ohio_k12_help_logo-xparent1-300x85
Login
ohio_k12_help_logo-xparent1-300x85
Login
Login

Cyber Security News

CIS Security Advisories

CIS Security News

CISA News

ISACA SmartBrief

RSS Cyber Security Advisories – MS-ISAC
  • Multiple Vulnerabilities in Ivanti Endpoint Manager Could Allow for Authentication Bypass 2026-02-10
    Multiple vulnerabilities have been discovered in Ivanti Endpoint Manager, the most severe of which could allow for authentication bypass. Ivanti Endpoint Manager is a client-based unified endpoint management software. Successful exploitation of the most severe of these vulnerabilities could a remote unauthenticated attacker to leak specific stored credential data.
  • Multiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution 2026-02-10
    Multiple vulnerabilities have been discovered in Fortinet products, the most severe of which could allow for arbitrary code execution.FortiAuthenticator is a centralized identity and access management (IAM) solution that secures network access by managing user identities, Multi-Factor Authentication (MFA), and certificate management.FortiClientEMS is a centralized management platform for deploying, configuring, monitoring, and enforcing security policies […]
  • Critical Patches Issued for Microsoft Products, February 10, 2026 2026-02-10
    Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; […]
  • Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 2026-02-10
    Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.Adobe After Effects is a digital effects, motion graphics, and compositing application.Adobe Audition is a comprehensive toolset that includes multitrack, waveform, and spectral display for creating, mixing, editing, and restoring audio content.Adobe Bridge is a creative asset […]
  • Multiple Vulnerabilities in Ivanti Endpoint Manager Mobile Could Allow for Remote Code Execution 2026-01-30
    Multiple vulnerabilities have been discovered in Ivanti Endpoint Manager Mobile which could allow for remote code execution. Ivanti Endpoint Manager Mobile is a mobile management software engine that enables IT to set policies for mobile devices, applications and content. Successful exploitation of these vulnerabilities could allow for remote code execution in the context of the […]
  • Multiple Vulnerabilities in SolarWinds Web Help Desk Could Allow for Arbitrary Code Execution 2026-01-28
    Multiple vulnerabilities have been discovered in SolarWinds Web Help Desk, the most severe of which could allow for arbitrary code execution. SolarWinds Web Help Desk (WHD) is a web-based software that provides IT help desk and asset management functionality, allowing IT teams to manage service requests, track IT assets, and offer self-service options to end-users. […]
  • A Vulnerability in Microsoft Office Could Allow for Security Feature Bypass 2026-01-27
    A vulnerability has been discovered in Microsoft Office which could allow for a security feature bypass. Microsoft Office is a suite of applications designed to help with productivity and completing common tasks on a computer. You can create and edit documents containing text and images, work with data in spreadsheets and databases, and create presentations […]
  • A Vulnerability in Cisco Unified Communications Products Could Allow for Remote Code Execution 2026-01-21
    A vulnerability has been discovered in Cisco Unified Communications Products which could allow for remote code execution. Cisco Unified Communications (UC) Products are an integrated suite of IP-based hardware and software that combine voice, video, messaging, and data into a single platform. Successful exploitation of this vulnerability could allow for remote code execution as root, […]
  • Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 2026-01-14
    Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.Adobe Bridge is a creative asset manager that lets you preview, organize, edit, and publish multiple creative assets quickly and easily.Adobe Dreamweaver is a web design integrated development environment (IDE) that is used to develop and design […]
  • Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2026-01-14
    Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; […]
RSS Blog Feed – Center for Internet Security
RSS All CISA Advisories
  • CISA Adds One Known Exploited Vulnerability to Catalog 2026-02-13
    CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-1731 BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive […]
    CISA
  • Siemens NX 2026-02-12
    View CSAF Summary Siemens NX is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in CGM format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution. Siemens […]
    CISA
  • Airleader Master 2026-02-12
    View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to obtain remote code execution. The following versions of Airleader Master are affected: Airleader Master
    CISA
  • Siemens Polarion 2026-02-12
    View CSAF Summary Polarion before V2506 contains a vulnerability that could allow authenticated remote attackers to conduct cross-site scripting attacks. Siemens has released new versions for the affected products and recommends to update to the latest versions. The following versions of Siemens Polarion are affected: Polarion V2404 vers:intdot/
    CISA
  • Siemens Siveillance Video Management Servers 2026-02-12
    View CSAF Summary The Webhooks implementation of Siveillance Video Management Servers contains a vulnerability that could allow an authenticated remote attacker with read-only privileges to achieve full access to Webhooks API. Siemens has released new versions for the affected products and recommends to update to the latest versions. The following versions of Siemens Siveillance Video […]
    CISA
  • CISA Adds Four Known Exploited Vulnerabilities to Catalog 2026-02-12
    CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2024-43468 Microsoft Configuration Manager SQL Injection Vulnerability CVE-2025-15556 Notepad++ Download of Code Without Integrity Check Vulnerability CVE-2025-40536 SolarWinds Web Help Desk Security Control Bypass Vulnerability CVE-2026-20700 Apple Multiple Buffer Overflow Vulnerability These types of vulnerabilities are […]
    CISA
  • Siemens Solid Edge 2026-02-12
    View CSAF Summary Solid Edge uses PS/IGES Parasolid Translator Component that contains an out of bounds read that could be triggered when the application reads files in IGS file formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially […]
    CISA
  • Siemens Desigo CC Product Family and SENTRON Powermanager 2026-02-12
    View CSAF Summary Versions V6.0 through V8 QU1 of the Desigo CC product family (Desigo CC, Desigo CC Compact, Desigo CC Connect, Cerberus DMS), as well as the Desigo CC-based SENTRON Powermanager, are affected by a vulnerability in the underlying third-party component WIBU Systems CodeMeter Runtime. Successful exploitation of this vulnerability could lead to code […]
    CISA
  • Siemens COMOS 2026-02-12
    View CSAF Summary COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and […]
    CISA
  • Siemens SINEC NMS 2026-02-12
    View CSAF Summary Multiple Siemens products are affected by two local privilege escalation vulnerabilities which could allow an low privileged attacker to load malicious DLLs, potentially leading to arbitrary code execution with elevated privileges. Siemens has released new versions for the affected products and recommends to update to the latest versions. The following versions of […]
    CISA
RSS ISACA SmartBrief on Cybersecurity
Ohio Department of Education & Workforce
MS-ISAC
CIS-Logo
Management Council Logo