Apr 5, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Washington I-tech Trainsmart: public exploit or PoC linked (SQL Injection)
  • 9 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2020-5330 Dell Pc5500 Firmware Info Disclosure

  • Public exploit or PoC available
  • Exploit activity linked

Dell Pc5500 Firmware Info Disclosure now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2021-36520 Washington I-tech Trainsmart SQL Injection

  • Public exploit or PoC available
  • Exploit activity linked

Washington I-tech Trainsmart SQL Injection now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2023-28849 GLPI is a free asset and IT management software package.

  • CVSS 10

New critical Glpi-project Glpi SQL Injection (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2021-33990 Exploit

Liferay Portal 6.2.5 allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders.html exists.

CVE-2021-36520 Exploit

A SQL injection vulnerability in I-Tech Trainsmart r1044 exists via a evaluation/assign-evaluation?id= URI.

CVE-2023-24626 Exploit

socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows l...

CVE-2023-22855 Exploit

Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution.

CVE-2022-48110 Exploit

CKSource CKEditor 5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget.

CVE-2023-23286 Exploit

Cross Site Scripting (XSS) vulnerability in Provide server 14.4 allows attackers to execute arbitrary code through the server-log via use...

CVE-2023-0744 Exploit

Improper Access Control in GitHub repository answerdev/answer prior to 1.0.4.

CVE-2022-44267 Exploit

ImageMagick 7.1.0-49 is vulnerable to Denial of Service.

CVE-2022-44268 Exploit

ImageMagick 7.1.0-49 is vulnerable to Information Disclosure.

CVE-2022-46552 Exploit

D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticl...

CVE-2022-46604 Exploit

An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a cr...

CVE-2022-4510 Exploit

A path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-31890 CVSS 9.8

SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae...

CVE-2022-4939 CVSS 9.8

THe WCFM Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including 2.10.0, due to a missing...

CVE-2023-1782 CVSS 9.9

HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypass intended ACL authorizations for clu...

CVE-2023-1788 CVSS 9.8

Insufficient Session Expiration in GitHub repository firefly-iii/firefly-iii prior to 6.

CVE-2023-1877 CVSS 9.8

Command Injection in GitHub repository microweber/microweber prior to 1.3.3.

CVE-2023-24720 CVSS 9.8

An arbitrary file upload vulnerability in readium-js v0.32.0 allows attackers to execute arbitrary code via uploading a crafted EPUB file.

CVE-2023-25330 CVSS 9.8

A SQL injection vulnerability in Mybatis plus below 3.5.3.1 allows remote attackers to execute arbitrary SQL commands via the tenant ID v...

CVE-2023-28838 CVSS 9.6

GLPI is a free asset and IT management software package.

CVE-2023-28849 CVSS 10

GLPI is a free asset and IT management software package.

View critical disclosures

cvelogic Threat Intelligence