Mar 25, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

Microsoft Windows: 7 CVEs added to CISA KEV today.
10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2005-2773 HP OpenView Network Node Manager Remote Code Execution

Actively exploited (CISA KEV)
Listed on CISA KEV
Remote code execution exposure

Hewlett Packard (HP) OpenView Network Node Manager RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2022-22995 Fedoraproject Fedora

CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2022-24783 Deno is a runtime for JavaScript and TypeScript.

CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2022-26143 KEV

MiCollab, MiVoice Business Express Access Control

CVE-2022-26318 KEV

WatchGuard Firebox and XTM Appliances Arbitrary Code Execution

CVE-2022-21999 KEV

Microsoft Windows Print Spooler Privilege Escalation

CVE-2021-42237 KEV

Sitecore XP Remote Command Execution

CVE-2021-22941 KEV

Citrix ShareFile Improper Access Control

CVE-2020-2506 KEV

QNAP Helpdesk Improper Access Control

CVE-2020-25223 KEV

Sophos SG UTM Remote Code Execution

CVE-2020-9377 KEV

D-Link DIR-610 Devices Remote Command Execution

CVE-2020-2021 KEV

Palo Alto Networks PAN-OS Authentication Bypass

CVE-2020-5410 KEV

VMware Tanzu Spring Cloud Config Directory Traversal

CVE-2020-1956 KEV

Apache Kylin OS Command Injection

CVE-2020-1631 KEV

Juniper Junos OS Path Traversal

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-26622 CVSS 9.6

An remote code execution vulnerability due to SSTI vulnerability and insufficient file name parameter validation was discovered in Genian...

CVE-2021-43090 CVSS 9.8

An XML External Entity (XXE) vulnerability exists in soa-model before 1.6.4 in the WSDLParser function.

CVE-2021-43636 CVSS 9.8

Two Buffer Overflow vulnerabilities exists in T10 V2_Firmware V4.1.8cu.5207_B20210320 in the http_request_parse function when processing...

CVE-2022-1040 CVSS 9.8

Sophos Firewall Authentication Bypass

CVE-2022-22274 CVSS 9.8

A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of S...

CVE-2022-22687 CVSS 9.8

Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in Authentication functionality in Synology DiskStat...

CVE-2022-22995 CVSS 10

The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files.

CVE-2022-24783 CVSS 10

Deno is a runtime for JavaScript and TypeScript.

CVE-2022-25577 CVSS 9.1

ALF-BanCO v8.2.5 and below was discovered to use a hardcoded password to encrypt the SQLite database containing the user's data.

CVE-2022-27919 CVSS 9.8

Gradle Enterprise before 2022.1 allows remote code execution if the installation process did not specify an initial configuration file.

View critical disclosures

cvelogic Threat Intelligence