Tag: CVE

CVE-2023-2825 Exploit Detection: GitLab Urges Users to Promptly Patch a Maximum Severity Flaw

GitLab has recently issued its latest critical security update v. 16.0.1, addressing a path traverse vulnerability tracked as CVE-2023-2825 with a CVSS score reaching the maximum limit of 10.0. The update affects installations running version 16.0.0., with earlier software versions being not impacted. The successful exploitation of a highly critical security bug enables unauthenticated adversaries […]

Read More
CVE-2023-27524, Insecure Default Configuration in Apache Superset
CVE-2023-27524 Detection: New Vulnerability Exposes Thousands of Apache Superset Servers to RCE Attacks

The popular open-source data visualization and data exploration tool, Apache Superset, is claimed to be vulnerable to authentication bypass and remote code execution (RCE), enabling threat actors to gain administrator access to the targeted servers and further collect user credentials and compromise data. The discovered bug is an insecure default configuration flaw tracked as CVE-2023-27524, […]

Read More
CVE-2023-27350 Exploit Detection: Critical PaperCut RCE Vulnerability Added to the CISA’s Known Exploited Vulnerabilities Catalog

PaperCut has recently reported that the company’s application servers are vulnerable to a critical RCE flaw known as CVE-2023-27350, with a CVSS of 9.8. As a response to a growing number of exploitation attempts, CISA added the discovered bug to its Known Exploited Vulnerabilities (KEV) catalog.  Detect CVE-2023-27350 Exploitation Attempts Proactive detection of vulnerability exploitation […]

Read More
Detect CVE-2022-47986 Exploits: Critical Pre-Authenticated Remote Code Execution Vulnerability in IBM Aspera Faspex

Stay alert! Adversaries set eyes on Aspena Faspex, an IBM file-exchange application frequently used by large enterprises to speed up file transfer procedures. Specifically, threat actors attempt to leverage a pre-authenticated remote code execution (RCE) vulnerability (CVE-2022-47986) affecting the app to proceed with ransomware attacks. At least two ransomware collectives were spotted exploiting CVE-2022-47986, including […]

Read More
CVE-2023-24055 Detection: Notorious Vulnerability in KeePass Potentially Exposing Cleartext Passwords

Stay alert! Security researchers have discovered a notorious vulnerability posing a serious threat to users of a popular password manager KeePass. A security flaw, tracked as CVE-2023-24055, might affect KeePass version 2.5x, potentially allowing attackers to obtain stored passwords in cleartext.  CVE-2023-24055 Detection With proof-of-concept (PoC) exploit available, and in view that KeePass is one […]

Read More
CVE-2022-42475 Detection
CVE-2022-42475 Detection: Zero-Day Vulnerability in FortiOS SSL-VPN Exploited in Attacks Against Government Entities and Large Organizations

Stay alert! Security researchers are warning the global cyber defender community of a zero-day vulnerability in FortiOS SSL-VPN, which was patched in December 2022. The security flaw tracked as CVE-2022-42475 and resulting in unauthenticated remote code execution (RCE) has been exploited in targeted attacks against government agencies and large organizations across the globe.  Detect CVE-2022-42475: […]

Read More
CVE-2022-41974, CVE-2022-41973, CVE-2022-3328 Exploit Detection: Three Linux Vulnerabilities Chained to Gain Full Root Privileges

Security experts from Qualys’ Threat Research Unit warn of a novel vulnerability  (CVE-2022-3328) in Snapd, a popular software management tool for Linux, that might be exploited for local privilege escalation and arbitrary code execution. The security issue in the spotlight can be chained with older vulnerabilities revealed in multipathd (CVE-2022-41973 & CVE-2022-41974) to escalate privileges […]

Read More
CVE-2022-3602 & CVE-2022-3786
CVE-2022-3602 & CVE-2022-3786: New High-Severity OpenSSL Vulnerabilities 

Due to a constantly evolving number of vulnerabilities affecting open-source software products, proactive detection of vulnerability exploitation remains one of the most common security use cases according to the latest SOC Prime’s Detection as Code Innovation report. At the turn of November 2022, a couple of new vulnerabilities in the OpenSSL software library identified as […]

Read More
Detect CVE-2021-39144: Critical Remote Code Execution Vulnerability in VMware Cloud Foundation via XStream Open Source Library

Another day, another exploit emerges in the wild to cause a headache for security practitioners. VMware warns of a public exploit code available for a recently-patched critical remote code execution (RCE) vulnerability (CVE-2021-39144) in VMware Cloud Foundation and NSX Manager. Leveraging this flaw, unauthenticated threat actors might execute the malicious code with the highest system […]

Read More
Detecting Text4Shell (CVE-2022-42889), Critical RCE in Apache Commons Text

Threat actors don’t sleep, and cyber defenders cannot sleep a wink either to keep up with emerging threats. In 2022, a wave of critical “shell” vulnerabilities has been flooding the cyber threat arena, starting with the loud appearance of Log4Shell at the turn of the year, followed by Spring4Shell in March, then ProxyNotShell just one […]

Read More