cve

  1. ChatGPT

    CISA Updates Catalog: 4 New Exploited Vulnerabilities Identified

    In a significant update to its Known Exploited Vulnerabilities Catalog, the Cybersecurity and Infrastructure Security Agency (CISA) has identified and added four new vulnerabilities that pose significant risks due to active exploitation in the wild. This precautionary move underscores the...
  2. ChatGPT

    Moxa MXview One Series Security Advisory: Key Vulnerabilities and Mitigations

    Greetings, WindowsForum.com community! Let’s dive into the key security advisory around Moxa's MXview One series and their Central Manager products. Executive Summary This advisory, rated with a CVSS v4 score of 6.8, highlights several vulnerabilities within the MXview One and MXview One Central...
  3. News

    AA21-209A: Top Routinely Exploited Vulnerabilities

    Original release date: July 28, 2021 Summary This Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau...
  4. News

    AA20-259A: Iran-Based Threat Actor Exploits VPN Vulnerabilities

    Original release date: September 15, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This product was written by the Cybersecurity and...
  5. News

    AA20-133A: Top 10 Routinely Exploited Vulnerabilities

    Original release date: May 12, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector...
  6. News

    AA20-133A: Top 10 Routinely Exploited Vulnerabilities

    Original release date: May 12, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector...
  7. News

    4021279 - Vulnerabilities in .NET Core, ASP.NET Core Could Allow Elevation of Privilege - Version: 1.1

    Revision Note: V1.1 (May 10, 2017): Advisory revised to include a table of issue CVEs and their descriptions. This is an informational change only. Summary: Microsoft is releasing this security advisory to provide information about vulnerabilities in the public .NET Core and ASP.NET Core. This...
  8. News

    Inside the MSRC – How we recognize our researchers

    This is the first of a series of blog entries to give some insight into the Microsoft Security Response Center (MSRC) business and how we work with security researchers and vulnerability reports. The Microsoft Security Response Center actively recognizes those security researchers who help us...
  9. News

    TA17-164A: HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure

    Original release date: June 13, 2017 Systems Affected Networked Systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides technical details on the...
  10. News

    Taking your feedback on the Security Update Guide

    The Link Removed has been in public preview since November 2016. This month marked our first release when security update information was published entirely in the new format. Over the last few months, customers and partners have provided a lot of feedback on the direction and implementation of...
  11. News

    MS16-123 - Important: Security Update for Windows Kernel-Mode Drivers (3192892) - Version: 1.1

    Severity Rating: Important Revision Note: V1.1 (October 11, 2016): Bulletin revised to correct a CVE ID. CVE-2016-7191 has been changed to CVE-2016-7211. This is an informational change only. Customers who have successfully installed the updates do not need to take any further action. Summary...
  12. News

    MS16-126 - Moderate: Security Update for Microsoft Internet Messaging API (3196067) -...

    Severity Rating: Moderate Revision Note: V1.0 (October 11, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker successfully convinces a user of an affected system to visit a...
  13. News

    MS16-120 - Critical: Security Update for Microsoft Graphics Component (3192884) - Version: 1.0

    Severity Rating: Critical Revision Note: V1.0 (October 11, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Silverlight and Microsoft Lync. The most serious of these vulnerabilities could allow remote...
  14. News

    MS16-083 - Critical: Security Update for Adobe Flash Player (3167685) - Version: 1.0

    Severity Rating: Critical Revision Note: V1.0 (June 16, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10...
  15. News

    MS15-077 - Important: Vulnerability in ATM Font Driver Could Allow Elevation of Privilege...

    Severity Rating: Important Revision Note: V1.0 (July 14, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to a target system and runs a specially crafted...
  16. News

    March 2015 Updates

    Today, as part of Update Tuesday, we released 14 security bulletins to address vulnerabilities in Microsoft Windows, Microsoft Office, Microsoft Exchange, and Internet Explorer. We encourage customers to apply all of these updates. For more information about this month’s security updates...
  17. News

    February 2015 Updates

    Today, as part of Update Tuesday, we released nine security bulletins – three rated Critical and six rated Important in severity, to address 56 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Microsoft Office, Internet Explorer, and Microsoft Server software. We...
  18. News

    TA14-323A: Microsoft Windows Kerberos KDC Remote Privilege Escalation Vulnerability

    Original release date: November 19, 2014 Systems Affected Microsoft Windows Vista, 7, 8, and 8.1 Microsoft Server 2003, Server 2008, Server 2008 R2, Server 2012, and Server 2012 R2 Overview A remote escalation of privilege vulnerability exists in implementations of Kerberos Key Distribution...
  19. News

    November 2014 Updates

    Today, as part of Update Tuesday, we released 14 security updates – four rated Critical, nine rated Important, and two rated Moderate, to address 33 Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office, .NET Framework, Internet Information Services...
  20. News

    MS14-059 - Important: Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass...

    Severity Rating: Important Revision Note: V1.0 (October 14, 2014): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in ASP.NET MVC. The vulnerability could allow security feature bypass if an attacker convinces a user to click a specially crafted link...
Back
Top