in reducing harm from ransomware intrusions. With…
Today, CISA released the Untitled Goose Tool to help network defenders detect potentially malicious activity in Microsoft Azure, Azure Active Directory (AAD), and Microsoft 365 (M365) environments. The Untitled Goose…
High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info ansibleworks -- ansible The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before…
As part of the Enduring Security Framework (ESF), the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) has released Identity and Access Management Recommended Best Practices…
High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info automatedsolutions -- modbus/tcp_master_opc_server Heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server before 3.0.2 allows remote…
High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info apple -- iphone_os The Settings component in Apple iOS before 5, when a configuration profile is used…
The US-CERT Cyber Security Bulletin provides a summary of new and updated vulnerabilities, exploits, trends, and malicious code that have recently been openly reported. Information in the Cyber Security Bulletin…
High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info alexis_wilke -- protected_node The Protected Node module 6.x-1.x before 6.x-1.6 for Drupal does not properly "protect node…
