CISA Known Exploited Vulnerabilities (KEV)

From Security Week – Cisco Patches Vulnerabilities in Nexus Switches

[[{"value":"Cisco has patched command injection and DoS vulnerabilities affecting some of its Nexus switches, including a high-severity flaw. The post Cisco Patches Vulnerabilities in Nexus Switches appeared first on SecurityWeek."}]] Read…

shaikh Saqib February 27, 2025

News

From Cyber Security News – CISA Warns of Microsoft Partner Center Access Control Vulnerability Exploited in Wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent advisory on February 25, 2025, confirming that threat actors are actively exploiting a critical privilege escalation vulnerability in Microsoft’s…

shaikh Saqib February 26, 2025

News

From The Hacker News – CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are as follows - CVE-2024-49035 (CVSS score: 8.7) - An improper access control

shaikh Saqib February 26, 2025

News

From The Hacker News – CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0994 (CVSS v4 score: 8.6), a deserialization of untrusted data bug that could permit an attacker to conduct remote code execution. "This could

shaikh Saqib February 7, 2025