Threat Intelligence
Secure Today. Defend Tomorrow.
Real-time threat feed from trusted sources. Updated continuously to keep you informed of the latest malicious activity.
RARLAB UnRAR Directory Traversal Vulnerability
RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability, allowing an attacker to write to files during an extract (unpack) operation.
Read More →Synacor Zimbra Collaboration Suite (ZCS) Command Injection Vulnerability
Synacor Zimbra Collaboration Suite (ZCS) allows an attacker to inject memcache commands into a targeted instance which causes an overwrite of arbitrary cached entries.
Read More →Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability
Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group.
Read More →Microsoft Windows Client Server Runtime Subsystem (CSRSS) Privilege Escalation Vulnerability
Microsoft Windows CSRSS contains an unspecified vulnerability that allows for privilege escalation to SYSTEM privileges.
Read More →Microsoft Windows LSA Spoofing Vulnerability
Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.
Read More →Mitel MiVoice Connect Data Validation Vulnerability
The Service Appliance component in Mitel MiVoice Connect allows remote code execution due to incorrect data validation.
Read More →Google Chromium PopupBlocker Security Bypass Vulnerability
Google Chromium PopupBlocker contains an insufficient policy enforcement vulnerability that allows a remote attacker to bypass navigation restrictions via a crafted iframe. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Read More →Red Hat Polkit Out-of-Bounds Read and Write Vulnerability
The Red Hat polkit pkexec utility contains an out-of-bounds read and write vulnerability that allows for privilege escalation with administrative rights.
Read More →Apple iOS and iPadOS Buffer Overflow Vulnerability
Apple iOS and iPadOS contain a buffer overflow vulnerability that could allow an application to execute code with kernel privileges.
Read More →Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.
Read More →Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, and tvOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.
Read More →Apple Multiple Products Use-After-Free Vulnerability
A use-after-free vulnerability in Apple iOS, macOS, tvOS, and watchOS could allow a malicious application to execute code with system privileges.
Read More →Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability which can allow for code execution.
Read More →Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.
Read More →SAP NetWeaver Unrestricted File Upload Vulnerability
SAP NetWeaver contains a vulnerability that allows unrestricted file upload.
Read More →SAP NetWeaver SQL Injection Vulnerability
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Read More →SAP NetWeaver Information Disclosure Vulnerability
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request.
Read More →QNAP Photo Station Path Traversal Vulnerability
QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.
Read More →QNAP Photo Station Path Traversal Vulnerability
QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.
Read More →QNAP QTS Improper Input Validation Vulnerability
QNAP QTS contains an improper input validation vulnerability allowing remote attackers to inject code on the system.
Read More →Sources
- AlienVault OTX
- CISA KEV
- URLhaus
Stay Ahead of Threats
Secure Today. Defend Tomorrow.
Get daily threat intelligence and CVE digests delivered to your inbox.