globe with a red arrow through the middle, and dark blue text saying Direct Cyber

Currently tracking incidents

June 2024
  1. CVE-2024-4577 PHP-CGI Argument Injection RCE on Windows web servers with certain locale configurations
  2. CVE-2024-28995 Solarwinds Serv-U unauthenticated directory traversal
May 2024
  1. CVE-2024-24919 Check Point Security Gateways unauthenticated arbitrary file read
  2. CVE-2023-43208 NextGen Healthcare Mirth Connect before version 4.4.1 unauth RCE
  3. CVE-2024-32049 BIG-IP Next Central Manager (CM) unauthenticated cred leak of BIG-IP Next LTM/WAF instance credentials
  4. CVE-2024-29011+ SonicWall Global Management System default creds
April 2024
  1. CVE-2024-4040 CrushFTP user VFS Sandbox Escape allow reading files from filesystem
  2. CVE-2024-3400 Unauthenticated OS Command Injection in PaloAlto GlobalProtect Gateway
  3. CVE-2024-3273 Command Injection and Backdoor Account in D-Link NAS Devices
  4. CVE-2024-21894, CVE-2024-22052, +2 Heap overflow, XXE and null ptr dereference in Ivanti ICS/IPS 9.x and 22.x leading to potential DoS, memory read and RCE
March 2024
  1. CVE-2024-3094 Backdoor in upstream xz/liblzma leading to ssh server compromise
  2. CVE-2023-48788 FortiClientEMS unauthenticated SQL injection and RCE
  3. CVE-2024-27198 JetBrains TeamCity Authentication Bypass and RCE
February 2024
  1. CVE-2024-1708, CVE-2024-1709 ConnectWise ScreenConnect <= 23.9.7 auth bypass
  2. CVE-2023-23752 Joomla 4.0.0-4.2.7 Unauthenticated Information Disclosure
  3. CVE-2024-23917 JetBrains TeamCity before 2023.11.3 auth bypass to RCE
  4. CVE-2024-22024 Ivanti ICS, IPS and ZTA XXE leading to unauthenticated resource access
  5. Fortinet FortiOS Out-of-Bound Write Vulnerability CVE-2024-21762
  6. Ivanti ICS, IPS and Neurons for ZTA auth bypass in SAML component CVE-2024-21893
January 2024
  1. Jenkins unauthenticated sensitive information disclosure enabling privilege escalation to admin CVE-2024-23897
  2. Fortra GoAnywhere MFT Auth Bypass CVE-2024-0204
  3. Cisco Unity Connection manager unauthenticated file upload and RCE CVE-2024-20272
  4. Atlassian Confluence template injection unauthenticated RCE CVE-2023-22527, CVE-2024-21674 and more
  5. GitLab unauthenticated password reset attack takeover CVE-2023-7028
  6. Ivanti ICS/IPS (Pulse Secure VPN) authentication bypass + authed command injection chain CVE-2023-46085 + CVE-2024-21887
  7. QNAP Viostor NVR 4.x authenticated OS cmd injection exploited using default creds CVE-2023-47565
  8. Ivanti EPM Unauthenticated SQLi to RCE CVE-2023-39336
  9. Ivanti EPMM (MobileIron) multiple unauthenticated vulns CVE-2023-38035, CVE-2023-35078, CVE-2023-35081 and more
December 2023
  1. Barracuda ESG Parse Excel RCE CVE-2023-7102
  2. TeamCity Auth Bypass to RCE CVE-2023-42793
  3. Apache Struts file upload CVE-2023-50164
  4. Atlassian Confluence Vulnerabilities CVE-2023-22515, CVE-2023-22518, CVE-2023-22522
  5. Citrix Vulnerabilities CVE-2023-4966 CitrixBleed