CVE-2023-42815

creationtimestamp| type| source ---|---|--- 2026-06-19 12:46:45+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0fe5aa8a-2830-4c4a-bc70-4d648e81a0db...

PT-2025-52309

3/ CVE-2023-1423 highlights vulnerabilities exploited by AI-driven phishing, emphasizing the need for updated defenses. CyberSecurity Hacking...

CVE-2019-12593

creationtimestamp| type| source ---|---|--- 2025-08-20 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2025-08-20 2025-08-20 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-08-20 2026-06-08 00:00:00+00:00| exploited| The Shadowserver...

CVE-2022-21322

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where th...

CVE-2024-50375

A CWE-306 "Missing Authentication for Critical Function" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The vulnerability can be exploited by remote unauthenticated users capable of interacting...

SuiteCRM Security Breach

SuiteCRM is a customer relationship management system from the SuiteCRM team. A security vulnerability exists in SuiteCRM. An attacker exploited the vulnerability to execute a cross-site scripting attack...

WordPress Plugin AI Power: Complete AI Pack - Powered by GPT-4 Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin AI Power: Complete AI Pack...

Ivanti Vulnerability Exploited to Install 'DSLog' Backdoor on 670+ IT Infrastructures

Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices. That's according to findings from Orange Cyberdefense, which said it observed the exploitation of...

PT-2023-7984 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 120.0.6099.129 Description: A heap buffer overflow in WebRTC allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. The vulnerability is actively exploited and may cause crashe...

PT-2023-3476 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to errors in security settings of the SmartScreen component, which is part of Windows operating systems. It allows a remote attacker to bypass security...

CVE-2023-34581

creationtimestamp| type| source ---|---|--- 2023-05-24 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/51482 2023-06-12 18:39:14+00:00| seen| https://t.me/cibsecurity/65134...

Moodle 跨站请求伪造漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle. An attacker exploited the vulnerability to perform a cross-site request forgery attack...

FiND 安全漏洞

FiND is an application by the German individual developer AenBleidd. A security vulnerability exists in FiND. An attacker exploited the vulnerability to cause a buffer overflow...

WordPress plugin Contest Gallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

Discourse 安全漏洞

Discourse is an open source community discussion platform. The platform includes features such as communities, email and chat rooms. A security vulnerability exists in Discourse. An attacker exploited the vulnerability to cause sensitive information to be disclosed...

CVE-2022-2840

creationtimestamp| type| source ---|---|--- 2022-10-06 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/51024...

NetApp SnapCenter 路径遍历漏洞

NetApp SnapCenter is a suite of applications from Network Appliance NetApp that provides the ability to back up, verify, clone, and restore NetApp storage systems. A security vulnerability exists in NetApp SnapCenter. An attacker exploited the vulnerability to gain access to data in order to read...

Vulnerability of JunOS Evolved and Junos operating systems, allowing attackers to trigger a system crash and restart.

The vulnerability of JunOS Evolved and Junos operating systems is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to trigger an emergency failure and restart the device through the routing process of the event management...

SQL Injection Vulnerability in TPCMS

TPCMS is an open source cms written by thinkphp. TPCMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

533 Million Facebook Users' Phone Numbers and Personal Data Leaked Online

In what's likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a popular cybercrime forum for free—which was harvested by hackers in 2019 using a Facebook vulnerability. The leaked data includes full...