2022 Flexera Annual Vulnerability Review Report
2022 was a busy year for cybersecurity. A record-breaking number of security advisories were published, and many significant vulnerabilities were the cause of data breaches, ransomware attacks and o...
Blog posts from partners, community members and the Flexera team
Blog Articles
Monthly Software Vulnerability Insights - April 2023
Important conclusions from this month report are: A lower count of advisories this month, however with more extreme critical advisories and more zero-day advisories than we have seen before in the las...
Monthly Software Vulnerability Insights - March 2023
Summary Total advisories: 719 ↑ (last month: 709). March has reported 719 advisories, replacing February as the third-highest number of advisories since the Secunia Research Team started in 2002. (#...
Monthly Vulnerability Insights: Feb 2023
Summary Total advisories: 709 ↑ (last month: 621). February’23 has reported 709 advisories the third highest number of advisories since the Secunia Research Team started in 2002. (#1 : July’20, #2: ...
Still Using SVM's Older Web UI?
The Patch Publisher has come a long way since its initial release and today provides a superior user experience for patching operations. If you have not tried it, we encourage you to do so as we begin...
Monthly Vulnerability Insights: Janurary 2023
Summary Total advisories: 626 ↑ (last month: 512). January reported more advisories than December. Important conclusions from this month's report are: 108 rejected advisories have been reportedThe S...
The Critical and Evolving Demands of Software Vulnerability Management
Not keeping up with patches that are known to negatively impact security risk is nothing short of irresponsible. But learning of impactful vulnerabilities that affect you and being able to patch thos...
Monthly Vulnerability Insights: December 2022
Summary Total advisories: 512 ↓ (last month: 689). December reported fewer advisories than November, Important conclusions from this month's report are: 86 rejected advisoriesThe Secunia Research Te...
Monthly Vulnerability Insights: November 2022
Summary Total advisories: 689 ↑ (last month: 660). November reported more advisories than October, Important conclusions from this month's report are: 153 rejected advisories, which is the highest mon...
Monthly Vulnerability Insights: October 2022
SummaryTotal advisories: 660 ↑ (last month: 544) .October reported a lot more advisories than September, Important conclusions from this month's report are:• The Secunia Research Team reported 2 Extre...
Monthly Vulnerability Insights: September 2022
Summary of Monthly Vulnerability Insights:Total advisories: 544 ↓ (last month: 591). September reported fewer advisories than August, After 9 consecutive months, September is the first month when ven...
Software Suggestion Guidelines
This article aims to articulate acceptance criteria for submitting software to be covered by SVR and SVM, as well as the rationale behind such. It is important to note that our Research team validates...
Monthly Vulnerability Insights: August 2022
Summary of Monthly Vulnerability Insights:The Log4j vulnerability is still being detected/reported by vendors after almost 9 months mostly by IBM: IBM Security Identity ManagerIBM Infosphere Master D...
Monthly Vulnerability Insights: July 2022
Summary of Monthly Vulnerability Insights: July reported more advisories than June’s sudden dip. (the first half year was a continued monthly increase until June) The Log4j vulnerability is still bei...
SVM Inventory-Based Vulnerability Assessment
The actionable SVM’s vulnerability assessment results are achieved by performing a file-level scan against special criteria we have identified (referred to as a file signature). This capability provid...
Monthly Vulnerability Insights: June 2022
Summary of Monthly Vulnerability Insights:Total advisories: 517 ↓ (last month: 688). June reported fewer advisories after we have seen an increase each month since the beginning of this year. The Lo...
Monthly Vulnerability Insights: May 2022
Summary of May Vulnerability Insights :May was the month with the highest number of vulnerabilities in the last 18 months. 7 Zero-day Vulnerabilities are reported by Microsoft and Cisco and it was 9 ...
Flexera SVM and Microsoft Internet Explorer EoSL
SVM performs many features not permitted by web browsers, so leverages an ActiveX control to accomplish these tasks (like patch publishing, remote scan, and software suggestions). We recently launched...
Monthly Vulnerability Insights: April 2022
Summary of April Vulnerability Insights :April was the month with the highest number of vulnerabilities in the last 18 months. 9 Zero-day Vulnerabilities were reported including Google Chrome, Micros...
Monthly Vulnerability Insights: March 2022
Summary of March Vulnerability Insights : March was the month with the second-highest number of vulnerabilities in the last 12 months. Most Browsers disclosed zero-day vulnerabilities that also had hi...
Monthly Vulnerability Insights: February 2022
Check our summary of vulnerability data from February 2022! You'll see the total number of vulnerabilities reported this month are 502. And there have been threats associated with these vulnerabilitie...
Monthly Vulnerability Insights: January 2022
Check our summary of vulnerability data from January 2022! You'll see an increase in the number of vulnerabilities reported compared to last month. And there's been an increase in the number of threat...
Monthly Vulnerability Insights: December 2021
Check our summary of vulnerability data from December 2021! You'll see an increase in the number of vulnerabilities reported compared to last month. However, there's been an increase in the number of ...
Apache Log4j “Log4Shell” and Beyond
The following summary of Log4j is credited to Flexera Secunia Research's Lars Wiebusch CVE References CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-44832, CVE-2021-4104 Introduction In Dece...
ALERT: SVR Outage Planned for Wednesday Jan 5th 2022
There will be Software Vulnerability Research (SVR) outage on or about 10 AM CST on Wednesday, January 5th, 2022 which is planned to last no more than 2 hours. This interruption of service is necessar...
Identifying Apache Log4j JNDI Vulnerability “Log4Shell” and Variants (CVE-2021-44228, CVE-2021-45046, CVE-2021-4104) with SVM
Recently, a vulnerability within Apache Log4j caught widespread public attention and has security, operational, and development teams alike scrambling for analyzing the impact within their own ecosys...
Monthly Vulnerability Insights: November 2021
Check our summary of vulnerability data from November 2021! You'll see a decrease in the number of vulnerabilities reported as compared to last month. However, there's been an increase in the number o...
SVM User Interface FAQ
How do I access the new UI?What browsers are supported by the new UI?What are some new features of the new UI?What limitations are associated with the new UI?Can I still use the old UI?Why would I wan...
Monthly Vulnerability Insights: October 2021
Welcome to our October vulnerability insights report. This comprehensive, monthly review is based upon data from the Secunia Research Team at Flexera who produces valuable advisories leveraged by our ...
Monthly Vulnerability Insights: September 2021
The monthly report for vulnerability insights for September 2021 is here. In September, a total of 461 advisories were reported by the Secunia Research Team for 307 unique products across 72 unique ve...
