Severity High Analysis Summary CVE-2022-43782  Atlassian Crowd could allow a remote attacker to bypass security restrictions, caused by a security misconfiguration flaw. By sending a specially-crafted […]

Severity High Analysis Summary Hidden Cobra aka Lazarus APT, AppleWorm, APT C-26, Group-77, Guardians of Peace, Official 91, Red Dot, Term.Hermit, or Zinc, is one of […]

Severity High Analysis Summary CVE-2022-40308 If anonymous read enabled, it’s possible to read the database file directly without logging in. Impact Arbitrary Code Execution Indicators Of […]

Severity Low Analysis Summary CVE-2022-45470 Apache Hama could allow a remote attacker to obtain sensitive information. By using a path traversal and XSS attack, an attacker […]

Severity Medium Analysis Summary CVE-2022-34320 CVSS:5.9IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CVE-2022-34319 […]

Severity High Analysis Summary CVE-2022-38385 CVSS:7.1IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.2.0 could allow an authenticated user to obtain highly sensitive information or perform […]

Severity High Analysis Summary CVE-2022-40752 IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements Impact Gain Access […]

Severity Low Analysis Summary CVE-2022-40228  IBM DataPower Gateway 10.0.3.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.9, 2018.4.1.0 through 2018.4.1.22, and 10.5.0.0 through 10.5.0.2 does not invalidate session after […]

Severity High Analysis Summary Kimsuky – aka Thallium, Black Banshee, Velvet Chollima – is a North Korean nation-state actor that has been active since 2012. It primarily targets […]