Mar 29, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Wpallimport Wp All Import: public exploit or PoC linked (RCE)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2022-1565 Wpallimport Wp All Import RCE

  • Public exploit or PoC available
  • Exploit activity linked
  • Remote code execution exposure

Wpallimport Wp All Import RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2022-36979 Ivanti Avalanche SQL injection

  • CVSS 9.8

New critical Ivanti Avalanche SQL injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2023-28501 Rocketsoftware Unidata RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Rocketsoftware Unidata RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2022-1565 Exploit

The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php fil...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-36978 CVSS 9.8

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490.

CVE-2022-36979 CVSS 9.8

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490.

CVE-2022-36981 CVSS 9.8

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.3.101.

CVE-2022-36983 CVSS 9.8

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche.

CVE-2022-43634 CVSS 9.8

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk.

CVE-2023-28501 CVSS 9.8

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer f...

CVE-2023-28502 CVSS 9.8

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer f...

CVE-2023-28503 CVSS 9.8

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer f...

CVE-2023-28504 CVSS 9.8

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer f...

CVE-2023-28507 CVSS 9.8

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer f...

View critical disclosures

cvelogic Threat Intelligence