Our Vulnerability Research

Common Vulnerabilities and Exposures

SAP security alert for CVE-2025-24870 indicating a critical threat level for insecure secrets management exposing plaintext credentials and access to banking transactions and enterprise data.

What This Vulnerability Research Portfolio Represents

Discoveries That Matter

Our vulnerability research team reverse engineers your enterprise software to find the 0-days that threaten your infrastructure - before attackers do.

Enterprise Focus

The vulnerabilities below affect systems organizations use: SAP. IBM. Check Point. F5. BMC. Microsoft. Rapid7. Cyberark.

Logos of five technology companies: IBM, Check Point, Microsoft, SAP, and CyberArk on a black background.

Current Research

We identified a wide range of CVEs across various industries - each of the vulnerabilities have been assigned a threat level ranging from critical to low. We pride ourselves in beating others to identify critical CVEs in large infrastructure for orgasations such as IBM and Microsoft.

Sort by Threat level
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
CVE-2023-5118
Threat level
Medium

Stored cross-site scripting in Kofax Capture software allows persistent malicious script injection

See more
CVE-2023-4932
Threat level
Medium

Reflected cross-site scripting in SAS 9.4 allows attackers to execute scripts via crafted URLs

See more
CVE-2023-4925
Threat level
Low

Admin+ stored XSS in Easy Forms for Mailchimp WordPress plugin allows administrators to inject persistent scripts

See more
CVE-2023-45185
Threat level
High

Remote code execution via insecure deserialization in IBM i Access Client Solutions allows attackers to execute arbitrary code

See more
CVE-2023-45184
Threat level
Medium

Decryption key disclosure in IBM i Access Client Solutions allows local attackers to obtain encryption keys via improper authority checks

See more
CVE-2023-45182
Threat level
High

Weak password encryption in IBM i Access Client Solutions allows attackers to decrypt stored passwords and access connected systems

See more
CVE-2023-39062
Threat level
Medium

Cross-site scripting in Spipu HTML2PDF example files allows script execution via crafted input

See more
CVE-2023-38419
Threat level
Medium

Denial of service in F5 BIG-IQ iControl SOAP daemon - attackers with guest privileges can crash the service

See more
CVE-2023-38138
Threat level
High

Reflected cross-site scripting in F5 BIG-IP Configuration utility allows script execution via crafted requests

See more
CVE-2023-35840
Threat level
High

Path traversal in elFinder PHP LocalVolumeDriver connector allows reading/writing files outside webroot

See more
CVE-2023-35359
Threat level
High

Windows Kernel elevation of privilege allows local attackers to escalate from user to SYSTEM level access (CVSS 7.8)

See more
CVE-2023-28530
Threat level
Medium

Stored cross-site scripting in IBM Cognos Analytics via malicious SVG files in Custom Visualizations

See more
CVE-2023-1478
Threat level
High

Unauthenticated path traversal in Hummingbird WordPress plugin allows reading arbitrary files from the server

See more
CVE-2022-47072
Threat level
High

SQL injection in Sparx Systems Enterprise Architect allows attackers to execute arbitrary SQL queries

See more
CVE-2022-43930
Threat level
High

DLL hijacking in IBM i Access Client Solutions on Windows allows local code execution via malicious DLLs

See more

We map your systems before testing how they break.

That's why critical findings usually show up outside the original scope - attackers don't respect scope documents.

Book a consultation
arrow_right [#333] Created with Sketch.

Security Assessment Services FAQ

Questions enterprise security teams ask before partnering with AFINE for security assessments.

Is AFINE ISO 27001 certified and what compliance frameworks do you support?

Yes, AFINE is ISO 27001 certified. Beyond certification, we maintain operational security excellence built through 10 years of enterprise work. Our security assessment services support DORA, PCI DSS, SOC 2, ISO 27001, TIBER-EU, NESA, and FCA compliance. We've conducted hundreds of assessments for regulated institutions like PKO BP, ING Bank, and BGK.

What certifications and specialized expertise does AFINE team hold?

Every team member holds minimum OSCP or eWPTX certification. Our researchers average 7-10 years offensive security experience with OSCE, OSWE, OSED, OSEP, CRTO, CSSA, CISSP, CISA, and BSCP certifications. We've published CVEs in SAP, Microsoft, CyberArk, Palo Alto, F5, IBM, and other enterprise software.

What makes AFINE different from other penetration testing vendors?

We've published 150+ CVEs in enterprise software and understand how attackers exploit complex systems beyond automated scanning. Our manual testing finds business logic flaws and attack chains others miss. Isabel Group confirmed we "keep finding critical issues where other pentesters have not found them." Our 10-year exclusive focus on banking, critical infrastructure, and healthcare environments means we understand compliance and production system safety.