MITRE ATT&CK — FreeIntelHub

T1190 — Exploit Public-Facing Application (Initial Access)

Clear filter

186 articles found

CISA Advisories CVE Apr 23

Milesight Cameras

View CSAF Summary Successful exploitation of these vulnerabilities could crash the device being accessed or allow remote code execution. The following versio...

T1190 6 IOCs

CISA Advisories →

CISA Advisories CVE Apr 23

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-39987 Marimo Re...

T1190 1 IOC

CISA Advisories →

Zero Day Initiative CVE Apr 23

ZDI-26-296: Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics ASDA-Soft. User interaction is required t...

T1190 1 IOC

Zero Day Initiative →

Cisco Advisories Vulnerability Disclosure Cisco Apr 22

Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker ...

T1190 T1059

Cisco Advisories →

CISA Advisories CVE Apr 21

Hardy Barth Salia EV Charge Controller

View CSAF Summary Successful exploitation of these vulnerabilities could crash the device being accessed; a buffer overflow condition may allow remote code e...

T1190 2 IOCs

CISA Advisories →

Zero Day Initiative CVE Amazon Apr 21

ZDI-26-245: (0Day) aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit t...

T1190 T1059 1 IOC

Zero Day Initiative →

Wordfence Blog Vulnerability Disclosure WordPress Apr 16

Attackers Actively Exploiting Critical Vulnerability in Ninja Forms – File Upload Plugin

On April 6th, 2026, we publicly disclosed a critical Arbitrary File Upload vulnerability in Ninja Forms – File Upload, a WordPress plugin with an estimated 5...

T1190

Wordfence Blog →

Cisco Advisories Vulnerability Disclosure Cisco Apr 15

Cisco Identity Services Engine Remote Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlyin...

T1190

Cisco Advisories →

Zero Day Initiative CVE Apr 15

ZDI-26-292: QNAP TS-453E QVRPro excpostgres Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP TS-453E devices. Authentication is not requi...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Apr 15

ZDI-26-291: NI LabVIEW LVCLASS File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI LabVIEW. User interaction is required to exploit this vu...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Apr 15

ZDI-26-290: NI LabVIEW LVLIB File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI LabVIEW. User interaction is required to exploit this vu...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Apr 15

ZDI-26-283: GStreamer qtdemux Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exp...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Apr 15

ZDI-26-282: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerab...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Apr 15

ZDI-26-280: (Pwn2Own) HP DeskJet 2855e JobStatusEvent Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP DeskJet 2855e printers. Authentication is not ...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Apr 15

ZDI-26-279: Microsoft Windows Snipping Tool Improper Input Validation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit ...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative Vulnerability Disclosure Microsoft Apr 15

ZDI-26-275: Microsoft Qlib _mount_nfs_uri Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft Qlib. Authentication is not required to...

T1190 T1059

Zero Day Initiative →

Zero Day Initiative Vulnerability Disclosure Microsoft Apr 15

ZDI-26-274: Microsoft Qlib fit Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Qlib. User interaction is required to exploit thi...

T1190

Zero Day Initiative →

Zero Day Initiative Vulnerability Disclosure Microsoft Apr 15

ZDI-26-273: Microsoft Olive Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Olive. User interaction is required to exploit th...

T1190

Zero Day Initiative →

Zero Day Initiative CVE Trend Micro Apr 15

ZDI-26-270: TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex One. Authentication is not required to exp...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Trend Micro Apr 15

ZDI-26-269: TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex One. Authentication is not required to exp...

T1190 1 IOC

Zero Day Initiative →

Initial Access

T1566 Phishing T1566.001 Spearphishing Attachment T1566.002 Spearphishing Link T1190 Exploit Public-Facing Application T1133 External Remote Services T1078 Valid Accounts T1195 Supply Chain Compromise T1189 Drive-by Compromise

Execution

T1059 Command and Scripting Interpreter T1059.001 PowerShell T1203 Exploitation for Client Execution T1204 User Execution

Persistence

T1053 Scheduled Task/Job T1547 Boot or Logon Autostart Execution T1543 Create or Modify System Process

Privilege Escalation

T1548 Abuse Elevation Control Mechanism T1068 Exploitation for Privilege Escalation

Defense Evasion

T1027 Obfuscated Files or Information T1562 Impair Defenses T1070 Indicator Removal

Credential Access

T1110 Brute Force T1555 Credentials from Password Stores T1003 OS Credential Dumping T1557 Adversary-in-the-Middle T1556 Modify Authentication Process

Discovery

T1046 Network Service Discovery

Lateral Movement

T1021 Remote Services

Command and Control

T1071 Application Layer Protocol T1573 Encrypted Channel T1572 Protocol Tunneling

Exfiltration

T1041 Exfiltration Over C2 Channel T1567 Exfiltration Over Web Service

Impact

T1486 Data Encrypted for Impact T1489 Service Stop T1498 Network Denial of Service T1491 Defacement T1529 System Shutdown/Reboot

Resource Development

T1583 Acquire Infrastructure T1588 Obtain Capabilities

Reconnaissance

T1592 Gather Victim Host Information T1598 Phishing for Information