Jul 13, 2021 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Apache Tomcat: public exploit or PoC linked (cross-site scripting)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2019-0221 Apache Tomcat cross-site scripting

  • Public exploit or PoC available
  • Exploit activity linked

Apache Tomcat cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2018-11784 Apache Communications Application Session Controller

  • Public exploit or PoC available
  • Exploit activity linked

Public exploit or PoC linked — exploitation bar is lower than disclosure-only CVEs.

Critical exposure

CVE-2020-22873 Jsish Buffer Overflow

  • CVSS 9.8

New critical Jsish Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2019-0221 Exploit

The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without esc...

CVE-2018-11784 Exploit

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a dire...

CVE-2018-15139 Exploit

Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated att...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2020-22873 CVSS 9.8

Buffer overflow vulnerability in function NumberToPrecisionCmd in jsish before 3.0.7, allows remote attackers to execute arbitrary code.

CVE-2020-22874 CVSS 9.8

Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish before 3.0.8, allows remote attackers to execute arbitrary code.

CVE-2020-22875 CVSS 9.8

Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote attackers to execute arbitrary code.

CVE-2020-22884 CVSS 9.8

Buffer overflow vulnerability in function jsvGetStringChars in Espruino before RELEASE_2V09, allows remote attackers to execute arbitrary...

CVE-2021-1965 CVSS 9.8

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdr...

CVE-2021-21994 CVSS 9.8

SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability.

CVE-2021-31217 CVSS 9.1

In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM.

CVE-2021-33578 CVSS 9.8

Echo ShareCare 8.15.5 is susceptible to SQL injection vulnerabilities when processing remote input from both authenticated and unauthenti...

CVE-2021-34552 CVSS 9.8

Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a c...

CVE-2021-36124 CVSS 9.8

An issue was discovered in Echo ShareCare 8.15.5.

View critical disclosures

cvelogic Threat Intelligence