Threat Intelligence
Secure Today. Defend Tomorrow.
Real-time threat feed from trusted sources. Updated continuously to keep you informed of the latest malicious activity.
Cisco HyperFlex HX Data Platform Command Injection Vulnerability
Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the tomcat8 user.
Read More →Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability
Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.
Read More →Cisco IOS XR Software Discovery Protocol Format String Vulnerability
Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device.
Read More →Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.
Read More →Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.
Read More →Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability
Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with root privileges or cause a denial-of-service (DoS) condition.
Read More →Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability
Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers contain improper access controls for URLs. Exploitation could allow an attacker to download the router configuration or detailed diagnostic information.
Read More →Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability
Cisco Adaptive Security Appliance (ASA) contains an improper input validation vulnerability with HTTP URLs. Exploitation could allow an attacker to cause a denial-of-service (DoS) condition or information disclosure.
Read More →Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability
Citrix StoreFront Server contains an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information.
Read More →Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability
Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an authorization bypass vulnerability that may allow unauthenticated access to certain URL endpoints. The attacker must have access to the NetScaler IP (NSIP) in order to perform exploitation.
Read More →Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability
Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.
Read More →Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability
Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.
Read More →Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability
Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an unspecified vulnerability that could allow an unauthenticated attacker to perform code execution.
Read More →Citrix Workspace Application and Receiver for Windows Remote Code Execution Vulnerability
Citrix Workspace Application and Receiver for Windows contains remote code execution vulnerability resulting from local drive access preferences not being enforced into the clients' local drives.
Read More →D-Link DIR-825 R1 Devices Buffer Overflow Vulnerability
D-Link DIR-825 R1 devices contain a buffer overflow vulnerability in the web interface that may allow for remote code execution.
Read More →D-Link DNS-320 Device Command Injection Vulnerability
D-Link DNS-320 device contains a command injection vulnerability in the sytem_mgr.cgi component that may allow for remote code execution.
Read More →DotNetNuke (DNN) Inadequate Encryption Strength Vulnerability
DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters.
Read More →DotNetNuke (DNN) Inadequate Encryption Strength Vulnerability
DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. This CVE ID resolves an incomplete patch for CVE-2018-15811.
Read More →DotNetNuke (DNN) Remote Code Execution Vulnerability
DotNetNuke (DNN) contains a vulnerability that may allow for remote code execution via cookie deserialization.
Read More →Docker Desktop Community Edition Privilege Escalation Vulnerability
Docker Desktop Community Edition contains a vulnerability that may allow local users to escalate privileges by placing a trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\.
Read More →Sources
- AlienVault OTX
- CISA KEV
- URLhaus
Stay Ahead of Threats
Secure Today. Defend Tomorrow.
Get daily threat intelligence and CVE digests delivered to your inbox.