CISA Adds Thirteen Known Exploited Vulnerabilities to Catalog

CISA has added another 13 vulnerabilities that are actively being exploited. This list is at the bottom and Complete CSV is listed HERE CVE Number CVE Title Remediation Due Date CVE-2021-44228 Apache Log4j2 Remote Code Execution Vulnerability 12/24/2021 CVE-2021-44515 Zoho Corp. Desktop Central Authentication Bypass Vulnerability 12/24/2021 CVE-2021-44168 Fortinet FortiOS Arbitrary File Download Vulnerability 12/24/2021 […]

CISA Adds Five Known Exploited Vulnerabilities to Catalog

LINK VE Number  CVE Title Remediation Due Date CVE-2020-11261 Qualcomm Multiple Chipsets Improper Input Validation Vulnerability 06/01/2022 CVE-2018-14847 MikroTik Router OS Directory Traversal Vulnerability 06/01/2022 CVE-2021-37415 Zoho ManageEngine ServiceDesk Authentication Bypass Vulnerability 12/15/2021 CVE-2021-40438 Apache HTTP Server-Side Request Forgery (SSRF)  12/15/2021 CVE-2021-44077 Zoho ManageEngine ServiceDesk Plus Remote Code Execution 12/15/2021 Here is the actual list […]

Active Attack: FBI warns of 0-day to FatPipe WARP, MPVPN, and IPVPN Software being

LINK FatPipe released a patch and security advisory, FPSA006, on November 16, 2021, that fixes the vulnerability. All FatPipe WARP, MPVPN, and IPVPN device software prior to releases 10.1.2r60p93 and 10.2.2r44p1 are vulnerable. The security advisory and additional details are available at the following URL: