Known Exploited Vulnerabilities and counting....
A known exploited vulnerability (KEV) refers to a software vulnerability that is being actively exploited by cybercriminals or threat actors. When a vulnerability becomes known to be exploited in the wild, it signals that the vulnerability poses a significant and imminent risk to organizations.
Common Vulnerability and Exposure
CVEs form a database of known security vulnerabilities that are actively tracked and managed by a group of organizations, such as the U.S. National Cyber Security Alliance. CVEs are an important tool for network security management because they not only provide an inventory of existing vulnerabilities, but also provide information about how the vulnerability can be exploited and instructions on how to protect against it.
Search Known Exploits
Search for CVEs by vendor to identify known exploited vulnerabilities in your environment
CVE = Common Vulnerability and Exposure
CVE OF THE WEEK:
Palo Alto Networks
PAN-OS
Patch deadline: 10 months ago on 01/20/2025
CVE-2024-3393
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malformed DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability
Learn more about this CVE: paloaltonetworks.com
Cyber Security News
You may have missed...
*
Inside a cyberattack: How hackers steal data
The truth about cybersecurity is that it's almost impossible to keep hackers outside of an organization, particularly as the cybercrime industry ...
Researchers say Flock cameras are easy to hack - YouTube
Aurora is celebrating the launch of a fleet of Flock camera drones just as researchers say Flock's surveillance system is incredibly easy to hack.
Russian hacking suspect wanted by FBI arrested on Thai resort island of Phuket | Euronews
Thailand's Cyber Crime Investigation Bureau said in a statement on 12 November that it was an FBI tip that the "world-class hacker" was travelling ...
The FCC wants to roll back steps meant to stop a repeat of a massive telecom hack
The Federal Communications Commission is set to vote on an order rescinding new cybersecurity requirements enacted after the Salt Typhoon hack.
Crypto Has Until 2028 to Avoid a Quantum Collapse, Warns Vitalik Buterin - Cointribune
... security of cryptocurrencies as early as 2028. A threat concerning Bitcoin, Ethereum, and the entire crypto ecosystem. Here is why this deadline ....
How Ethereum and Solana Tokens Work: Approvals, Permit, Smart Accounts, and EIP-7702
— ETH and Solana token contracts function differently, but the nuances have security implications for users to understand. — Permit and Permit2 were ....
Privacy commissioner calls for better cybersecurity in Alberta schools after big breach - CBC
Alberta's privacy commissioner wants to see improved security policies in schools after a cybersecurity breach last year exposed highly sensitive ...
Champaign County 911 Center updates residents after cybersecurity incident - Peak of Ohio
The Champaign Countywide Communications Center is reassuring residents after a recent cybersecurity incident affected the CodeRED emergency ...
At a hackers conference, automakers are the butt of the joke - Automotive News
Security researchers reacted with amusement and disbelief at automaker vulnerabilities during DEF CON's Car Hacking Village.
Updated daily