4 min read
The Invisible Threat: Hidden Economics of Zero Day Markets and What Cyber Insurers Should Know
Of the roughly 35 million business entities in the United States today, all but a small fraction are seriously...
Blog Posts.
May 12, 2023 by CyRisk Vulnerability Management Team
Of the roughly 35 million business entities in the United States today, all but a small fraction are seriously...
Apr 5, 2023 by CyRisk Vulnerability Management Team
Inflation may be bad these days, but the cost of improper use of web-based advertising and marketing technology (adtech...
Trending.
Apr 11, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2014-4078 Internet Explorer Memory Corruption Vulnerability
TECH STACK: Microsoft Internet Explorer v. 6,...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2022-0028 Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability
TECH STACK: ...
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2012-1823 PHP-CGI Query String Parameter Vulnerability
TECH STACK: PHP before 5.3.12 and 5.4.x before 5.4.2
Apr 11, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-26855 - Microsoft Exchange Server Remote Code Execution Vulnerability
TECH STACK: Microsoft Exchange...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-40438 Apache HTTP Server-Side Request Forgery (SSRF)
TECH STACK: Apache HTTP Server versions 2.4.1 to...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-34523 Microsoft Exchange Server Privilege Escalation Vulnerability
TECH STACK: Microsoft Exchange...
Apr 11, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Microsoft Exchange Server Remote Code Execution Vulnerability
TECH STACK:MICROSOFT EXCHANGE SERVER
DATE(S)...
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Microsoft Windows HTTP.sys Code Execution Vulnerability
TECH STACK: PHP before 5.3.12 and 5.4.x before 5.4.2
...
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2021-27065 Microsoft Exchange Server Remote Code Execution Vulnerability (HAFNIUM Exploited)
TECH STACK: ...
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2020-25696
TECH STACK: PostgreSQL
Apr 11, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-26858 Microsoft Exchange Server Security Feature Bypass Vulnerability
TECH STACK: Microsoft Exchange...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Microsoft Exchange Server Remote Code Execution Vulnerability
TECH STACK: MICROSOFT EXCHANGE SERVER
DATE(S)...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-31207 Microsoft Exchange Server Security Feature Bypass Vulnerability
TECH STACK: Microsoft Exchange...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2020-36193 PEAR Archive_Tar Improper Link Resolution Vulnerability
TECH STACK: Archive_Tar library prior...
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2019-11043 PHP Buffer Overflow Remote Code Execution Vulnerability
TECH STACK: PHP FPM v.7.3.10 and below
...
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2014-0160 OpenSSL Information Disclosure Vulnerability
TECH STACK:OpenSSL versions 1.0.1 through 1.0.1f
...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-42013 Apache HTTP Server 2.4.49 and 2.4.50 Path Traversal
TECH STACK: Apache HTTP Server 2.4.50.
...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-39226 Grafana Authentication Bypass Vulnerability
TECH STACK: Grafana versions 7.2.0 to 7.5.5
...
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2019-0211 Apache HTTP Server scoreboard RCE Vulnerability
TECH STACK:Apache HTTP Server v. 2.4.17 to...
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2010-3972 Heap-based buffer overflow
TECH STACK: Microsoft FTP Service 7.0 and 7.5
DATE(S) ISSUED:...
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2019-10211 Improper Control of Generation of Code ('Code Injection')
TECH STACK: Postgresql Windows...
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2020-15778 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
TECH...
Apr 11, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Apache Log4j (also called Log4Shell) Vulnerability CVE-2021-44832
CRITICALITY: Extremely Critical.
OVERVIEW: ...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-41773 Apache HTTP Server Path Traversal Vulnerability
TECH STACK: Apache HTTP Server versions 2.4.1...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2020-13671 Drupal core Un-restricted Upload of File
TECH STACK: Cisco IOS and IOS XE software versions...
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Apache Log4j (also called Log4Shell) Vulnerability CVE-2021-45105
TECH STACK: APACHE LOG4J2 2.0-ALPHA THROUGH...
May 16, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2020-2021: Improper Verification of Signatures in PAN-OS SAML Authentication
TECH STACK: PAN-OS_SAML...
May 16, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2019-1579 Remote Code Execution in PAN-OS GlobalProtect Interface
TECH STACK: PAN-OS_GlobalProtect...
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2010-2730 Buffer overflow in (IIS) 7.5
TECH STACK: Microsoft Internet Information Services (IIS) 7.5,...
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2019-10164 Stack-based buffer overflow via setting a password
TECH STACK: PostgreSQL versions 10.x before...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2020-28949 PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability
TECH STACK: PEAR Archive_Tar...
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2018-7602 Drupal Core Remote Code Execution Vulnerability
TECH STACK: Drupal 7.x and 8.x
DATE(S) ISSUED:...
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002
TECH STACK:DRUPAL 7.X AND 8.X...
Subscribe to receive updates as they become available.