Tag

kev

The December release introduces advanced inventory search with Python-like syntax, enhanced asset status filtering, API endpoint autodiscovery, and comprehensive scan summaries. Additionally, it adds GraphQL vulnerability detection, domain takeover prevention, new CVE detections, privacy compliance checks, and Jira integration improvements for streamlined issue management.

Product

Revamped Search, new detection capabilities, actively exploited CVEs and much more.

The latest releases introduces a revamped search UI, new detection capabilities, attack surface & inventory performance improvements, plus much more.

Tue 22 October 2024

Security

Deep Dive: Stored XSS Vulnerability in LiteSpeed Cache Plugin for WordPress (CVE-2024-47374)

An in-depth look at the CVE-2024-47374 vulnerability affecting LiteSpeed Cache plugin for WordPress, its impact, and a technical breakdown of our detection method.

Thu 10 October 2024

Product

HTTP2, Private Custom Checks, actively exploited CVE and much more.

The latest releases introduce HTTP/2 support, improve UI and detection, enhance privacy and security measures, and update custom checks and analysis environments for better performance.

Mon 07 October 2024

The article delves into the technical details of this CVE, its potential impact, and the methods used to detect and exploit it.

The article uncovers an Arbitrary File Read vulnerability in VigorConnect that lets attackers access sensitive files. The issue originates from improper input validation in file handling methods.

Latest posts

CVE-2024-5315 Dolibarr SQL Injection Investigation

CVE-2024-5315, an actively exploited Dolibarr SQL Injection with in incorrect patched-in version.

Sun 14 July 2024

Ostorlab KEV update for 02 April 2024

New vulnerabilities added to Ostorlab known exploited vulnerabilities catalog

Tue 02 April 2024

Ostorlab KEV update for 11th March 2024

New vulnerabilities added to Ostorlab known exploited vulnerabilities catalog

Mon 11 March 2024

Ostorlab KEV update for 26th February 2024

New vulnerabilities added to Ostorlab known exploited vulnerabilities catalog

Mon 26 February 2024

Known Exploitable Vulnerabilities: Catching them all

In this article we will Discover essential tools and empirical insights for identifying critical, high-severity, and actively exploitable vulnerabilities sourced from reputable platforms like CISA KEV, Google’s Tsunami, and the innovative Ostorlab’s Asteroid Project.

Wed 10 January 2024