Unveiling TITAN AI: A New Era of Threat-Informed Third-Party Risk Management
Request a demo Get started for free

Resources

Cybersecurity white papers, data sheets, webinars, videos and more

Resource Library

Clear filters

9 Year Old Vulnerability Still Affecting Thousands (CVE-2016-10033)

STRIKE

9 Year Old Vulnerability Still Affecting Thousands (CVE-2016-10033)
SecurityScorecard July 7 Advisory On July 07, 2025, CVE-2016-10033 was added to CISA’s list of Known Exploited Vulnerabilities (CISA-KEV).  This vulnerability is a critical vulnerability affecting various versions of PHPMailer, Joomla and WordPress with a CVSS score of 9.8. Severity: Critical… Read More
STRIKE Alert
Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability (CVE-2025-32433) Added to CISA KEV

STRIKE

Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability (CVE-2025-32433) Added to CISA KEV
SecurityScorecard June 10 Advisory CVE-2025-32433 is a critical vulnerability affecting Erlang OTP with a CVSS score of 10.0. On June 09, 2025, this vulnerability was added to CISA’s list of Known Exploited Vulnerabilities (CISA-KEV). Severity: Critical Impact: Severe impact, high… Read More
STRIKE Alert
SecurityScorecard Advisory: Synacor Zimbra Collaboration Suite XSS Vulnerability (CVE-2024-27443) Added to CISA KEV

STRIKE

SecurityScorecard Advisory: Synacor Zimbra Collaboration Suite XSS Vulnerability (CVE-2024-27443) Added to CISA KEV
CVE-2024-27443 is a vulnerability affecting Zimbra Collaboration.  As described in a blog post by ESET Research, this vulnerability is currently being exploited in the wild and is found to be targeting government entities and defense companies. On May… Read More
STRIKE Alert
SecurityScorecard Advisory: Apache HTTP Server Improper Escaping of Output Vulnerability (CVE-2024-38475) Added to CISA KEV

STRIKE

SecurityScorecard Advisory: Apache HTTP Server Improper Escaping of Output Vulnerability (CVE-2024-38475) Added to CISA KEV
CVE-2024-38475 is a vulnerability affecting Apache HTTP Servers with a CVSS score of 9.1.  By sending specially crafted HTTP requests, this flaw allows remote attackers to retrieve sensitive files on the target machine.  As described by watchTowr Labs and Orange Tsai in their blogs (… Read More
STRIKE Alert
SecurityScorecard Advisory: Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability (CVE-2025-21590) Added to CISA KEV

STRIKE

SecurityScorecard Advisory: Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability (CVE-2025-21590) Added to CISA KEV
CVE-2025-21590 is a vulnerability affecting Juniper Routers with a CVSS score of 6.7.  The flaw is found in Juniper routers running end-of-life hardware and software.  As described by Mandiant in a blog post, the threat actor known as UNC3886 was… Read More
STRIKE Alert