ECHO-531C-0DEB-1175

Bulletin has no description...

Storm-1175 Deploys Medusa Ransomware Within 24 Hours of Flaw Disclosure

Microsoft researchers have uncovered a fast-moving group, Storm-1175, launching high-speed Medusa ransomware attacks against healthcare and education sectors in the UK, US, and Australia by exploiting security flaws in as little as 24 hours...

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate "high-velocity" attacks and break into susceptible internet-facing systems. "The threat actor's high operational tempo and...

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

In this article 1. Storm-1175’s rapid attack chain: From initial access to impact 2. Mitigation and protection guidance 3. Microsoft Defender detections 4. Indicators of compromise The financially motivated cybercriminal actor tracked by Microsoft Threat Intelligence as Storm-1175 operates...

CVE-2026-1175

creationtimestamp| type| source ---|---|--- 2026-01-19 23:03:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcsqtth6662n...

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere software to facilitate the deployment of Medusa ransomware. The vulnerability is CVE-2025-10035 CVSS score: 10.0, a critical deserialization bug that could...

Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability

On September 18, 2025, Fortra published a security advisory regarding a critical deserialization vulnerability in GoAnywhere MFT's License Servlet, which is tracked as CVE-2025-10035 and has a CVSS score of 10.0. The vulnerability could allow a threat actor with a validly forged license response...

EUVD-2022-24744

Malicious code in bioql PyPI...

TencentOS Server 4: vim (TSSA-2024:1005)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1005 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2024-1175

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'deletepayment' function in all versions up to, and including, 16.26.6. This makes it possible for unauthenticated attackers to delete...

CVE-2022-1433

An issue has been discovered in GitLab affecting all versions starting from 14.4 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. Missing invalidation of Markdown caching causes potential payloads from a previously exploitable XSS...

CVE-2020-1175

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1174, CVE-2020-1176...

RHSA-2019:1175

creationtimestamp| type| source ---|---|--- 2025-04-23 20:04:44+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13135 2025-04-23 20:04:48+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13136 2025-04-23 20:04:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13137...

Linux Distros Unpatched Vulnerability : CVE-2023-1175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. CVE-2023-1175 Note that Nessus relies on the presence of the package as...

CVE-2025-1175

Reflected Cross-Site Scripting XSS vulnerability in Kelio Visio 1, Kelio Visio X7 and Kelio Visio X4, in versions between 3.2C and 5.1K. This vulnerability could allow an attacker to execute a JavaScript payload by making a POST request and injecting malicious code into the editable ‘username’...

CVE-2025-1175

The vulnerability CVE-2025-1175 is a Reflected Cross-Site Scripting (XSS) in Kelio Visio 1, Kelio Visio X7, and Kelio Visio X4, affecting versions 3.2C through 5.1K. The issue occurs in the editable ‘username’ parameter of the endpoint "/PageLoginVisio.do" and can be triggered by a POST request t...

CVE-2022-1175

Improper neutralization of user input in GitLab CE/EE versions 14.4 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 allowed an attacker to exploit XSS by injecting HTML in notes...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2024-2300)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-1175

CVE-2024-1175 affects WP-Recall – Registration, Profile, Commerce & More for WordPress. Red Hat advisory RH:CVE-2024-1175 confirms an unauthenticated data loss vulnerability caused by a missing capability check in the delete_payment function, exploitable on all versions up to 16.26.6. The vulnera...

CVE-2024-1175 WP-Recall – Registration, Profile, Commerce & More <= 16.26.6 - Unauthenticated Payment Deletion via delete_payment

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'deletepayment' function in all versions up to, and including, 16.26.6. This makes it possible for unauthenticated attackers to delete...