Severity High Analysis Summary CVE-2023-27290 Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 through 241-2, and 243-0) do not currently […]

Severity Medium Analysis Summary Smoke Loader – a malicious bot application – can be used to load additional malware. Smoke Loader has been spotted in the […]

Severity Medium Analysis Summary Cobalt Strike first appeared in 2012 in response to alleged flaws in the Metasploit Framework, an existing red team (penetration testing) tool. […]

Severity High Analysis Summary The STOP/DJVU ransomware initially made headlines in 2018 and has since been attacking individuals all around the world. It’s widespread on torrent […]

Severity High Analysis Summary CVE-2023-0457 Mitsubishi Electric products could allow a remote attacker to obtain sensitive information, caused by plaintext storage of a password. By sniffing […]

Severity High Analysis Summary Cloud Atlas is a sophisticated Advanced Persistent Threat (APT) group that has been active since at least 2014. Also known as “Inception”, […]

Severity High Analysis Summary APT-C-35 (also known as “Donot APT Group”) is a cyber espionage group that has been active since at least 2013. The group […]

Severity Medium Analysis Summary CVE-2023-24975 CVSS:5.4 IBM Spectrum Symphony is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This […]

Severity Medium Analysis Summary CVE-2023-20088 CVSS:5.3 Cisco Finesse Reverse Proxy VPN-less is vulnerable to a denial of service, caused by improper IP address filtering by the […]

Severity Medium Analysis Summary CVE-2023-1084 CVSS:2.7 GitLab Community and Enterprise Edition could allow a remote authenticated attacker to gain elevated privileges on the system, caused by […]

Severity Medium Analysis Summary Mekotio is a banking trojan that targets users in Latin America and Europe. It is primarily distributed via phishing emails and infected […]

Severity Medium Analysis Summary CVE-2023-1118 Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in drivers/media/rc/ene_ir.c. By sending a specially-crafted request, […]

Severity High Analysis Summary The STOP/DJVU ransomware initially made headlines in 2018 and has since been attacking individuals all around the world. It’s widespread on torrent […]

Severity Medium Analysis Summary CVE-2022-4901 CVSS:3.3 Sophos Connect is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. By persuading a victim to load […]

Severity Medium Analysis Summary CVE-2022-4901 CVSS:3.3 Sophos Connect is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. By persuading a victim to load […]

Severity Medium Analysis Summary Since 2019, Guloader has been in operation as a downloader. GuLoader spreads through spam campaigns with malicious archived attachments. GuLoader downloads the […]

Severity Medium Analysis Summary CVE-2020-36652 Multiple Hitachi products could allow a local authenticated attacker to bypass security restrictions, caused by an incorrect default permissions vulnerability. By […]

Severity Medium Analysis Summary CVE-2022-4895 CVSS:8.6 Multiple Hitachi products are vulnerable to a man-in-the-middle attack, caused by improper certificate validation vulnerability. An attacker could exploit this […]

Severity Medium Analysis Summary CVE-2023-1079 CVSS:4.6 Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw flaw in the asus_kbd_backlight_set function. By […]

Severity High Analysis Summary APT-C-35 (also known as “Donot APT Group”) is a cyber espionage group that has been active since at least 2013. The group […]

Severity Medium Analysis Summary CVE-2023-23689 CVSS:5.3 Dell PowerScale nodes is vulnerable to a denial of service, caused by an uncontrolled resource consumption vulnerability. By sending a […]

Severity Medium Analysis Summary CVE-2023-20062 CVSS:5 Cisco Unified Intelligence Center is vulnerable to server-side request forgery, caused by improper input validation for specific HTTP requests. By […]

Severity High Analysis Summary CVE-2023-20078 CVSS:9.8 Cisco IP Phone 6800, 7800, and 8800 Series could allow a remote attacker to execute arbitrary commands on the system, […]

Severity Medium Analysis Summary The Blackfly espionage group, also known as APT41, Winnti Group, or Bronze Atlas, is a sophisticated threat actor group that has been […]