Known Exploited Vulnerabilities and counting....

A known exploited vulnerability (KEV) refers to a software vulnerability that is being actively exploited by cybercriminals or threat actors. When a vulnerability becomes known to be exploited in the wild, it signals that the vulnerability poses a significant and imminent risk to organizations.

Woman Looking at Computer Screen

CVEs form a database of known security vulnerabilities that are actively tracked and managed by a group of organizations, such as the U.S. National Cyber Security Alliance. CVEs are an important tool for network security management because they not only provide an inventory of existing vulnerabilities, but also provide information about how the vulnerability can be exploited and instructions on how to protect against it.

Search Known Exploits

Search for CVEs by vendor to identify known exploited vulnerabilities in your environment

Loading vendors...
Loading...
Zombie hands

CVE = Common Vulnerability and Exposure

CVE OF THE WEEK:

Palo Alto Networks

PAN-OS
Patch deadline: a year ago on 01/20/2025

CVE-2024-3393

Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malformed DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.

Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability

Learn more about this CVE: paloaltonetworks.com

News Logo

Cyber Security News

You may have missed...

đź“Ś Pinned

*

https:betanews.comMar 5

Inside a cyberattack: How hackers steal data

The truth about cybersecurity is that it's almost impossible to keep hackers outside of an organization, particularly as the cybercrime industry ...

Read more →
https://www.bleepingcomputer.comDec 16

The Hidden Risk in Virtualization: Why Hypervisors are a Ransomware Magnet

Ransomware groups are targeting hypervisors to maximize impact, allowing a single breach to encrypt dozens of virtual machines at once.

Read more →
https://www.theregister.comDec 16

From pr0n to playlists and paperclips, trio of breaches spills data of millions - The Register

Ransomware infection was confirmed in logistics and internal systems, and some data (including backups) was encrypted and rendered unusable. In ...

Read more →
https://www.itpro.comDec 16

Tapping into the 'touch grass' movement in cybersecurity | ChannelPro - ITPro

With cybersecurity experiencing a 'touch grass' moment, what role should resellers play?

Read more →
https://www.cybersecuritydive.comDec 16

React2Shell attacks expand widely across multiple sectors - Cybersecurity Dive

Researchers warn that state-linked and opportunistic actors are actively working to exploit flaws in React's application tools.

Read more →
https://www.cybersecurity-insiders.comDec 16

Volunteers launching DDoS attacks rewarded by Cryptocurrency, mostly Bitcoins

Specifically, the group has been launching Distributed Denial of Service (DDoS) attacks—an increasingly disruptive tactic in the cybersecurity ...

Read more →
https://www.webpronews.comDec 16

Brooklyn Man Charged in $15M Crypto Theft via Coinbase Scam - WebProNews

... crypto exchange's security measures. This case, unfolding in late 2025, underscores the persistent threats facing digital asset holders amid a ...

Read more →
https://theconversation.comDec 16

How rogue nations are capitalizing on gaps in crypto regulation to finance weapons programs

... cryptocurrency is being leveraged to undermine global security and, in some instances, U.S. national security. Cryptocurrency is aiding countries ...

Read more →
https://www.infosecurity-magazine.comDec 16

Top 10 Cyber-Attacks of 2025 - Infosecurity Magazine

The February breach of Dubai-based cryptocurrency exchange Bybit was described as the largest crypto theft in history. The attack, which was later ...

Read more →

Updated daily

TOP SITES

Cyber_Comply © 2021-25