New assessment for topic: CVE-2022-30190

Topic description: "A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/9e4f2c9a-4bcb-43f0-bcf7-6b98d8d57f85

New assessment for topic: CVE-2022-41352

Topic description: "An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0 ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/031d7723-9ba0-42e3-949e-0fd0023a328a

New assessment for topic: CVE-2022-27925

Topic description: "Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/ee3b517d-6f8c-4350-b3c4-94d6681a3def

New assessment for topic: CVE-2023-21932

Topic description: "Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: OXI) ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/03ea1594-bd67-4da4-952a-f17c6208f2fe

New assessment for topic: CVE-2023-25690

Topic description: "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/75c9ef37-d85e-4799-8471-f087cc754cd1

New assessment for topic: CVE-2023-27997

Topic description: "A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests. ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/b526523b-c8b2-46b2-9bf5-1d69c9534281

New assessment for topic: CVE-2023-2868

Topic description: "A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006 ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/f48521ba-fe68-4383-b8df-4a76c6aecd3b

New assessment for topic: CVE-2023-28771

Topic description: "Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device. ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/ba03c205-10cf-4274-bc51-4044b3fd471b

New assessment for topic: CVE-2023-33010

Topic description: "A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device. ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/77f196ee-1ff3-4fa0-90ca-4d8e0ecf55db

New assessment for topic: CVE-2023-3079

Topic description: "Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/de3d77c0-5856-446c-8acc-df8c0f2681cf

New assessment for topic: CVE-2023-32315

Topic description: "Openfire is an XMPP server licensed under the Open Source Apache License ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/d1d84de3-4abd-4d3d-bad1-6a9f798a615c

New assessment for topic: CVE-2023-32784

Topic description: "In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/e6e3b25c-3279-400b-b6b7-397904bb7d27

New assessment for topic: CVE-2023-33246

Topic description: "For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution.  ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/815067a4-8276-44b2-9c1b-41ab19a9fa99

New assessment for topic: CVE-2023-35078

Topic description: "An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication. ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/2225eafb-1ea4-4c7d-ac77-fe562d5c27c7

New assessment for topic: CVE-2021-3018

Topic description: "ipeak Infosystems ibexwebCMS (aka IPeakCMS) 3.5 is vulnerable to an unauthenticated Boolean-based SQL injection via the id parameter on the /cms/print.php page. ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/d7a80eeb-5538-4752-8c12-aee8cbbf6bb2

New assessment for topic: CVE-2021-40684

Topic description: "Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running in the container. ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/d8a5a489-a4aa-4a1a-bb22-2ef2577cc099

New assessment for topic: CVE-2021-41773

Topic description: "A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49 ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/2e742be1-1968-4935-9a6d-a4cb2d572ab0

New assessment for topic: CVE-2019-7609

Topic description: "Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer ..."

"Exploited by North Korean state-sponsored attackers according to a July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/1c84367c-9126-4988-87a0-fc9ef017d880

New assessment for topic: CVE-2019-15637

Topic description: "Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS ..."

"Exploited by North Korean state-sponsored attackers according to a July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/7b9ee876-f735-4ece-a860-4f8747c641c2

New assessment for topic: CVE-2017-4946

Topic description: "The VMware V4H and V4PA desktop agents (6.x before 6.5.1) contain a privilege escalation vulnerability ..."

"Exploited by North Korean state-sponsored attackers according to a July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/54887518-c21f-46d1-93d6-ec599cc77a7c