A recently discovered vulnerability in LOG4J2 (also referred to as LOG4SHELL) is being widely reported as one of the most dangerous vulnerabilities in application software to date. There is already news that it is being exploited in the wild, putting widely used applications and cloud services at risk. Runtime Application Security (RASP) solutions are the only solutions that prevent exploitation of this vulnerability in real-time without the need for patching.
Protect against Log4J without patching
Learn More
HomeTagvulnerability database Archives - K2io
Tag
Entries Tagged " vulnerability database "
On December 8, 2021 we just hit another milestone with the number of vulnerabilities recorded in the US CERT Vulnerability Database (so far in 2021) exceeding the total count in 2020, marking a fifth record year of vulnerabilities discovered in production code.
The proliferation of applications in the wake of COVID and more employees than ever working from home should not be a surprise to anyone. The worry though, is whether organizations have taken security for those newly released applications seriously enough. Security professionals face growing challenges as their organizations increase both the number of applications deployed and the pace at which these applications change. The publication eWeek took a closer look at some of the security implications of application proliferation in a new article.
A new article in the Daily Swig discloses that security researchers have discovered that a historic vulnerability affecting both MySQL and MariaDB databases caused serious flaws for security technologies, specifically Web Application Firewall (WAF) from AWS. WAF failures aren't new, and we recently wrote about a hacker claiming WAFs don't work.
Last year, K2 Cyber Security reported that the US-CERT Vulnerability Database hit a record number of vulnerabilities recorded for the fourth year in a row on December 15, 2020. As of last Thursday, October 14, 2021, the database is on track to hit a fifth record year of recorded vulnerabilties.
The final numbers for reported vulnerabilities in 2020 are published. We covered the news when the number of vulnerabilities recorded hit a record for the fourth year in a row. The US-CERT Vulnerability Database keeps track of new vulnerabilities in production code as they are discovered and assigns each unique vulnerability with a "CVE" number.
On December 15, 2020 we just hit another milestone with the number of vulnerabilities recorded in the US CERT Vulnerability Database (so far in 2020) exceeding the total count in 2019, marking a fourth record year of vulnerabilities discovered in production code.