Severity Medium Analysis Summary CVE-2023-24440 CVSS:5.3 Jenkins JIRA Pipeline Steps Plugin could allow a local authenticated attacker to obtain sensitive information, caused by the transmission of […]

Severity Medium Analysis Summary CVE-2023-24458 CVSS:4.3 Jenkins BearyChat Plugin is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated […]

Severity Medium Analysis Summary CVE-2023-24448 CVSS:4.3 Jenkins RabbitMQ Consumer Plugin could allow a remote authenticated attacker to bypass security restrictions, caused by not perform a permission […]

Severity Medium Analysis Summary CVE-2023-24446 CVSS:5.4 Jenkins OpenID Plugin is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated […]

Severity High Analysis Summary CVE-2022-47615 CVSS:9.3 LearnPress plugin for WordPress could allow a remote attacker to include arbitrary files. An attacker could send a specially-crafted URL […]

Severity High Analysis Summary DCRat – a Russian backdoor, was initially introduced in 2018, but rebuilt and relaunched a year later. The DCRat backdoor appears to […]

Severity High Analysis Summary Lazarus APT is one of North Korea’s most sophisticated threat actors, operating since at least 2009. Initially, they concentrated on South Korea. […]

Severity Medium Analysis Summary The AZORULT malware is an information stealer which was discovered in 2016. This malware steals IDs, browsing history, cookies, passwords, and other […]

Severity High Analysis Summary APT-C-35 (also known as “Donot APT Group”) is a cyber espionage group that has been active since at least 2013. The group […]