Known Exploited Vulnerabilities and counting....

A known exploited vulnerability (KEV) refers to a software vulnerability that is being actively exploited by cybercriminals or threat actors. When a vulnerability becomes known to be exploited in the wild, it signals that the vulnerability poses a significant and imminent risk to organizations.

Woman Looking at Computer Screen

CVEs form a database of known security vulnerabilities that are actively tracked and managed by a group of organizations, such as the U.S. National Cyber Security Alliance. CVEs are an important tool for network security management because they not only provide an inventory of existing vulnerabilities, but also provide information about how the vulnerability can be exploited and instructions on how to protect against it.

Search Known Exploits

Search for CVEs by vendor to identify known exploited vulnerabilities in your environment

Loading vendors...
Loading...
Zombie hands

CVE = Common Vulnerability and Exposure

CVE OF THE WEEK:

Palo Alto Networks

PAN-OS
Patch deadline: a year ago on 01/20/2025

CVE-2024-3393

Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malformed DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.

Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability

Learn more about this CVE: paloaltonetworks.com

News Logo

Cyber Security News

You may have missed...

đź“Ś Pinned

*

https:betanews.comMar 5

Inside a cyberattack: How hackers steal data

The truth about cybersecurity is that it's almost impossible to keep hackers outside of an organization, particularly as the cybercrime industry ...

Read more →
https://www.techradar.comDec 9

US Treasury offers cautious optimism as ransomware payments decline - TechRadar

The takedown of ALPHV and LockBit ransomware gangs made a solid dent in the overall performance of ransomware operations last year. This is ...

Read more →
https://thehackernews.comDec 9

Google Adds Layered Defenses to Chrome to Block Indirect Prompt Injection Threats

This could cover cases where an individual dodges mandatory cybersecurity training by instructing the AI browser to complete it on their behalf.

Read more →
https://longisland.news12.comDec 9

Expert breaks down latest cybersecurity threats made in Long Island towns

Lance Ulanoff, a cybersecurity expert and Editor-at-large for Tech Radar, joins News 12 to discuss recent cybersecurity threats on Long Island, ...

Read more →
https://ibsintelligence.comDec 9

Bitget Wallet adds Google and Apple login with device security - IBS Intelligence

The update aims to lower entry barriers for first-time crypto users by adopting an onboarding process familiar from consumer finance and mobile ...

Read more →
https://www.bitdefender.comDec 9

California man admits role in $263 million cryptocurrency theft that funded lavish lifestyle

Others, known as "callers," would phone their intended victims while pretending to be security staff at cryptocurrency exchanges (such as Coinbase) .....

Read more →
https://nypost.comDec 9

Coinbase listings: the real playbook for spotting new coins

Kraken. Kraken takes crypto security seriously, with FIDO2-compliant Passkey logins, encrypted communications, and customizable API permissions that ....

Read more →
https://www.webpronews.comDec 8

AI Fixes NASA's 3-Year Spacecraft Hacking Flaw in Four Days - WebProNews

NASA's spacecraft communication software harbored a hacking vulnerability for three years, undetected by humans. An AI system identified and fixed ...

Read more →
https://securityaffairs.comDec 9

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools - Security Affairs

Poland arrested three Ukrainian nationals accused of using hacking devices to target IT systems and obtain sensitive defense-related data.

Read more →

Updated daily

TOP SITES

Cyber_Comply © 2021-25