Known Exploited Vulnerabilities and counting....
A known exploited vulnerability (KEV) refers to a software vulnerability that is being actively exploited by cybercriminals or threat actors. When a vulnerability becomes known to be exploited in the wild, it signals that the vulnerability poses a significant and imminent risk to organizations.
Common Vulnerability and Exposure
CVEs form a database of known security vulnerabilities that are actively tracked and managed by a group of organizations, such as the U.S. National Cyber Security Alliance. CVEs are an important tool for network security management because they not only provide an inventory of existing vulnerabilities, but also provide information about how the vulnerability can be exploited and instructions on how to protect against it.
Search Known Exploits
Search for CVEs by vendor to identify known exploited vulnerabilities in your environment
CVE = Common Vulnerability and Exposure
CVE OF THE WEEK:
Palo Alto Networks
PAN-OS
Patch deadline: a year ago on 01/20/2025
CVE-2024-3393
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malformed DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability
Learn more about this CVE: paloaltonetworks.com
Cyber Security News
You may have missed...
*
Inside a cyberattack: How hackers steal data
The truth about cybersecurity is that it's almost impossible to keep hackers outside of an organization, particularly as the cybercrime industry ...
Inside Stripe's Crypto Strategy with Privy CEO: Wallets as Global Financial Accounts and the ...
... security and user adoption. Stripe Integrates Crypto Rails. Stripe processed $1.4 trillion in payments volume in 2024 and has pushed further into ...
Five Bitcoin narratives analysts are watching beyond price - TradingView
Five Bitcoin narratives analysts are watching beyond price · 1. Reading institutional demand through ETFs · 2. BTC as equity products · 3. The securit...
How a former U.S. special forces officer raised $22 million for his cybersecurity startup
Former U.S. special forces officer Gene Yu is now the co-founder and CEO of cybersecurity startup Blackpanda. The company has raised about $22 ...
Microsoft disrupts global cybercrime subscription service responsible for millions in fraud losses
Digital collage featuring an abstract cybersecurity‑themed composition formed by layered geometric panels in cool ... Microsoft announces ARC Initiati...
Cybersecurity spending keeps rising, so why is business impact still hard to explain?
Cybersecurity investment decisions often stall when security and finance teams measure risk, value, and business impact differently.
Beijing tells Chinese firms to stop using U.S. and Israeli cybersecurity software, sources say
Chinese authorities have told domestic companies to stop using cybersecurity software made by more than a dozen firms from the U.S. and Israel ...
Supreme Court Hacked, Proving Its Cybersecurity Is As Robust As Its Ethical Code
Remember when the Supreme Court was absolutely consumed with figuring out who leaked the Dobbs draft opinion? They assigned the Marshal to ...
Many Bluetooth devices with Google Fast Pair vulnerable to “WhisperPair” hack
Unfortunately, it may also leave your headphones vulnerable to remote hacking. A team of security researchers from Belgium's KU Leuven University ...
Updated daily