Rapid7
Back to Blog

Posts tagged Vulnerability Disclosure

Multiple Vulnerabilities in Wowza Streaming Engine (Fixed)

Threat Research

Multiple Vulnerabilities in Wowza Streaming Engine (Fixed)

Ryan Emmons's avatar

Ryan Emmons

CVE-2024-45195: Apache OFBiz Unauthenticated Remote Code Execution (Fixed)

Exposure Management

CVE-2024-45195: Apache OFBiz Unauthenticated Remote Code Execution (Fixed)

Ryan Emmons's avatar

Ryan Emmons

CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery

Exposure Management

CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery

Ryan Emmons's avatar

Ryan Emmons

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

Vulnerabilities and Exploits

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

Rapid7's avatar

Rapid7

CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)

Threat Research

CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)

Rapid7's avatar

Rapid7

CVE-2023-47218: QNAP QTS and QuTS Hero Unauthenticated Command Injection (FIXED)

Vulnerabilities and Exploits

CVE-2023-47218: QNAP QTS and QuTS Hero Unauthenticated Command Injection (FIXED)

Stephen Fewer's avatar

Stephen Fewer

CVE-2023-5950 Rapid7 Velociraptor Reflected XSS

Vulnerabilities and Exploits

CVE-2023-5950 Rapid7 Velociraptor Reflected XSS

Dr. Mike Cohen's avatar

Dr. Mike Cohen

Multiple Vulnerabilities in South River Technologies Titan MFT and Titan SFTP [FIXED]

Vulnerabilities and Exploits

Multiple Vulnerabilities in South River Technologies Titan MFT and Titan SFTP [FIXED]

Ron Bowes's avatar

Ron Bowes

CVE-2023-4528: Java Deserialization Vulnerability in JSCAPE MFT (Fixed)

Vulnerabilities and Exploits

CVE-2023-4528: Java Deserialization Vulnerability in JSCAPE MFT (Fixed)

Ron Bowes's avatar

Ron Bowes

CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability

Exposure Management

CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability

Stephen Fewer's avatar

Stephen Fewer

CVE-2023-38205: Adobe ColdFusion Access Control Bypass [FIXED]

Exposure Management

CVE-2023-38205: Adobe ColdFusion Access Control Bypass [FIXED]

Stephen Fewer's avatar

Stephen Fewer

CVE-2023-29298: Adobe ColdFusion Access Control Bypass

Exposure Management

CVE-2023-29298: Adobe ColdFusion Access Control Bypass

Stephen Fewer's avatar

Stephen Fewer

Multiple Vulnerabilities in Fortra Globalscape EFT Administration Server [FIXED]

Exposure Management

Multiple Vulnerabilities in Fortra Globalscape EFT Administration Server [FIXED]

Ron Bowes's avatar

Ron Bowes

Raptor Technologies Volunteer Management Client-Side Security Controls (FIXED)

Vulnerabilities and Exploits

Raptor Technologies Volunteer Management Client-Side Security Controls (FIXED)

Rapid7's avatar

Rapid7

Multiple Vulnerabilities in Rocket Software UniRPC server (Fixed)

Vulnerabilities and Exploits

Multiple Vulnerabilities in Rocket Software UniRPC server (Fixed)

Ron Bowes's avatar

Ron Bowes

CVE-2023-0391: MGT-COMMERCE CloudPanel Shared Certificate Vulnerability and Weak Installation Procedures

Vulnerabilities and Exploits

CVE-2023-0391: MGT-COMMERCE CloudPanel Shared Certificate Vulnerability and Weak Installation Procedures

Tod Beardsley's avatar

Tod Beardsley

Microsoft Defender for Cloud Management Port Exposure Confusion

Vulnerabilities and Exploits

Microsoft Defender for Cloud Management Port Exposure Confusion

Tod Beardsley's avatar

Tod Beardsley

Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419)

Vulnerabilities and Exploits

Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419)

Tod Beardsley's avatar

Tod Beardsley

CVE-2023-22374: F5 BIG-IP Format String Vulnerability

Vulnerabilities and Exploits

CVE-2023-22374: F5 BIG-IP Format String Vulnerability

Ron Bowes's avatar

Ron Bowes

Refreshing Rapid7's Coordinated Vulnerability Disclosure Policy

Vulnerabilities and Exploits

Refreshing Rapid7's Coordinated Vulnerability Disclosure Policy

Tod Beardsley's avatar

Tod Beardsley

Cengage LTI Session Management Leakage

Vulnerabilities and Exploits

Cengage LTI Session Management Leakage

Tod Beardsley's avatar

Tod Beardsley