Severity High Analysis Summary CVE-2021-44477 GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity (XXE) vulnerability using the DTD parameter entities technique that […]

Severity High Analysis Summary CVE-2021-39031  IBM WebSphere Application Server – Liberty 17.0.0.3 through 22.0.0.1 could allow a remote authenticated attacker to conduct an LDAP injection. By […]

Severity Medium Analysis Summary CVE-2021-43588  Dell EMC Data Protection Central is vulnerable to a denial of service, caused by an improper input validation vulnerability. By sending […]

Severity High Analysis Summary CVE-2021-4088  McAfee Data Loss Prevention (DLP) ePO extension is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements […]

Severity High Analysis Summary CVE-2021-23518 Node.js cached-path-relative module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw […]

Severity High Analysis Summary At the end of 2021, Japanese eCommerce merchants were victim to a digital skimming campaign through a popular open-source eCommerce solution. Based […]

Severity High Analysis Summary SharpPanda, the Chinese advanced persistent (APT) threat actor that has been active since at least 2018, has reinforced its cyber warfare activities. […]

Severity High Analysis Summary Molerats APT – also known as Moonlight, Extreme Jackal, and Gaza Hackers Team – have been active since 2012. They made headlines […]

Severity High Analysis Summary QBot, often known as QakBot, is modular information malware. It has been operational since 2007. This banking Trojan, QakBot steals financial data […]