December 29 – 2 New Vulns | CVE-2018-5430, CVE-2018-18809 In this CISA KEV Breakdown, CISA added two JasperReports vulnerabilities, one affecting Server and the other affecting Library. Patches were...
December 14 – 1 New Vuln | CVE-2022-42856 In this CISA KEV Breakdown, CISA has added an Apple iOS Type Confusion vulnerability. It has the usual 21 day due...
December 13 – 5 New Vulns | CVE-2022-42475, CVE-2022-44698, CVE-2022-27518, CVE-2022-26500, CVE-2022-26501 In this CISA KEV Breakdown, CISA has added a Fortinet FortiOS buffer overflow vulnerability, a security feature...
Using EPSS for Vulnerability Enrichment Earlier this year, Nucleus released our CISA KEV Enrichment Dashboard — a free tool that enables vulnerability researchers to quickly analyze trends of known...
December 5 – 1 New Vuln | CVE-2022-4262 In this CISA KEV Breakdown, CISA has added CVE-2022-4262, a type confusion vulnerability in Chrome’s V8 Javascript engine confirmed to have existing...
Understanding CISA BOD 23-01: Improving Asset Vulnerability and Detection on Federal Networks Last November, the Cybersecurity and Infrastructure Security Agency (CISA) released Binding Operational Directive 22-01, which led to...