Skip to main content
Bitsight Knowledge Base Help Center home page
Security Performance Management
Continuous Monitoring
Vendor Risk Management
Trust Management Hub
Cyber Insurance
National Cybersecurity
  • Sign in
  • Submit a request
  1. Bitsight Knowledge Base
  2. Bitsight Data
  3. Vulnerabilities & Infections

Vulnerabilities & Infections

Overviews of recent emerging security events (vulnerabilities & infections), along with resources to detect and mitigate them.

  • Apache ActiveMQ Remote Code Execution [CVE-2023-46604]
  • ArcaneDoor Vulnerabilities [CVE-2024-20353, CVE-2024-20359]
  • Atlassian Confluence Data Center and Server Template Injection [CVE-2023-22527]
  • Atlassian Confluence Data Center and Server [CVE-2023-22515]
  • Barracuda Email Security Gateway [CVE-2023-2868]
  • Cisco Adaptive Security Appliance (ASA) Software Brute Force [CVE-2023-20269]
  • Cisco IOS XE Web UI Privilege Escalation [CVE-2023-20198] & Elevation [CVE-2023-20273]
  • Citrix Netscaler ADC and Netscaler Gateway [CVE-2023-4966]
  • Citrix ShareFile StorageZone Controller [CVE-2023-24489]
  • Cleo File Transfer [CVE-2024-50623 & CVE-2024-55956]
  • Critical Command Injection Vulnerability in Some Versions of Palo Alto PAN-OS [CVE-2024-3400]
  • CrushFTP Zero-Day [CVE-2024-4040]
  • CUPS Printing System Vulnerability Chain
  • Fortinet FortiOS SSL VPN Out-of-Bounds Write [CVE-2024-21762]
  • FortiOS/FortiProxy [CVE-2023-27997]
  • Ivanti Connect Secure and Policy Secure
  • Ivanti Resource Center
  • Ivanti Zero-Day [CVE-2025-0282 & CVE-2025-0283]
  • MOVEit Transfer Resource Center
  • NetScaler ADC & NetScaler Gateway RCE [CVE-2023-3519]
  • Next.js Authorization Bypass Vulnerability [CVE-2025-29927]
  • Progress MOVEit Transfer Authentication Bypass [CVE-2024-5806]
  • Service Location Protocol Vulnerability [CVE-2023-29552]
  • ServiceNow Vulnerability Chain [CVE-2024-4879, CVE-2024-5217, & CVE-2024-5178]
  • SonicWall Improper Authentication Vulnerability [CVE-2024-53704]
  • SonicWall Untrusted Data Pre-authentication Deserialization [CVE-2025-23006]
  • Supply Chain Attack via XZ Library Resulting in SSH Backdoor [CVE-2024-3094]
  • SysAid Path Traversal [CVE-2023-47246]
  • VMware vCenter Server: Out-of-Bounds Write [CVE-2023-34048] & Partial Information Disclosure [CVE-2023-34056]

Contents © 2025 BitSight Technologies, Inc. ("Bitsight")

Privacy Policy | Disclaimer | Terms and Conditions | Contact Bitsight | Bitsight Academy | Bitsight Support