Today > 2 Critical | 6 High | 16 Medium vulnerabilities   -   You can now download lists of IOCs here!

Tag: 2025-01-13

3 attack reports | 108 vulnerabilities

Attack reports

Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations

A cyber espionage campaign targeting Central Asian countries, particularly Kazakhstan's external relations, has been uncovered. The campaign, attributed to the Russia-aligned intrusion set UAC-0063, uses a sophisticated infection chain called Double-Tap to deliver the HATVIBE and CHERRYSPY malware.…

apt28
cyber espionage
2025-01-13
kazakhstan
cherryspy
diplomatic
central asia
double-tap
hatvibe
Published: January 13, 2025

Downloadable IOCs 12

Infostealer LummaC2 Spreading Through Fake CAPTCHA Verification Page

A new distribution method for the LummaC2 infostealer malware has been identified, using a fake CAPTCHA verification page. The process begins with a deceptive authentication screen that copies a malicious command to the clipboard when users click 'I'm not a robot'. This command executes an obfuscat…

obfuscation
phishing
powershell
lummac2
infostealer
cryptocurrency
captcha
2025-01-13
clipbanker
Published: January 13, 2025

Downloadable IOCs 4

Exploitation in the Wild of Aviatrix Controller RCE (CVE-2024-50603)

A critical code execution vulnerability, CVE-2024-50603, affecting Aviatrix Controller has been observed being exploited in the wild. This unauthenticated remote code execution flaw allows attackers to execute arbitrary commands on the system, potentially leading to privilege escalation in AWS envi…

backdoor
xmrig
sliver
cloud security
cryptojacking
privilege escalation
aws
rce
CVE-2024-50603
2025-01-13
aviatrix controller
Published: January 13, 2025

Downloadable IOCs 6

» Click here to see all Attack Reports «

Vulnerabilities

CVE-2024-46479

9.9
Venki Supravizio BPM
Published: January 13, 2025

CVE-2025-22777

9.8
GiveWP
Published: January 13, 2025

CVE-2024-5743

9.8
Eve Play
Published: January 13, 2025

CVE-2024-47897

8.8
UNKNOWN
Published: January 13, 2025

CVE-2023-42244

8.8
Selesta Visual Access Manager (VAM)
Published: January 13, 2025

CVE-2024-47796

8.4
OFFIS DCMTK
Published: January 13, 2025

CVE-2024-52333

8.4
OFFIS DCMTK
Published: January 13, 2025

CVE-2024-46480

8.4
Venki Supravizio BPM
Published: January 13, 2025

CVE-2025-0412

7.8
Luxion KeyShot Viewer
Published: January 13, 2025

CVE-2024-52938

7.8
Unknown
Published: January 13, 2025

CVE-2024-12274

7.5
Appointment Booking Calendar Plugin
Published: January 13, 2025

CVE-2025-22963

7.5
Teedy
Published: January 13, 2025

CVE-2024-46481

7.2
Venki Supravizio BPM
Published: January 13, 2025

CVE-2024-47894

7.1
UNKNOWN
Published: January 13, 2025

CVE-2024-47895

7.1
UNKNOWN
Published: January 13, 2025

CVE-2024-56065

7.1
WP2LEADS
Published: January 13, 2025

CVE-2024-56301

7.1
Eniture Technology Distance Based Shipping Calculator
Published: January 13, 2025

CVE-2025-22314

7.1
WP Scripts Food Store – Online Food Delivery & Pickup
Published: January 13, 2025

CVE-2025-22337

7.1
Order Audit Log for WooCommerce
Published: January 13, 2025

CVE-2025-22344

7.1
Media Category Library
Published: January 13, 2025

CVE-2025-22498

7.1
LucidLMS
Published: January 13, 2025

CVE-2025-22499

7.1
FAKTOR VIER F4 Post Tree
Published: January 13, 2025

CVE-2025-22506

7.1
SmartAgenda
Published: January 13, 2025

CVE-2025-22514

7.1
Yamna Tatheer KNR Author List Widget
Published: January 13, 2025

CVE-2025-22567

7.1
TRUSTist REVIEWer
Published: January 13, 2025

CVE-2025-22568

7.1
Post And Page Reactions
Published: January 13, 2025

CVE-2025-22569

7.1
Featured Page Widget
Published: January 13, 2025

CVE-2025-22570

7.1
Miloš Đekić Inline Tweets
Published: January 13, 2025

CVE-2025-22576

7.1
Site PIN
Published: January 13, 2025

CVE-2025-22583

7.1
Scan External Links
Published: January 13, 2025

CVE-2025-22586

7.1
WPEX Replace DB Urls
Published: January 13, 2025

CVE-2025-22588

7.1
Scanventory
Published: January 13, 2025

CVE-2024-52937

6.7
UNKNOWN
Published: January 13, 2025

CVE-2024-54999

6.5
MonicaHQ
Published: January 13, 2025

CVE-2024-57487

6.5
Code-Projects Online Car Rental System
Published: January 13, 2025

CVE-2024-57488

6.5
Online Car Rental System
Published: January 13, 2025

CVE-2024-46920

6.5
Samsung Mobile Processor Exynos 9820
Published: January 13, 2025

CVE-2025-0402

6.3
UNKNOWN
Published: January 13, 2025

CVE-2025-0404

6.3
liujianview gymxmjpa
Published: January 13, 2025

CVE-2025-0405

6.3
UNKNOWN
Published: January 13, 2025

CVE-2025-0406

6.3
liujianview gymxmjpa
Published: January 13, 2025

CVE-2025-0407

6.3
UNKNOWN
Published: January 13, 2025

CVE-2025-0408

6.3
liujianview gymxmjpa
Published: January 13, 2025

CVE-2025-0409

6.3
liujianview gymxmjpa
Published: January 13, 2025

CVE-2025-0410

6.3
liujianview gymxmjpa
Published: January 13, 2025

CVE-2024-44771

6.1
BigId PrivacyPortal
Published: January 13, 2025

CVE-2025-23026

6.1
jte (Java Template Engine)
Published: January 13, 2025

CVE-2023-42230

6.1
Pat Infinite Solutions HelpdeskAdvanced
Published: January 13, 2025

CVE-2023-42233

6.1
Pat Infinite Solutions HelpdeskAdvanced
Published: January 13, 2025

CVE-2023-42245

6.1
Selesta Visual Access Manager
Published: January 13, 2025

CVE-2023-42246

6.1
Selesta Visual Access Manager
Published: January 13, 2025

CVE-2023-42247

6.1
Selesta Visual Access Manager
Published: January 13, 2025

CVE-2023-42249

6.1
Selesta Visual Access Manager
Published: January 13, 2025

CVE-2023-42250

6.1
Selesta Visual Access Manager
Published: January 13, 2025

CVE-2024-12211

5.4
Pega Platform
Published: January 13, 2025

CVE-2025-0401

5.3
UNKNOWN
Published: January 13, 2025

CVE-2025-0403

5.3
1902756969 reggie
Published: January 13, 2025

CVE-2024-46919

5.3
Samsung Exynos processors
Published: January 13, 2025

CVE-2024-11636

4.8
Email Subscribers by Icegram Express WordPress plugin
Published: January 13, 2025

CVE-2024-12566

4.8
Email Subscribers by Icegram Express WordPress plugin
Published: January 13, 2025

CVE-2024-12567

4.8
Email Subscribers by Icegram Express WordPress plugin
Published: January 13, 2025

CVE-2024-12568

4.8
Email Subscribers by Icegram Express WordPress plugin
Published: January 13, 2025

CVE-2025-22828

4.3
Apache CloudStack
Published: January 13, 2025

CVE-2025-22800

4.3
Post SMTP
Published: January 13, 2025

CVE-2024-48883

4.3
Samsung Mobile Processor, Wearable Processor, Modem
Published: January 13, 2025

CVE-2024-6352

4.3
Ember ZNet stack
Published: January 13, 2025

CVE-2025-22134

4.2
Vim
Published: January 13, 2025

CVE-2024-52935

4.1
UNKNOWN
Published: January 13, 2025

CVE-2024-56138

4.0
notation-go
Published: January 13, 2025

CVE-2024-51491

3.3
notation-go
Published: January 13, 2025

CVE-2024-51728

None
UNKNOWN
Published: January 13, 2025

CVE-2024-52936

None
UNKNOWN
Published: January 13, 2025

CVE-2024-46310

None
FXServer
Published: January 13, 2025

CVE-2024-46921

None
Samsung Mobile Processor and Modem Exynos
Published: January 13, 2025

CVE-2025-22142

None
NamelessMC
Published: January 13, 2025

CVE-2025-22144

None
NamelessMC
Published: January 13, 2025

CVE-2025-23027

None
next-forge
Published: January 13, 2025

CVE-2024-13154

None
UNKNOWN
Published: January 13, 2025

CVE-2024-13324

None
UNKNOWN
Published: January 13, 2025

CVE-2025-22138

None
@codidact/qpixel
Published: January 13, 2025

CVE-2025-22613

None
WeGIA
Published: January 13, 2025

CVE-2025-22614

None
WeGIA
Published: January 13, 2025

CVE-2025-22615

None
WeGIA
Published: January 13, 2025

CVE-2025-22616

None
WeGIA
Published: January 13, 2025

CVE-2025-22617

None
WeGIA
Published: January 13, 2025

CVE-2025-22618

None
WeGIA
Published: January 13, 2025

CVE-2025-22619

None
WeGIA
Published: January 13, 2025

CVE-2023-42225

None
Pat Infinite Solutions HelpdeskAdvanced
Published: January 13, 2025

CVE-2023-42226

None
Pat Infinite Solutions HelpdeskAdvanced
Published: January 13, 2025

CVE-2023-42227

None
Pat Infinite Solutions HelpdeskAdvanced
Published: January 13, 2025

CVE-2023-42228

None
Pat Infinite Solutions HelpdeskAdvanced
Published: January 13, 2025

CVE-2023-42229

None
Pat Infinite Solutions HelpdeskAdvanced
Published: January 13, 2025

CVE-2023-42231

None
Pat Infinite Solutions HelpdeskAdvanced
Published: January 13, 2025

CVE-2023-42232

None
Pat Infinite Solutions HelpdeskAdvanced
Published: January 13, 2025

CVE-2023-42234

None
Pat Infinite Solutions HelpdeskAdvanced
Published: January 13, 2025

CVE-2023-42235

None
Selesta Visual Access Manager (VAM)
Published: January 13, 2025

CVE-2023-42236

None
Selesta Visual Access Manager (VAM)
Published: January 13, 2025

CVE-2023-42237

None
Selesta Visual Access Manager (VAM)
Published: January 13, 2025

CVE-2023-42238

None
Selesta Visual Access Manager (VAM)
Published: January 13, 2025

CVE-2023-42239

None
Selesta Visual Access Manager (VAM)
Published: January 13, 2025

CVE-2023-42240

None
Selesta Visual Access Manager (VAM)
Published: January 13, 2025

CVE-2023-42241

None
Selesta Visual Access Manager (VAM)
Published: January 13, 2025

CVE-2023-42242

None
Selesta Visual Access Manager (VAM)
Published: January 13, 2025

CVE-2023-42243

None
Selesta Visual Access Manager
Published: January 13, 2025

CVE-2023-42248

None
Selesta Visual Access Manager (VAM)
Published: January 13, 2025

CVE-2024-11128

None
Bitdefender Virus Scanner for MacOS
Published: January 13, 2025

CVE-2024-56323

None
OpenFGA
Published: January 13, 2025

CVE-2024-57811

None
Eaton X303
Published: January 13, 2025
» Click here to see all Vulnerabilities «