ID | Votes | Profile Description |
---|
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
ID | Type | Votes | Profile Description |
---|---|---|---|
CVE-2017-5638 | Unspecified | 1 | CVE-2017-5638 is a significant vulnerability found in Apache Struts, a widely used open-source framework for developing Java web applications. This flaw in software design or implementation allowed attackers to remotely execute commands on the server running the vulnerable application, leading to po |
CVE-2016-0545 | Unspecified | 1 | CVE-2016-0545 is a software vulnerability that affects the Oracle E-Business Suite. It is a flaw in the software's design or implementation that potentially allows unauthorized access or manipulation of data. This vulnerability was one of several exploited by the group known as Gold Melody between J |
CVE-2020-14882 | Unspecified | 1 | None |
CVE-2020-14750 | Unspecified | 1 | None |
CVE-2017-7504 | Unspecified | 1 | CVE-2017-7504 is a significant software vulnerability identified in the JBoss MQ Java Message Service (JMS). This flaw, rooted in software design and implementation, allows for deserialization attacks when exploited on an internet-exposed server. The vulnerability has been abused by malicious actors |
CVE-2021-22205 | Unspecified | 1 | CVE-2021-22205 is a significant vulnerability in GitLab, a flaw in software design or implementation that allows for remote code execution. This vulnerability has been assigned the highest severity score (CVSS score: 10.0) due to its potential impact. The bug, which is now two years old, continues t |
CVE-2021-4104 | Unspecified | 1 | CVE-2021-4104 is a software vulnerability identified in Flexera's FlexNet. This flaw in the software design or implementation can be exploited by attackers to gain unauthorized access to systems running the affected software. The vulnerability was one of several security flaws used by Gold Melody, a |
CVE-2019-19781 | Unspecified | 1 | CVE-2019-19781, also known as the Citrix Directory Traversal Bug, is a software vulnerability that lies in the design or implementation of the software. This flaw allows an attacker to potentially gain unauthorized access to sensitive data or even execute arbitrary code on the compromised system. De |
CVE-2021-44228 | Unspecified | 1 | CVE-2021-44228, also known as the Log4j vulnerability, is a software flaw found in Apache Log4j, a widely used logging utility. Despite multiple attempts by Advanced Persistent Threat (APT) actors to exploit this vulnerability in the ServiceDesk system, these efforts were unsuccessful. However, it b |
CVE-2021-42237 | Unspecified | 1 | CVE-2021-42237 is a software vulnerability discovered in Sitecore XP, a popular content management system. This flaw was one of several exploited by the cybercriminal group known as Gold Melody between July 2020 and July 2022. The group targeted internet-exposed servers, using these vulnerabilities |
CVE-2021-26084 | Unspecified | 1 | CVE-2021-26084 is a critical vulnerability related to Atlassian's Confluence software. The flaw in the software design or implementation was first exploited as a zero-day, before its public disclosure in June 2022. It allowed remote attackers to execute code on a Confluence Server via injection atta |
CVE-2021-35464 | Unspecified | 1 | None |
Source | CreatedAt | Title |
---|---|---|
CERT-EU | 10 months ago | GOLD MELODY: Profile of an Initial Access Broker |
CERT-EU | 10 months ago | Cyber Group 'Gold Melody' Selling Compromised Access to Ransomware Attackers |
CERT-EU | 10 months ago | Gold Melody IAB exploits flaws in Oracle, Apache, Sitecore software to hack into corporate networks |
DARKReading | a year ago | Attackers Exploit Citrix Zero-Day Bug to Pwn NetScaler ADC, Gateway |