1559 matches found
CISA Known Exploited Vulnerability Catalog May 2024
Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2020-17519 Apache Flink Improper Access Control Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significa...
CVE-2024-4181 Command Injection in run-llama/llama_index
A command injection vulnerability exists in the RunGptLLM class of the llamaindex library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models LLMs. The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised...
Oracle MySQL 安全漏洞
Oracle MySQL is an open source relational database management system from Oracle Corporation USA. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker exploited the vulnerability to cause MySQL Server to hang or crash frequently and repeatedly...
CVE-2023-34423
CVE-2023-34423 (Survey Maker) has a stored XSS in versions prior to 3.6.4 that can execute arbitrary scripts in the browser of the admin user logging in to the site. Affected: Survey Maker WordPress plugin
CVE-2024-28734
creationtimestamp| type| source ---|---|--- 2024-03-19 15:26:59+00:00| seen| https://t.me/ctinow/211604 2024-04-07 22:02:52+00:00| seen| https://t.me/arpsyndicate/4382 2025-02-04 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2025-02-04 2025-05-15 00:00:00+00:00|...
CVE-2024-2330
creationtimestamp| type| source ---|---|--- 2024-03-09 10:26:46+00:00| seen| https://t.me/ctinow/203871 2024-03-09 10:31:46+00:00| seen| https://t.me/ctinow/203872 2024-12-15 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-12-15 2025-05-15 00:00:00+00:00|...
Customer Support System Security Breach
Customer Support System is a customer support system by oretnom23 Individual Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. A security vulnerability exists in Customer Support System version v.1.0. An attacker...
Microsoft Windows Multiple Vulnerabilities (KB5034767)
This host is missing an important security update according to Microsoft KB5034767 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
CVE-2023-50358
creationtimestamp| type| source ---|---|--- 2024-02-13 04:31:44+00:00| seen| https://t.me/ctinow/183591 2024-02-14 12:16:32+00:00| seen| https://t.me/ctinow/184575 2024-02-14 12:20:05+00:00| exploited| https://t.me/truesecator/5413 2024-03-08 08:16:55+00:00| seen| https://t.me/ctinow/203119...
CVE-2024-22319
creationtimestamp| type| source ---|---|--- 2024-02-02 04:21:45+00:00| seen| https://t.me/ctinow/177910 2024-02-23 12:23:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/10025 2024-02-24 12:41:34+00:00| seen| https://t.me/ctinow/192554 2025-06-26 00:00:00+00:00|...
CVE-2024-24329
creationtimestamp| type| source ---|---|--- 2024-01-30 16:22:10+00:00| seen| https://t.me/ctinow/176043 2024-02-01 08:16:32+00:00| seen| https://t.me/ctinow/177364 2024-02-22 08:08:04+00:00| seen| https://t.me/ctinow/190519 2025-02-12 09:28:20+00:00| seen|...
Fedora: Security Advisory for chromium (FEDORA-2024-049f068a8c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CISA Known Exploited Vulnerability Catalog December 2023
For a detailed CISAs KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog,...
CVE-2024-0305
creationtimestamp| type| source ---|---|--- 2024-01-08 10:26:30+00:00| seen| https://t.me/ctinow/164264 2024-01-12 01:51:59+00:00| seen| https://t.me/ctinow/166993 2024-01-25 10:11:16+00:00| seen| https://t.me/ctinow/173353 2024-01-26 17:59:24+00:00| seen| https://t.me/arpsyndicate/3023 2024-12-2...
CVE-2023-31446
creationtimestamp| type| source ---|---|--- 2024-01-07 22:09:15+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/9743 2024-01-08 09:16:40+00:00| seen| https://t.me/ctinow/164237 2024-01-10 04:26:20+00:00| seen| https://t.me/ctinow/165527 2024-01-27 07:07:25+00:00| seen|...
Attacks, Vulnerabilities and Actors 25 December to 31 December 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eight executed attacks, four instances of adversary activity, and five exploited...
Google Chrome Security Update (stable-channel-update-for-desktop_20-2023-12) - Windows
Google Chrome is prone to a heap buffer overflow vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...
CVE-2023-42917
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against...
CVE-2023-42916
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versio...