The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The list of flaws is below -

CVE-2024-20767 (CVSS score: 7.4) - Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify restricted



Source: TheHackerNews
Source Link: https://thehackernews.com/2024/12/cisa-and-fbi-raise-alerts-on-exploited.html