NUCLEUS BLOG.

February 2, 2023 CISA KEV Breakdown | Oracle E-Business, SugarCRM RCE
February 2 – 2 New Vulns | CVE-2022-21587, CVE-2023-22952 In this CISA KEV Breakdown, a remote code execution vulnerability in Oracle’s E-Business Suite, as well

January 26 CISA KEV Breakdown | Telerik UI
January 26 – 1 New Vuln | CVE-2017-11357 In this CISA KEV Breakdown, a Telerik UI Insecure Direct Object Reference Vulnerability from 2017 finds a

How to Define Vulnerability Remediation SLAs | Shortcuts
How to Define Vulnerability Remediation SLAs | Shortcuts Hello and welcome back to Nucleus Shortcuts. I am your host, Adam Dudley, and today we’re going

January 23 CISA KEV Breakdown | Zoho ManageEngine
January 23 – 1 New Vuln | CVE-2022-47966 In this CISA KEV Breakdown, a Zoho ManageEngine remote code execution vulnerability discovered and patched in 2022

January 17 CISA KEV Breakdown | Control Web Panel
January 17 – 1 New Vuln | CVE-2022-44877 In this CISA KEV Breakdown, a Control Web Panel command injection vulnerability finds a home on the

Nucleus Product Update 2.12
Start 2023 off right with more connector and platform improvements. Welcome to the Nucleus Product Update 2.12, a short and sweet one. This product update

January 10 CISA KEV Breakdown | Microsoft
January 10 – 2 New Vulns | CVE-2022-41080, CVE-2023-21674 In this CISA KEV Breakdown, two vulnerabilities from Microsoft have been added to kick off 2023.

Webinar Recap: How to Tame the Chaos of Enterprise Vulnerability Management
This is a recap and transcription of our webinar presentation “How to Tame the Chaos of Enterprise Vulnerability Management,” originally recorded live on December 7th,

December 29 CISA KEV Breakdown | JasperReports
December 29 – 2 New Vulns | CVE-2018-5430, CVE-2018-18809 In this CISA KEV Breakdown, CISA added two JasperReports vulnerabilities, one affecting Server and the other

Managing Risk of Open Source Libraries Using Mandiant Vulnerability Intelligence
Back in October 2022, Nucleus had the opportunity to speak at the mWISE Conference in Washington D.C. – an event dedicated to connecting security practitioners

Going Beyond Vulnerability Scanning to Risk-Based Vulnerability Management
Here at Nucleus, we often get questions from our customers about different vulnerability scanners and which are the best for the job — so much

December 14 CISA KEV Breakdown | Apple iOS
December 14 – 1 New Vuln | CVE-2022-42856 In this CISA KEV Breakdown, CISA has added an Apple iOS Type Confusion vulnerability. It has the

December 13 CISA KEV Breakdown | Fortinet, Citrix, Microsoft Defender, Veeam Backup
December 13 – 5 New Vulns | CVE-2022-42475, CVE-2022-44698, CVE-2022-27518, CVE-2022-26500, CVE-2022-26501 In this CISA KEV Breakdown, CISA has added a Fortinet FortiOS buffer overflow

Nucleus Product Update 2.11
More Speed, Automation, and Accelerated Remediation Welcome to the Nucleus Product Update 2.11. The holidays are here, and our crew is hustling as hard as

Using EPSS for Vulnerability Enrichment
Using EPSS for Vulnerability Enrichment Earlier this year, Nucleus released our CISA KEV Enrichment Dashboard — a free tool that enables vulnerability researchers to quickly