CYBER Threat Intelligence Reports
LATEST CTIs
Vulnerability in pgAdmin’s OAuth2 Authentication Mechanism (CVE-2024-9014)
A critical vulnerability in pgAdmin’s OAuth2 authentication (CVE-2024-9014, CVSS 9.9) allows attackers to compromise user data, urging immediate upgrade to version 8.12.
Read more >
CISA: Microsoft Windows Task Scheduler Privilege Escalation Vulnerability (CVE-2019-1069 )
CVE-2019-1069 is a Privilege Escalation Vulnerability in Microsoft Windows Task Scheduler, allowing local attackers to escalate from standard user to administrator privileges. Actively exploited in…
Read more >
CISA: Microsoft SQL Server Reporting Services (SSRS) Remote Code Execution Vulnerability (CVE-2020-0618)
CVE-2020-0618 is a critical Remote Code Execution vulnerability in Microsoft SQL Server Reporting Services (SSRS), allowing attackers to remotely execute arbitrary code and potentially gain…
Read more >
CISA: Oracle JDeveloper & WebLogic Server Remote Code Execution Vulnerabilities (CVE-2022-21445 and CVE-2020-14644)
CVE-2022-21445 and CVE-2020-14644 are critical remote code execution vulnerabilities affecting Oracle JDeveloper and WebLogic Server, respectively, allowing attackers to execute arbitrary code and potentially compromise…
Read more >
CISA: Apache HugeGraph-Server Improper Access Control Vulnerability (CVE-2024-27348)
CVE-2024-27348 is a high-severity vulnerability in Apache HugeGraph-Server caused by improper access control mechanisms, allowing unauthorized access to sensitive data or actions beyond intended permissions.…
Read more >
CISA: Apache OFBiz Incorrect Authorization Vulnerability (CVE-2024-38856)
CVE-2024-38856 is a critical vulnerability affecting Apache OFBiz, an open-source enterprise resource planning (ERP) system. This vulnerability allows unauthenticated attackers to execute screen rendering code…
Read more >
