Oct 17, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2020-8974 Zigor Zgr Tps200 Ng Firmware

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2022-2884 New critical Gitlab RCE disclosed.

  • CVSS 9.9
  • Remote code execution exposure

New critical Gitlab RCE (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-2992 New critical Gitlab RCE disclosed.

  • CVSS 9.9
  • Remote code execution exposure

New critical Gitlab RCE (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2020-8973 CVSS 9.3

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests.

CVE-2020-8974 CVSS 10

In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction.

CVE-2020-8976 CVSS 9.6

The integrated server of the ZGR TPS200 NG on its 2.00 firmware version and 1.01 hardware version, allows a remote attacker to perform ac...

CVE-2022-0699 CVSS 9.8

A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases.

CVE-2022-22128 CVSS 9.8

Tableau discovered a path traversal vulnerability affecting Tableau Server Administration Agent’s internal file transfer service that cou...

CVE-2022-32176 CVSS 9

In "Gin-Vue-Admin", versions v2.5.1 through v2.5.3b are vulnerable to Unrestricted File Upload that leads to execution of javascript code...

CVE-2022-40055 CVSS 9.8

An issue in GX Group GPON ONT Titanium 2122A T2122-V1.26EXL allows attackers to escalate privileges via a brute force attack at the login...

CVE-2022-42149 CVSS 9.8

kkFileView 4.0 is vulnerable to Server-side request forgery (SSRF) via controller\OnlinePreviewController.java.

View critical disclosures

cvelogic Threat Intelligence