Critical exposure
CVE-2023-27874 Ibm Aspera Faspex XXE
- CVSS 9.9
New critical Ibm Aspera Faspex XXE (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Ibm Aspera Faspex XXE (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Pacsrapor SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Fedoraproject Chrome memory safety (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5.
An insecure password reset issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 service via insecure expiry mech...
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pacsrapor allows SQL Injection, Com...
Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corr...
Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6.
The eo_tags package before 1.3.0 for PrestaShop allows SQL injection via an HTTP User-Agent or Referer header.
The eo_tags package before 1.4.19 for PrestaShop allows SQL injection via a crafted _ga cookie.
In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer.
IBM Aspera Faspex 4.4.2 is vulnerable to an XML external entity injection (XXE) attack when processing XML data.
General Bytes Crypto Application Server (CAS) 20230120, as distributed with General Bytes BATM devices, allows remote attackers to execut...