CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

• CVE-2014-3931 Multi-Router Looking Glass (MRLG) Buffer Overflow Vulnerability
• CVE-2016-10033 PHPMailer Command Injection Vulnerability
• CVE-2019-5418 Rails Ruby on Rails Path Traversal Vulnerability
• CVE-2019-9621 Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery (SSRF) Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

This article has been indexed from All CISA Advisories