Threat Intelligence
Secure Today. Defend Tomorrow.
Real-time threat feed from trusted sources. Updated continuously to keep you informed of the latest malicious activity.
Oracle Business Intelligence Enterprise Edition Path Transversal
Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.
Read More →Drupal core Un-restricted Upload of File
Improper sanitization in the extension file names is present in Drupal core.
Read More →Apache Airflow Command Injection
A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow.
Read More →Apache Airflow's Experimental API Authentication Bypass
The previous default setting for Airflow's Experimental API was to allow all API requests without authentication.
Read More →VMware vCenter Server Improper Access Control
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.
Read More →Hikvision Improper Input Validation
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.
Read More →Google Chrome Media Use-After-Free Vulnerability
Google Chrome Media contains a use-after-free vulnerability that allows a remote attacker to execute code via a crafted HTML page.
Read More →Microsoft Win32k Privilege Escalation Vulnerability
A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP.
Read More →Microsoft WinVerifyTrust function Remote Code Execution
A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files.
Read More →Oracle WebLogic Server, Injection
Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).
Read More →Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference
Synacor Zimbra Collaboration Suite (ZCS) contains an improper restriction of XML external entity (XXE) vulnerability in the mailboxd component.
Read More →Fortinet FortiOS and FortiProxy Improper Authorization
An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.
Read More →Fortinet FortiOS and FortiProxy Out-of-bounds Write
A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users.
Read More →Palo Alto Networks PAN-OS Remote Code Execution Vulnerability
Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled.
Read More →Exim Mail Transfer Agent (MTA) Improper Input Validation
Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
Read More →IBM WebSphere Application Server and Server Hypervisor Edition Code Injection.
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands
Read More →Primetek Primefaces Remote Code Execution Vulnerability
Primetek Primefaces is vulnerable to a weak encryption flaw resulting in remote code execution
Read More →Kibana Arbitrary Code Execution
Kibana contain an arbitrary code execution flaw in the Timelion visualizer.
Read More →FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit
A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesystem.
Read More →Microsoft Windows AppX Installer Spoofing Vulnerability
Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability.
Read More →Sources
- AlienVault OTX
- CISA KEV
- URLhaus
Stay Ahead of Threats
Secure Today. Defend Tomorrow.
Get daily threat intelligence and CVE digests delivered to your inbox.