HomeCIS Advisories
Advisories
The latest information on known vulnerabilities in popular software and systems
See All
Advisories
Blog Posts
Case Studies
Spotlights
Newsletters
CIS Benchmarks
Podcasts
Press Releases
Webinars
White Papers
1 - 10 of 195 results
2025-092: Multiple Vulnerabilities in VMware Aria Operations and VMware Tools Could Allow for Privilege Escalation
Issued on 09.30.2025
2025-092: Multiple Vulnerabilities in VMware Aria Operations and VMware Tools Could Allow for Privilege Escalation
Multiple vulnerabilities have been discovered in VMware Aria Operations and VMware Tools, the most severe of which could allow for privilege esca...
2025-090: A Vulnerability in Nx (build system) Package Could Allow for Sensitive Data Exfiltration
Issued on 09.25.2025
2025-090: A Vulnerability in Nx (build system) Package Could Allow for Sensitive Data Exfiltration
A vulnerability has been discovered in Nx (build system) Package, which could allow for sensitive data exfiltration. Nx is a smart, fast, and ext...
2025-091: Multiple Vulnerabilities in Cisco Products Could Allow for Remote Code Execution
Issued on 09.25.2025
2025-091: Multiple Vulnerabilities in Cisco Products Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in Cisco products, the most severe of which could allow for remote code execution. Cisco is a leadi...
2025-089: A Vulnerability in SolarWinds Web Help Desk Could Allow for Remote Code Execution
Issued on 09.23.2025
2025-089: A Vulnerability in SolarWinds Web Help Desk Could Allow for Remote Code Execution
A vulnerability has been discovered in SolarWinds Web Help Desk, which could allow for remote code execution. SolarWinds Web Help Desk (WHD) is a...
2025-088: A Vulnerability in GoAnywhere Managed File Transfer (MFT) Could Allow for Command Injection
Issued on 09.19.2025
2025-088: A Vulnerability in GoAnywhere Managed File Transfer (MFT) Could Allow for Command Injection
A vulnerability has been discovered in GoAnywhere Managed File Transfer (MFT) which could allow for Command Injection. GoAnywhere Managed File Tr...
2025-087: A Vulnerability in WatchGuard Fireware OS Could Allow for Arbitrary Code Execution
Issued on 09.19.2025
2025-087: A Vulnerability in WatchGuard Fireware OS Could Allow for Arbitrary Code Execution
A vulnerability has been discovered in WatchGuard Fireware OS, which could allow for arbitrary code execution. Fireware OS is the software that r...
2025-086: Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Issued on 09.18.2025
2025-086: Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exp...
2025-085: Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Issued on 09.16.2025
2025-085: Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.Mozilla Fire...
2025-084: Multiple Vulnerabilities in Ivanti Products Could Allow for Remote Code Execution
Issued on 09.09.2025
2025-084: Multiple Vulnerabilities in Ivanti Products Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in Ivanti products, the most severe of which could allow for remote code execution. Ivanti Endpoint...
2025-082: Critical Patches Issued for Microsoft Products, September 09, 2025
Issued on 09.09.2025
2025-082: Critical Patches Issued for Microsoft Products, September 09, 2025
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful e...

Explore Related Cybersecurity Solutions

CIS Benchmarks
Safeguard IT systems against cyber threats with more than 100 configuration guidelines across more than 25 vendor product families.
Learn More
CIS Controls
Protect your organization from cyber-attacks with globally recognized CIS Controls, companion guides, and mappings.
Learn More
CIS CyberMarket
CIS CyberMarket
Learn More
CIS Hardened Images
CIS Hardened Images
Learn More
CIS SecureSuite
CIS SecureSuite
Learn More
CIS Services
CIS Services
Learn More
EI-ISAC
Access resources for threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial (SLTT) government entities.
Learn More
MS-ISAC
Access resources for threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial (SLTT) government entities.
Learn More
See All Solutions
ThreatWA Ads