Threat Intelligence
Secure Today. Defend Tomorrow.
Real-time threat feed from trusted sources. Updated continuously to keep you informed of the latest malicious activity.
NETGEAR Multiple WAP Devices Command Injection Vulnerability
Multiple NETGEAR Wireless Access Point devices allows unauthenticated web pages to pass form input directly to the command-line interface. Exploitation allows for arbitrary code execution.
Read More →D-Link DCS-930L Devices OS Command Injection Vulnerability
setSystemCommand on D-Link DCS-930L devices allows a remote attacker to execute code via an OS command.
Read More →NETGEAR WNR2000v5 Router Buffer Overflow Vulnerability
The NETGEAR WNR2000v5 router contains a buffer overflow which can be exploited to achieve remote code execution.
Read More →Ruby on Rails Directory Traversal Vulnerability
Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files.
Read More →Arcserve Unified Data Protection (UDP) Directory Traversal Vulnerability
Directory traversal vulnerability in Arcserve UDP allows remote attackers to obtain sensitive information or cause a denial of service.
Read More →TP-Link Multiple Archer Devices Directory Traversal Vulnerability
Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.
Read More →Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability
The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.
Read More →D-Link and TRENDnet Multiple Devices Remote Code Execution Vulnerability
The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution.
Read More →Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.
Read More →Microsoft Windows Object Linking & Embedding (OLE) Automation Array Remote Code Execution Vulnerability
OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site.
Read More →Microsoft Kerberos Key Distribution Center (KDC) Privilege Escalation Vulnerability
The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain administrator privileges.
Read More →Rejetto HTTP File Server (HFS) Remote Code Execution Vulnerability
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (HFS or HttpFileServer) allows remote attackers to execute arbitrary programs.
Read More →Elasticsearch Remote Code Execution Vulnerability
Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code.
Read More →Ruby on Rails Directory Traversal Vulnerability
Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request.
Read More →D-Link DSL-2760U Gateway Cross-Site Scripting Vulnerability
A cross-site scripting (XSS) vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users to inject arbitrary web script or HTML.
Read More →HP Multiple Products Remote Code Execution Vulnerability
HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet.
Read More →Apache Struts Improper Input Validation Vulnerability
Apache Struts allows remote attackers to execute arbitrary Object-Graph Navigation Language (OGNL) expressions.
Read More →PHP-CGI Query String Parameter Vulnerability
sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.
Read More →Exim Privilege Escalation Vulnerability
Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.
Read More →Exim Heap-Based Buffer Overflow Vulnerability
Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.
Read More →Sources
- AlienVault OTX
- CISA KEV
- URLhaus
Stay Ahead of Threats
Secure Today. Defend Tomorrow.
Get daily threat intelligence and CVE digests delivered to your inbox.