Blog
Share This Post
[ad_1]
Actively abused security issues newly included by the Cybersecurity and Infrastructure Security Agency to its Known Exploited Vulnerabilities catalog reached 185 this year, compared with 187 in 2023, bringing the total of flaws added by the agency since the catalog’s inception over two years ago to 1,238, The Cyber Express reports.
Newly emergent vulnerabilities accounted for the majority of flaws added to the KEV catalog this year but 60 to 70 of the fresh entries were years-old bugs, the oldest of which is the Internet Explorer use-after-free issue, tracked as CVE-2012-4792, an analysis of the CISA’s KEV catalog revealed.
Meanwhile, OS command injection vulnerabilities enabling unauthorized control were the most prevalent flaw type, followed by deserialization of untrusted data, use-after-free, path traversal, and improper authentication bugs.
Additional findings showed Microsoft to have the highest number of newly added flaws in the KEV this year, followed by Ivanti, Google Chrome, Adobe, and Apple.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
