CVE volumes head towards 50,000 in 2025, analysts claim | Computer WeeklyThe number of disclosed CVEs is expected to reach between 45,000 and 50,000 by 2025, marking a record high.
US cyber defenses are being dismantled from the insideThe CVE database's near loss highlights serious shortcomings in US cybersecurity efforts under Trump's administration.
The CVE program for tracking security flaws is about to lose federal fundingFunding for the CVE program, crucial for tracking cybersecurity vulnerabilities, is set to expire on April 16.
Palo Alto Networks patches firewall-busting zero-daysPalo Alto Networks has released critical patches for two severe zero-day vulnerabilities, urging immediate user action to secure systems.
Google Cloud Researchers Uncover Flaws in Rsync File Synchronization ToolRsync has multiple vulnerabilities allowing attackers to execute arbitrary code and access sensitive files on connected clients.
Crucial CVE flaw-tracking database narrowly avoids closure to DHS cutsCVE's funding was at risk, but CISA has extended the contract to ensure continued operations.
CVE volumes head towards 50,000 in 2025, analysts claim | Computer WeeklyThe number of disclosed CVEs is expected to reach between 45,000 and 50,000 by 2025, marking a record high.
US cyber defenses are being dismantled from the insideThe CVE database's near loss highlights serious shortcomings in US cybersecurity efforts under Trump's administration.
The CVE program for tracking security flaws is about to lose federal fundingFunding for the CVE program, crucial for tracking cybersecurity vulnerabilities, is set to expire on April 16.
Palo Alto Networks patches firewall-busting zero-daysPalo Alto Networks has released critical patches for two severe zero-day vulnerabilities, urging immediate user action to secure systems.
Google Cloud Researchers Uncover Flaws in Rsync File Synchronization ToolRsync has multiple vulnerabilities allowing attackers to execute arbitrary code and access sensitive files on connected clients.
Crucial CVE flaw-tracking database narrowly avoids closure to DHS cutsCVE's funding was at risk, but CISA has extended the contract to ensure continued operations.
November delivers a heap of Microsoft patches for adminsMicrosoft's Patch Tuesday addresses 89 CVE security flaws, including two under active attack, highlighting significant vulnerabilities in Windows Task Scheduler and NTLM code.
MITRE warns over lapse in CVE coverage | Computer WeeklyMITRE's CVE program faces potential disruptions due to an upcoming contract lapse, impacting national cyber security efforts.
Six vulnerabilities in rsync announced and fixed in a daySeveral CVEs were found in rsync, but a fixed version was released quickly, addressing the critical vulnerabilities noted.
November delivers a heap of Microsoft patches for adminsMicrosoft's Patch Tuesday addresses 89 CVE security flaws, including two under active attack, highlighting significant vulnerabilities in Windows Task Scheduler and NTLM code.
MITRE warns over lapse in CVE coverage | Computer WeeklyMITRE's CVE program faces potential disruptions due to an upcoming contract lapse, impacting national cyber security efforts.
Six vulnerabilities in rsync announced and fixed in a daySeveral CVEs were found in rsync, but a fixed version was released quickly, addressing the critical vulnerabilities noted.
NVDEnd-of-Life versions of Node.js are unsupported and expose systems to security vulnerabilities.Users should upgrade to currently supported Node.js versions to mitigate risks.
NVDKoa vulnerability can lead to Denial-of-Service attacks due to faulty regex in header parsing, fixed in later versions.
NVDEnd-of-Life versions of Node.js are unsupported and expose systems to security vulnerabilities.Users should upgrade to currently supported Node.js versions to mitigate risks.
NVDKoa vulnerability can lead to Denial-of-Service attacks due to faulty regex in header parsing, fixed in later versions.
NVDStored XSS vulnerability due to improper input handling found in Responsive jQuery Slider.Affected versions are from n/a through 1.1.1, necessitating updates.
Five zero-days to be fixed on October Patch Tuesday | Computer WeeklyMicrosoft's October Patch Tuesday addressed five zero-day vulnerabilities, crucial for security teams to mitigate risks amidst Cyber Security Awareness Month.
Doomsday 9.9 unauthenticated RCE bug affects all LinuxA critical 9.9-rated unauthenticated RCE flaw is affecting GNU/Linux systems, with no fix yet despite disclosure to developers three weeks ago.
Pallets projects added to scope of PSF CVE Numbering AuthorityPSF's CNA status enhances its ability to manage CVEs for Python projects.
The Linux security team issues 60 CVEs a week, but don't stress. Do this insteadLinux security team issues an average of 60 CVEs weekly, reflecting ongoing challenges but manageable by the community.
Pallets projects added to scope of PSF CVE Numbering AuthorityPSF's CNA status enhances its ability to manage CVEs for Python projects.
The Linux security team issues 60 CVEs a week, but don't stress. Do this insteadLinux security team issues an average of 60 CVEs weekly, reflecting ongoing challenges but manageable by the community.