Threat Encyclopedia

  • FILE Microsoft Windows Internet Shortcut Point to Location with UNC or Remote Path
    A security feature bypass vulnerability has been reported in Microsoft Windows. This vulnerability is due to improper handling of Internet Shortcuts. A remote attacker could exploit this vulnerability by enticing a target user to open a crafted shortcut or visit a malicious link. Successful exploitation could result in spoofing, the bypass of SmartScreen security warnings or the disclosure of a targeted user's NTLM hash.Updated At: 2026/04/30
  • FILE Windows Shell Spoofing Vulnerability (CVE-2026-32202)
    An LNK file using a particular CLSID can trigger a remote 0-click NTLM disclosure just by viewing the file in a File Explorer window. The disclosure of the user's NTLMv2 credentials occurs over SMB to an attacker controlled UNC.Updated At: 2026/04/30
  • ICS ORing IAP-420 Authenticated Command Injection (CVE-2024-5411)
    Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects IAP-420 version 2.01e and below.Updated At: 2026/04/30
  • ICS ORing IAP-420 Stored Cross-Site Scripting (CVE-2024-5410)
    Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.Updated At: 2026/04/30
  • WEB D-Link Go-RT-AC750 HNAP1 GetDeviceSettings Buffer Overflow (CVE-2022-37055)
    The exploit is an authenticated Buffer Overflow vulnerability in D-Link Go-RT-AC750. The vulnerability is due to improper handling of user input in the cgibin endpoint, specifically in the hnap_main function. An unauthenticated remote attacker could exploit this flaw by sending a crafted HTTP request. Successful exploitation of this vulnerability could lead to remote code execution.Updated At: 2026/04/30
  • MALWARE-FILE-TRANSFER Malicious Executable File Transfer -3 state 0
    Malicious Executable file transfer.Updated At: 2026/04/30
  • WEB CentOS Web Panel Remote Command Injection -1 (CVE-2025-48703)
    A vulnerability has been found in CentOS Web Panel server. The manipulation of the specific argument for specific endpoint leads to command injection. The attack may be launched remotely.Updated At: 2026/04/29
  • WEB Microsoft SharePoint Server SignOut Referer Authentication Bypass (CVE-2025-53771)
    An authentication bypass vulnerability has been reported in Microsoft SharePoint Server. The vulnerability is due to a flaw in authentication handling. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted request to the target server. Successfully exploiting this vulnerability can lead to authentication bypass.Updated At: 2026/04/29
  • WEB React Server Components Unauthenticated Remote Code Injection -1 (CVE-2025-55182)
    A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.Updated At: 2026/04/29
  • ICS Advantech R-SeeNet snmpmon.ini Unauthenticated Read Write -1 (CVE-2023-5642)
    Advantech R-SeeNet v2.4.23 allows an unauthenticated remote attacker to read from and write to the snmpmon.ini file, which contains sensitive information.Updated At: 2026/04/29
  • WEB Gladinet Triofox Improper Access Control Vulnerability (CVE-2025-12480)
    Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete.Updated At: 2026/04/29
  • ICS mySCADA myPRO Manager Unauthenticated Command Injection (CVE-2024-47407)
    Unauthenticated Command Injection in MyPRO Manager <= v1.2 from mySCADA. The vulnerability can be exploited by a remote attacker to inject arbitrary operating system commands which will get executed in the context of the myscada9 administrative user that is automatically added by the product.Updated At: 2026/04/29
  • ICS ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 - Remote File CRUD -3 (CVE-2022-25359)
    On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files.Updated At: 2026/04/29
  • ICS ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 - Remote File CRUD -1 (CVE-2022-25359)
    On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files.Updated At: 2026/04/29
  • ICS ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 - Remote File CRUD -2 (CVE-2022-25359)
    On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files.Updated At: 2026/04/29
  • SMB Microsoft Windows SMB Server SESSION_SETUP Signing Required Policy Bypass (CVE-2026-20919) state 1-F/Flow
    A race condition vulnerability has been reported in the SMB Server component of Microsoft Windows. The vulnerability is due to improper handling of concurrent SMB commands during the processing of SESSION_SETUP requests.Updated At: 2026/04/28
  • EXPLOIT X11 Keyboard Command Injection (CVE-1999-0526)
    A virtual keyboard on X11 servers can be registered to execute remote commands.Updated At: 2026/04/27
  • ICS Yokogawa CENTUM CS 3000 BKCLogSvr.exe Heap Buffer Overflow (CVE-2014-0781)
    A buffer overflow vulnerability was found in Yokogawa CENTUM CS 3000. The vulnerability exists in the BKCLogSvr component when handling specially crafted packets.Updated At: 2026/04/24
  • MALWARE-FILE-TRANSFER Suspicious Auxiliary File Delivery state 1-F/Flow
    Detects the transfer of non-executable or auxiliary files that may be associated with malware delivery, staging, or post-exploitation activities. These files are not directly executable but can support malicious operations such as configuration, data storage, or obfuscation.Updated At: 2026/04/23
  • MALWARE-FILE-TRANSFER Malicious Office File Transfer -3 state 0
    A malicious file transfer has been detected that may contain malicious behavior that could be used to spread viruses and malware.Updated At: 2026/04/23