-
Trimble publishes security updates to tackle vulnerability in CityWorks software
CISA is collaborating with private industry partners to meet the operating reports of a vulnerability (CVE-2025-0994) discovered by trimter impacting its CityWorks AMS server (asset management system). Trimble has published…
-
Several vulnerabilities in Google Android OS could allow a climbing of privileges
Several vulnerabilities have been discovered in Google Android OS, the most serious of which could allow a climbing of privileges in the context of the affected component. The details of…
-
Cisa adds an exploited vulnerability known in the catalog
CISA has added a new vulnerability to its known vulnerability catalog, based on active operating evidence,, As Fortinet confirmed. These types of vulnerabilities are frequent attack vectors for malicious cyber-actors…
-
Oracle Quarterly Critical Patches Released January 21, 2025
MS-ISAC NOTICE NUMBER: 2025-008 ISSUE DATE(S): 01/21/2025 PREVIEW: Several vulnerabilities have been discovered in Oracle products, the most serious of which could allow remote code execution. SYSTEMS AFFECTED: Enterprise Manager…
-
CISA and FBI Issue Updated Guidance on Product Security Bad Practices
In partnership with the Federal Bureau of Investigation (FBI), CISA has released updated joint guidance on product security malpractices as part of CISA's Secure by Design initiative. This updated guidance…
-
Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
Note: The CVEs in this advisory are unrelated to vulnerabilities (CVE-2025-0282 and CVE-2025-0283) in Ivantis Connect Secure, Policy Secure and ZTA Gateways. For more information on mitigating CVE -2025-0282 and CVE-2025-0283,…
-
Several vulnerabilities in SonicWall SonicOS could allow a remote attacker to bypass authentication.
MS-ISAC NOTICE NUMBER: 2025-002 ISSUE DATE(S): 09/01/2025 PREVIEW: Several vulnerabilities have been discovered in SonicWall SonicOS that could allow authentication to be bypassed. SonicOS is SonicWalls' operating system designed for…
-
CISA adds three known exploited vulnerabilities to its catalog
CISA has added three new vulnerabilities to its catalog of known exploited vulnerabilities, based on evidence of active exploitation. CVE-2024-41713 Mitel MiCollab Path Traversal Vulnerability CVE-2024-55550 Mitel MiCollab Path Traversal…
-
CISA adds known exploited vulnerability to its catalog
CISA has added a new vulnerability to its catalog of known exploited vulnerabilities, based on evidence of active exploitation. CVE-2024-3393 Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability These types…
