Home
» Risk & Exploitation
» Daily threat intelligence
» Aug 9, 2021
Aug 9, 2021 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
WordPress plugin RCE/exploit activity: 2 CVEs flagged today.
10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
CVE-2021-32798
The Jupyter notebook is a web-based notebook environment for interactive computing.
New critical Jupyter Notebook cross-site scripting (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
CVE-2013-6276
QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in authorized_keys files.
CVSS 9.8
Potential privilege escalation to admin/root
New critical Qnap Viocard-100 Firmware privilege escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
CVE-2014-9320
Sap Businessobjects Edge privilege escalation
CVSS 9.8
Potential privilege escalation to admin/root
New critical Sap Businessobjects Edge privilege escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in authorized_keys files.
SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and consequently gain SYST...
rConfig 3.9.5 allows command injection by sending a crafted GET request to lib/ajaxHandlers/ajaxArchiveFiles.php since the path parameter...
Dell OpenManage Enterprise versions prior to 3.6.1 contain an improper authentication vulnerability.
Dell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools.
Dell OpenManage Enterprise versions 3.4 through 3.6.1 and Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00, contain a...
A sanitization vulnerability exists in Rocket.Chat server versions <3.13.2, <3.12.4, <3.11.4 that allowed queries to an endpoint which co...
The Workreap WordPress theme before 2.2.2 AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform...
The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astra_paginati...
The Jupyter notebook is a web-based notebook environment for interactive computing.
View critical disclosures
cvelogic
Threat Intelligence