Severity High Analysis Summary A zero-day vulnerability in Microsoft Office is being actively exploited in the wild, and while there isn’t currently a patch, the software […]

Severity Medium Analysis Summary CVE-2022-22417 CVSS:5.4IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed […]

Severity Medium Analysis Summary CVE-2021-39018 CVSS:4.3IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose sensitive information in a SQL error message […]

Severity High Analysis Summary CVE-2022-36127 Apache SkyWalking NodeJS Agent is vulnerable to a denial of service, caused by a flaw when the OAP is unhealthy and […]

Severity High Analysis Summary CVE-2022-35741 Apache CloudStack is vulnerable to XML external entity processing, caused by a flaw when the SAML 2.0 authentication Service Provider plugin […]

Severity High Analysis Summary CVE-2022-33891 Apache Spark could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper input validation of […]

Severity High Analysis Summary CVE-2021-34538 Apache Hive could allow a remote attacker to bypass security restrictions, caused by improper authorization validation by the CREATE and DROP […]

Severity High Analysis Summary In June 2018, researchers found the UPAS Kit, a malicious programme connected to the Kronos Banking Trojan. The UPAS Kit has a […]

Severity High Analysis Summary Remcos malware has been operating since 2016. This RAT was originally promoted as genuine software for remote control of Microsoft Windows from […]