Original release date: November 10, 2022Today CISA published its guide on Stakeholder-Specific Vulnerability Categorization (SSVC), a vulnerability management methodology that assesses vulnerabilities and prioritizes remediation efforts based on exploitation status,…
Original release date: November 9, 2022Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected…
Original release date: November 7, 2022 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info honeywell -- c200_firmware Honeywell Experion PKS C200, C200E, C300, and…
Original release date: October 31, 2022CISA has released two fact sheets to highlight threats against accounts and systems using certain forms of multifactor authentication (MFA). CISA strongly urges all organizations…
Original release date: October 31, 2022 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info 10web -- form_maker The Form Maker by 10Web WordPress plugin…
Original release date: October 25, 2022CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack…
Original release date: October 24, 2022CISA has added six vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector…
Original release date: October 24, 2022 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info 74cms -- 74cmsse An arbitrary file upload vulnerability in the…
Original release date: October 21, 2022CISA, the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) have released a joint Cybersecurity Advisory (CSA), #StopRansomware: Daixin…
Original release date: October 21, 2022Cisco has released a security update to address vulnerabilities affecting Cisco Identity Services Engine (ISE). A remote attacker could exploit some of these vulnerabilities to take control…
