-
Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
Note: The CVEs in this advisory are unrelated to vulnerabilities (CVE-2025-0282 and CVE-2025-0283) in Ivantis Connect Secure, Policy Secure and ZTA Gateways. For more information on mitigating CVE -2025-0282 and CVE-2025-0283,…
-
Several vulnerabilities in SonicWall SonicOS could allow a remote attacker to bypass authentication.
MS-ISAC NOTICE NUMBER: 2025-002 ISSUE DATE(S): 09/01/2025 PREVIEW: Several vulnerabilities have been discovered in SonicWall SonicOS that could allow authentication to be bypassed. SonicOS is SonicWalls' operating system designed for…
-
CISA adds three known exploited vulnerabilities to its catalog
CISA has added three new vulnerabilities to its catalog of known exploited vulnerabilities, based on evidence of active exploitation. CVE-2024-41713 Mitel MiCollab Path Traversal Vulnerability CVE-2024-55550 Mitel MiCollab Path Traversal…
-
CISA adds known exploited vulnerability to its catalog
CISA has added a new vulnerability to its catalog of known exploited vulnerabilities, based on evidence of active exploitation. CVE-2024-3393 Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability These types…
-
Vulnerability in Apache Struts2 could allow remote code execution
MS-ISAC NOTICE NUMBER: 2024-141 ISSUE DATE(S): 12/23/2024 PREVIEW: A vulnerability has been discovered in Apache Struts2, which could allow remote code execution. Apache Struts2 is an open source web application…
-
Fortinet releases security updates for FortiManager
Fortinet has released a security update to address a vulnerability in FortiManager. A remote cyber threat actor could exploit this vulnerability to take control of an affected system. Users and…
-
Multiple vulnerabilities in Sophos Firewall could allow remote code execution
MS-ISAC NOTICE NUMBER: 2024-140 ISSUE DATE(S): 12/19/2024 PREVIEW: Several vulnerabilities have been discovered in Sophos Firewall, the most serious of which could allow remote code execution. Sophos Firewall is a…
-
Vulnerability in several Cleo products could allow remote code execution
MS-ISAC NOTICE NUMBER: 2024-139 ISSUE DATE(S): 12/12/2024 PREVIEW: A vulnerability has been discovered in several Cleo products that could allow remote code execution. Cleos LexiCom, VLTransfer and Harmony are commonly…
-
CISA adds known exploited vulnerability to its catalog
CISA has added a new vulnerability to its catalog of known exploited vulnerabilities, based on evidence of active exploitation. CVE-2024-49138 Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer…
Search
Recent Posts
- A vulnerability in the WatchGuard Fireware operating system could allow arbitrary code execution.
- Vulnerability in Cisco AsyncOS Could Allow Remote Code Execution
- Vulnerability in SonicOS could allow denial of service (DoS)
- Several vulnerabilities in Google Chrome could allow arbitrary code execution
