May 21, 2024 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2023-3943 Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the...

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2021-47274 Linux Kernel Memory Corruption

  • CVSS 9.8

New critical Linux Kernel Memory Corruption (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2024-35056 Nasa Ait Core SQL Injection

  • CVSS 9.8

New critical Nasa Ait Core SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-47274 CVSS 9.8

In the Linux kernel, the following vulnerability has been resolved: tracing: Correct the length check which causes memory corruption We'v...

CVE-2021-47348 CVSS 9.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid HDCP over-read and corruption Instead of readi...

CVE-2021-47354 CVSS 9.1

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Avoid data corruptions Wait for all dependencies of a job...

CVE-2021-47378 CVSS 9.8

In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We...

CVE-2023-3943 CVSS 10

Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the execution of arbitrary code.

CVE-2023-52735 CVSS 9.1

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself s...

CVE-2023-52801 CVSS 9.1

In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix missing update of domains_itree after splitting iopt_are...

CVE-2023-52832 CVSS 9.1

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't return unset power in ieee80211_get_tx_power()...

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.

CVE-2024-35056 CVSS 9.8

NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the query_packets and insert functions.

View critical disclosures

cvelogic Threat Intelligence