Known Exploited Vulnerabilities and counting....

A known exploited vulnerability (KEV) refers to a software vulnerability that is being actively exploited by cybercriminals or threat actors. When a vulnerability becomes known to be exploited in the wild, it signals that the vulnerability poses a significant and imminent risk to organizations.

Woman Looking at Computer Screen

CVEs form a database of known security vulnerabilities that are actively tracked and managed by a group of organizations, such as the U.S. National Cyber Security Alliance. CVEs are an important tool for network security management because they not only provide an inventory of existing vulnerabilities, but also provide information about how the vulnerability can be exploited and instructions on how to protect against it.

Search Known Exploits

Search for CVEs by vendor to identify known exploited vulnerabilities in your environment

Loading vendors...
Loading...
Zombie hands

CVE = Common Vulnerability and Exposure

CVE OF THE WEEK:

Palo Alto Networks

PAN-OS
Patch deadline: 10 months ago on 01/20/2025

CVE-2024-3393

Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malformed DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.

Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability

Learn more about this CVE: paloaltonetworks.com

News Logo

Cyber Security News

You may have missed...


📌 Pinned

*

https:betanews.comMar 5

Inside a cyberattack: How hackers steal data

The truth about cybersecurity is that it's almost impossible to keep hackers outside of an organization, particularly as the cybercrime industry ...

https://www.telecomramblings.comNov 17

Industry Spotlight: QuSecure's Dave Krauthamer on Post-Quantum Security

This is a network issue, and if we can orchestrate this cryptography throughout the network, like SD-WAN for crypto, then it's an easy way to ...

https://www.jdsupra.comNov 17

SEC chair outlines 'Project Crypto' vision and approach for digital asset regulation

He contended that “economic reality,” not labels, should determine whether a cryptoasset is a security. Atkins also stated that investment contracts ....

https://www.helpnetsecurity.comNov 17

The year ahead in cyber: What's next for cybersecurity in 2026 - Help Net Security

He explains that attackers are often breaching networks by targeting people instead of exploiting software flaws. The Shiny Hunters' 2025 attack on .....

https://www.hstoday.usNov 17

AI-Driven Espionage Campaign Marks New Phase in Cybersecurity, Researchers Say

Anthropic warns this marks a turning point for cybersecurity, lowering the barrier for sophisticated attacks. The company has expanded detection ...

https://www.aei.orgNov 17

Restoring America's Cyber Shield: Why CISA 2015 Must Be Reenacted Now

The United States faces a cybersecurity crisis: not from foreign actors, but from internal political deadlock that has dismantled one of its most ...

https://www.reuters.comNov 17

UK Twitter hacker who breached Obama's account ordered to repay $5.4 million in Bitcoin

A man convicted over a 2020 Twitter hack that compromised accounts of high-profile figures including former U.S. President Barack Obama has been ...

https://bmmagazine.co.ukNov 17

Twitter hacker ordered to repay ÂŁ4.1m in bitcoin after celebrity account scam

A British man jailed in the United States for hacking the Twitter accounts of high-profile figures including Barack Obama and Jeff Bezos has been ...

https://www.wired.comNov 16

A Major Leak Spills a Chinese Hacking Contractor's Tools and Targets | WIRED

The cybersecurity community has been warning for years that state-sponsored hackers would soon start using AI tools to supercharge their intrusion ...


Updated daily