Lucene search
K

8 matches found

Cvelist
Cvelist
added 8 hours ago9 views

CVE-2026-12116 CVE-2026-12116

A vulnerability in the Xerte Online Tools allows for RCE through the antivirus binary path in the tools server settings, which can be changed to a PHP interpreter, allowing an attacker to upload PHP data that will then be executed...

Exploits0References3
hivepro
hivepro
added 2022/04/05 12:57 p.m.253 views

Deep Panda deploys new rootkit “Fire Chili” by exploiting Log4shell in VMware horizon

THREAT LEVEL: Red For a detailed advisory, download the pdf file here Deep Panda, a Chinese APT group, took advantage of the well-known Log4Shell vulnerability in VMware Horizon servers to deploy a backdoor, rootkit, and steal sensitive data. This threat actor is primarily targeting firms in the...

9.3CVSS0.3AI score0.99999EPSS
Exploits351
hivepro
hivepro
added 2022/04/02 12:38 a.m.21 views

Actively exploited vulnerability affects Trend Micro Apex Central

THREAT LEVEL: Amber For a detailed advisory, download the pdf file here Trend Micro Apex Central on-premise and as a Service has a zero-day vulnerability. This arbitrary file upload vulnerability if successfully exploited, could allow an unauthenticated remote attacker to upload any file, resulti...

1.2AI score
Exploits0
hivepro
hivepro
added 2022/02/07 2:23 p.m.21 views

Iranian state-sponsored APT group MuddyWater targeting organizations via malicious executables

THREAT LEVEL: Red. United States Cyber Command USCYBERCOM has warned of an ongoing cyber attack by Iranian state sponsored actor named as MuddyWater. This APT group is currently targeting Middle Eastern countries and has also targeted European and North American nations. The Iranian-backed...

0.1AI score
Exploits0
hivepro
hivepro
added 2022/01/26 5:39 a.m.14 views

MoonBounce: New malware deployed by APT41 in UEFI firmware

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. MoonBounce is a new type of malware that hides in the most complex part of an Operating System OS, the Basic Input Output System BIOS chip, and thus persists even after reinstalling your OS or formatting your hard drive...

0.5AI score
Exploits0
hivepro
hivepro
added 2021/07/08 12:32 p.m.79 views

REvil Ransomware gang behind the Kaseya VSA Supply-Chain attack

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. The REvil ransomware group was successful in carrying out a supply chain attack by exploiting the zero-day vulnerability CVE-2021-30116 in the Kaseya VSA server and delivering a malicious script to all the computer devices...

7.5CVSS0.7AI score0.85619EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2019/04/08 12:0 a.m.71 views

CVE-2019-0211

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.8CVSS1.9AI score0.65005EPSS
In wildExploits8References71
Apache Httpd
Apache Httpd
added 2019/02/22 12:0 a.m.162 views

Apache Httpd < 2.4.39 : Apache HTTP Server privilege escalation from modules' scripts

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.8CVSS1.7AI score0.65005EPSS
Exploits8Affected Software1
Rows per page
Query Builder