Cybersecurity Alerts

Actively Exploited Vulnerabilities

The vulnerabilities listed below are sourced from the CISA Known Exploited Vulnerabilities catalog and represent security flaws that are actively being exploited in the wild. This list is updated daily. If you are unsure whether your systems are affected, contact us and we will help you assess your exposure.

CVE-2023-40044Active Ransomware Campaign
Progress | WS_FTP Server
Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability
Progress WS_FTP Server contains a deserialization of untrusted data vulnerability in the Ad Hoc Transfer module that allows an authenticated attacker to execute remote commands on the underlying operating system.
Added 2023-10-05
Remediation Deadline 2023-10-26
CVE-2023-22515Active Ransomware Campaign
Atlassian | Confluence Data Center and Server
Atlassian Confluence Data Center and Server Broken Access Control Vulnerability
Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence.
Added 2023-10-05
Remediation Deadline 2023-10-13
CVE-2023-42793Active Ransomware Campaign
JetBrains | TeamCity
JetBrains TeamCity Authentication Bypass Vulnerability
JetBrains TeamCity contains an authentication bypass vulnerability that allows for remote code execution on TeamCity Server.
Added 2023-10-04
Remediation Deadline 2023-10-25
CVE-2023-28229
Microsoft | Windows CNG Key Isolation Service
Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability
Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain specific limited SYSTEM privileges.
Added 2023-10-04
Remediation Deadline 2023-10-25
CVE-2023-4211
Arm | Mali GPU Kernel Driver
Arm Mali GPU Kernel Driver Use-After-Free Vulnerability
Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.
Added 2023-10-03
Remediation Deadline 2023-10-24
CVE-2023-5217
Google | Chromium libvpx
Google Chromium libvpx Heap Buffer Overflow Vulnerability
Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using libvpx, including but not limited to Google Chrome.
Added 2023-10-02
Remediation Deadline 2023-10-23
CVE-2018-14667
Red Hat | JBoss RichFaces Framework
Red Hat JBoss RichFaces Framework Expression Language Injection Vulnerability
Red Hat JBoss RichFaces Framework contains an expression language injection vulnerability via the UserResource resource. A remote, unauthenticated attacker could exploit this vulnerability to execute malicious code using a chain of Java serialized objects via org.ajax4jsf.resource.UserResource$UriData.
Added 2023-09-28
Remediation Deadline 2023-10-19
CVE-2023-41993
Apple | Multiple Products
Apple Multiple Products WebKit Code Execution Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Added 2023-09-25
Remediation Deadline 2023-10-16
CVE-2023-41992
Apple | Multiple Products
Apple Multiple Products Kernel Privilege Escalation Vulnerability
Apple iOS, iPadOS, macOS, and watchOS contain an unspecified vulnerability that allows for local privilege escalation.
Added 2023-09-25
Remediation Deadline 2023-10-16
CVE-2023-41991
Apple | Multiple Products
Apple Multiple Products Improper Certificate Validation Vulnerability
Apple iOS, iPadOS, macOS, and watchOS contain an improper certificate validation vulnerability that can allow a malicious app to bypass signature validation.
Added 2023-09-25
Remediation Deadline 2023-10-16
CVE-2023-41179
Trend Micro | Apex One and Worry-Free Business Security
Trend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability
Trend Micro Apex One and Worry-Free Business Security contain an unspecified vulnerability in the third-party anti-virus uninstaller that could allow an attacker to manipulate the module to conduct remote code execution. An attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.
Added 2023-09-21
Remediation Deadline 2023-10-12
CVE-2023-28434
MinIO | MinIO
MinIO Security Feature Bypass Vulnerability
MinIO contains a security feature bypass vulnerability that allows an attacker to use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket` to conduct privilege escalation. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access.
Added 2023-09-19
Remediation Deadline 2023-10-10
CVE-2022-22265
Samsung | Mobile Devices
Samsung Mobile Devices Use-After-Free Vulnerability
Samsung devices with selected Exynos chipsets contain a use-after-free vulnerability that allows malicious memory write and code execution.
Added 2023-09-18
Remediation Deadline 2023-10-09
CVE-2021-3129Active Ransomware Campaign
Laravel | Ignition
Laravel Ignition File Upload Vulnerability
Laravel Ignition contains a file upload vulnerability that allows unauthenticated remote attackers to execute malicious code due to insecure usage of file_get_contents() and file_put_contents().
Added 2023-09-18
Remediation Deadline 2023-10-09
CVE-2017-6884Active Ransomware Campaign
Zyxel | EMG2926 Routers
Zyxel EMG2926 Routers Command Injection Vulnerability
Zyxel EMG2926 routers contain a command injection vulnerability located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute malicious commands on the router, such as the ping_ip parameter to the expert/maintenance/diagnostic/nslookup URI.
Added 2023-09-18
Remediation Deadline 2023-10-09
CVE-2014-8361
Realtek | SDK
Realtek SDK Improper Input Validation Vulnerability
Realtek SDK contains an improper input validation vulnerability in the miniigd SOAP service that allows remote attackers to execute malicious code via a crafted NewInternalClient request.
Added 2023-09-18
Remediation Deadline 2023-10-09
CVE-2023-26369
Adobe | Acrobat and Reader
Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability
Adobe Acrobat and Reader contains an out-of-bounds write vulnerability that allows for code execution.
Added 2023-09-14
Remediation Deadline 2023-10-05
CVE-2023-4863
Google | Chromium WebP
Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. This vulnerability can affect applications that use the WebP Codec.
Added 2023-09-13
Remediation Deadline 2023-10-04
CVE-2023-35674
Android | Framework
Android Framework Privilege Escalation Vulnerability
Android Framework contains an unspecified vulnerability that allows for privilege escalation.
Added 2023-09-13
Remediation Deadline 2023-10-04
CVE-2023-20269Active Ransomware Campaign
Cisco | Adaptive Security Appliance and Firepower Threat Defense
Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability
Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or establish a clientless SSL VPN session with an unauthorized user.
Added 2023-09-13
Remediation Deadline 2023-10-04
CVE-2023-36802
Microsoft | Streaming Service Proxy
Microsoft Streaming Service Proxy Privilege Escalation Vulnerability
Microsoft Streaming Service Proxy contains an unspecified vulnerability that allows for privilege escalation.
Added 2023-09-12
Remediation Deadline 2023-10-03
CVE-2023-36761
Microsoft | Word
Microsoft Word Information Disclosure Vulnerability
Microsoft Word contains an unspecified vulnerability that allows for information disclosure.
Added 2023-09-12
Remediation Deadline 2023-10-03
CVE-2023-41064
Apple | iOS, iPadOS, and macOS
Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability
Apple iOS, iPadOS, and macOS contain a buffer overflow vulnerability in ImageIO when processing a maliciously crafted image, which may lead to code execution. This vulnerability was chained with CVE-2023-41061.
Added 2023-09-11
Remediation Deadline 2023-10-02
CVE-2023-41061
Apple | iOS, iPadOS, and watchOS
Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability
Apple iOS, iPadOS, and watchOS contain an unspecified vulnerability due to a validation issue affecting Wallet in which a maliciously crafted attachment may result in code execution. This vulnerability was chained with CVE-2023-41064.
Added 2023-09-11
Remediation Deadline 2023-10-02
CVE-2023-33246
Apache | RocketMQ
Apache RocketMQ Command Execution Vulnerability
Several components of Apache RocketMQ, including NameServer, Broker, and Controller, are exposed to the extranet and lack permission verification. An attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as or achieve the same effect by forging the RocketMQ protocol content.
Added 2023-09-06
Remediation Deadline 2023-09-27
CVE-2023-38831Active Ransomware Campaign
RARLAB | WinRAR
RARLAB WinRAR Code Execution Vulnerability
RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file within a ZIP archive.
Added 2023-08-24
Remediation Deadline 2023-09-14
CVE-2023-32315
Ignite Realtime | Openfire
Ignite Realtime Openfire Path Traversal Vulnerability
Ignite Realtime Openfire contains a path traversal vulnerability that allows an unauthenticated attacker to access restricted pages in the Openfire Admin Console reserved for administrative users.
Added 2023-08-24
Remediation Deadline 2023-09-14
CVE-2023-38035Active Ransomware Campaign
Ivanti | Sentry
Ivanti Sentry Authentication Bypass Vulnerability
Ivanti Sentry, formerly known as MobileIron Sentry, contains an authentication bypass vulnerability that may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.
Added 2023-08-22
Remediation Deadline 2023-09-12
CVE-2023-27532Active Ransomware Campaign
Veeam | Backup & Replication
Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability
Veeam Backup & Replication Cloud Connect component contains a missing authentication for critical function vulnerability that allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.
Added 2023-08-22
Remediation Deadline 2023-09-12
CVE-2023-26359
Adobe | ColdFusion
Adobe ColdFusion Deserialization of Untrusted Data Vulnerability
Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could result in code execution in the context of the current user.
Added 2023-08-21
Remediation Deadline 2023-09-11