Threat Intelligence

Secure Today. Defend Tomorrow.

Real-time threat feed from trusted sources. Updated continuously to keep you informed of the latest malicious activity.

All Malware Phishing Ransomware APT Vulnerability Other
CISA KEV · Vulnerability 4 years ago

WatchGuard Firebox and XTM Appliances Arbitrary Code Execution

On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code.

Read More →
CISA KEV · Vulnerability 4 years ago

MiCollab, MiVoice Business Express Access Control Vulnerability

A vulnerability has been identified in MiCollab and MiVoice Business Express that may allow a malicious actor to gain unauthorized access to sensitive information and services, cause performance degradations or a denial of service condition on the affected system.

Read More →
CISA KEV · Vulnerability 4 years ago

Microsoft Windows Print Spooler Privilege Escalation Vulnerability

Microsoft Windows Print Spooler contains an unspecified vulnerability which can allow for privilege escalation.

Read More →
CISA KEV · Vulnerability 4 years ago

Sitecore XP Remote Command Execution Vulnerability

Sitcore XP contains an insecure deserialization vulnerability which can allow for remote code execution.

Read More →
CISA KEV · Vulnerability 4 years ago

Citrix ShareFile Improper Access Control Vulnerability

Improper Access Control in Citrix ShareFile storage zones controller may allow an unauthenticated attacker to remotely compromise the storage zones controller.

Read More →
CISA KEV · Vulnerability 4 years ago

D-Link DIR-610 Devices Remote Command Execution

D-Link DIR-610 devices allow remote code execution via the cmd parameter to command.php.

Read More →
CISA KEV · Vulnerability 4 years ago

Zyxel Multiple NAS Devices OS Command Injection Vulnerability

Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code.

Read More →
CISA KEV · Vulnerability 4 years ago

OpenSMTPD Remote Code Execution Vulnerability

smtp_mailaddr in smtp_session.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session.

Read More →
CISA KEV · Vulnerability 4 years ago

VMware Tanzu Spring Cloud Config Directory Traversal Vulnerability

Spring, by VMware Tanzu, Cloud Config contains a path traversal vulnerability that allows applications to serve arbitrary configuration files.

Read More →
CISA KEV · Vulnerability 4 years ago

Sophos SG UTM Remote Code Execution Vulnerability

A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM.

Read More →
CISA KEV · Vulnerability 4 years ago

QNAP Helpdesk Improper Access Control Vulnerability

QNAP Helpdesk contains an improper access control vulnerability which could allow an attacker to gain privileges or to read sensitive information.

Read More →
CISA KEV · Vulnerability 4 years ago

Palo Alto Networks PAN-OS Authentication Bypass Vulnerability

Palo Alto Networks PAN-OS contains a vulnerability in SAML which allows an attacker to bypass authentication.

Read More →
CISA KEV · Vulnerability 4 years ago

Apache Kylin OS Command Injection Vulnerability

Apache Kylin contains an OS command injection vulnerability which could permit an attacker to perform remote code execution.

Read More →
CISA KEV · Vulnerability 4 years ago

Juniper Junos OS Path Traversal Vulnerability

A path traversal vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform remote code execution.

Read More →
CISA KEV · Vulnerability 4 years ago

Drupal Core Remote Code Execution Vulnerability

In Drupal Core, some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases.

Read More →
CISA KEV · Vulnerability 4 years ago

Oracle BI Publisher Unauthorized Access Vulnerability

Oracle BI Publisher, formerly XML Publisher, contains an unspecified vulnerability that allows for various unauthorized actions. Open-source reporting attributes this vulnerability to allowing for authentication bypass.

Read More →
CISA KEV · Vulnerability 4 years ago

D-Link Multiple Routers Command Injection Vulnerability

Multiple D-Link routers contain a command injection vulnerability which can allow attackers to achieve full system compromise.

Read More →
CISA KEV · Vulnerability 4 years ago

Webmin Command Injection Vulnerability

An issue was discovered in Webmin. The parameter old in password_change.cgi contains a command injection vulnerability.

Read More →
CISA KEV · Vulnerability 4 years ago

Citrix SD-WAN and NetScaler Command Injection Vulnerability

Authenticated Command Injection in Citrix SD-WAN Appliance and NetScaler SD-WAN Appliance.

Read More →
CISA KEV · Vulnerability 4 years ago

Citrix SD-WAN and NetScaler SQL Injection Vulnerability

Citrix SD-WAN and NetScaler SD-WAN allow SQL Injection.

Read More →

Sources

  • AlienVault OTX
  • CISA KEV
  • URLhaus

Stay Ahead of Threats

Secure Today. Defend Tomorrow.

Get daily threat intelligence and CVE digests delivered to your inbox.