Mar 24, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2023-28444 Angular-server-side-configuration Project Angular-server-side-configuration

  • CVSS 9.9

New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2023-20951 Google Android RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Google Android RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2023-20954 Google Android RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Google Android RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-45597 CVSS 9.8

ComponentSpace.Saml2 4.4.0 Missing SSL Certificate Validation.

CVE-2023-20951 CVSS 9.8

In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check.

CVE-2023-20954 CVSS 9.8

In SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds write due to an incorrect bounds check.

CVE-2023-21057 CVSS 9.8

In ProfSixDecomTcpSACKoption of RohcPacketCommon, there is a possible out of bounds write due to a missing bounds check.

CVE-2023-21058 CVSS 9.8

In lcsm_SendRrAcquiAssist of lcsm_bcm_assist.c, there is a possible out of bounds write due to a missing bounds check.

CVE-2023-23149 CVSS 9.8

DEK-1705 <=Firmware:34.23.1 device was discovered to have a command execution vulnerability.

CVE-2023-25668 CVSS 9.8

TensorFlow is an open source platform for machine learning.

CVE-2023-26864 CVSS 9.8

SQL injection vulnerability found in PrestaShop smplredirectionsmanager v.1.1.19 and before allow a remote attacker to gain privileges vi...

CVE-2023-28437 CVSS 9.8

Dataease is an open source data visualization and analysis tool.

CVE-2023-28444 CVSS 9.9

angular-server-side-configuration helps configure an angular application at runtime on the server or in a docker container via environmen...

View critical disclosures

cvelogic Threat Intelligence