CVE-2024-47575: Frequently Asked Questions About FortiJump Zero-Day in FortiManager and FortiManager Cloud
Frequently asked questions about a zero-day vulnerability in Fortinet’s FortiManager that has reportedly been exploited in the wild....
From Bugs to Breaches: 25 Significant CVEs As MITRE CVE Turns 25
Twenty five years after the launch of CVE, the Tenable Security Response Team has handpicked 25 vulnerabilities that stand out for their significance....
Oracle October 2024 Critical Patch Update Addresses 198 CVEs
Oracle addresses 198 CVEs in its fourth quarterly update of 2024 with 334 patches, including 35 critical updates....
Microsoft’s October 2024 Patch Tuesday Addresses 117 CVEs (CVE-2024-43572, CVE-2024-43573)
Microsoft addresses 117 CVEs with three rated as critical and four zero-day vulnerabilities, two of which were exploited in the wild....
CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, CVE-2024-47177: Frequently Asked Questions About Common UNIX Printing System (CUPS) Vulnerabilities
Frequently asked questions about multiple vulnerabilities in the Common UNIX Printing System (CUPS) that were disclosed as zero-days on September 26....
Microsoft’s September 2024 Patch Tuesday Addresses 79 CVEs (CVE-2024-43491)
Microsoft addresses 79 CVEs with seven critical vulnerabilities and four zero-day vulnerabilities, including three that were exploited in the wild....
CVE-2021-20123, CVE-2021-20124: DrayTek Vulnerabilities Discovered by Tenable Research Added to CISA KEV
With patches out for three years, attackers have set their sights on a pair of vulnerabilities affecting DrayTek VigorConnect....
AA24-241A : Joint Cybersecurity Advisory on Iran-based Cyber Actors Targeting US Organizations
A joint Cybersecurity Advisory highlights Iran-based cyber actor ransomware activity targeting U.S. organizations. The advisory includes CVEs exploited, alongside techniques, tactics and procedures used by the threat actors....
CVE-2024-7593: Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available...
Microsoft’s August 2024 Patch Tuesday Addresses 88 CVEs
Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild....
CVE-2024-20419: Cisco Smart Software Manager On-Prem Password Change Vulnerability
Critical vulnerability in Cisco Smart Software Manager On-Prem exposes systems to unauthorized password changes, exploit code now available.BackgroundOn July 17, 2024, Cisco published an advisory for a critical vulnerability in Cisco’s Smart Software Manager On-Prem (SSM On-Prem):CVEDescriptionCVSSv...
Oracle July 2024 Critical Patch Update Addresses 175 CVEs
Oracle addresses 175 CVEs in its third quarterly update of 2024 with 386 patches, including 26 critical updates....