{ "title": "CISA Catalog of Known Exploited Vulnerabilities", "catalogVersion": "2024.12.23", "dateReleased": "2024-12-23T14:59:07.8457Z", "count": 1238, "vulnerabilities": [ { "cveID": "CVE-2021-44207", "vendorProject": "Acclaim Systems", "product": "USAHERDS", "vulnerabilityName": "Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability ", "dateAdded": "2024-12-23", "shortDescription": "Acclaim Systems USAHERDS contains a hard-coded credentials vulnerability that could allow an attacker to achieve remote code execution on the system that runs the application. The MachineKey must be obtained via a separate vulnerability or other channel.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Please contact the product developer for support and vulnerability mitigation.", "dueDate": "2025-01-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.acclaimsystems.com\/#contact ; https:\/\/www.tnatc.org\/#contact ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-44207", "cwes": [ "CWE-798" ] }, { "cveID": "CVE-2024-12356", "vendorProject": "BeyondTrust", "product": "Privileged Remote Access (PRA) and Remote Support (RS) ", "vulnerabilityName": "BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability ", "dateAdded": "2024-12-19", "shortDescription": "BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain a command injection vulnerability, which can allow an unauthenticated attacker to inject commands that are run as a site user. ", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-27", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.beyondtrust.com\/trust-center\/security-advisories\/bt24-10 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-12356", "cwes": [ "CWE-77" ] }, { "cveID": "CVE-2021-40407", "vendorProject": "Reolink", "product": "RLC-410W IP Camera", "vulnerabilityName": "Reolink RLC-410W IP Camera OS Command Injection Vulnerability ", "dateAdded": "2024-12-18", "shortDescription": "Reolink RLC-410W IP cameras contain an authenticated OS command injection vulnerability in the device network settings functionality.", "requiredAction": "The impacted product could be end-of-life (EoL) and\/or end-of-service (EoS). Users should discontinue product utilization if a current mitigation is unavailable.", "dueDate": "2025-01-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/reolink.com\/product-eol\/ ; https:\/\/reolink.com\/download-center\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-40407", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2019-11001", "vendorProject": "Reolink", "product": "Multiple IP Cameras", "vulnerabilityName": "Reolink Multiple IP Cameras OS Command Injection Vulnerability", "dateAdded": "2024-12-18", "shortDescription": "Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W IP cameras contain an authenticated OS command injection vulnerability. This vulnerability allows an authenticated admin to use the \"TestEmail\" functionality to inject and run OS commands as root.", "requiredAction": "The impacted product could be end-of-life (EoL) and\/or end-of-service (EoS). Users should discontinue product utilization if a current mitigation is unavailable.", "dueDate": "2025-01-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/reolink.com\/product-eol\/ ; https:\/\/reolink.com\/download-center\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-11001", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2022-23227", "vendorProject": "NUUO", "product": "NVRmini2 Devices", "vulnerabilityName": "NUUO NVRmini 2 Devices Missing Authentication Vulnerability ", "dateAdded": "2024-12-18", "shortDescription": "NUUO NVRmini 2 devices contain a missing authentication vulnerability that allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users. ", "requiredAction": "The impacted product is end-of-life (EoL) and\/or end-of-service (EoS). Users should discontinue utilization of the product.", "dueDate": "2025-01-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nuuo.com\/wp-content\/uploads\/2023\/03\/NUUO-EOL-letter\uff3fNVRmini-2-and-NVRsolo-series.pdf ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-23227", "cwes": [ "CWE-306" ] }, { "cveID": "CVE-2018-14933", "vendorProject": "NUUO", "product": "NVRmini Devices", "vulnerabilityName": "NUUO NVRmini Devices OS Command Injection Vulnerability ", "dateAdded": "2024-12-18", "shortDescription": "NUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command.", "requiredAction": "The impacted product is end-of-life (EoL) and\/or end-of-service (EoS). Users should discontinue utilization of the product.", "dueDate": "2025-01-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nuuo.com\/wp-content\/uploads\/2023\/03\/NUUO-EOL-letter%EF%BC%BFNVRmini-2-and-NVRsolo-series.pdf ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-14933", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2024-55956", "vendorProject": "Cleo", "product": "Multiple Products", "vulnerabilityName": "Cleo Multiple Products Unauthenticated File Upload Vulnerability", "dateAdded": "2024-12-17", "shortDescription": "Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload vulnerability that could allow an unauthenticated user to import and execute arbitrary bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2025-01-07", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/support.cleo.com\/hc\/en-us\/articles\/28408134019735-Cleo-Product-Security-Update-CVE-2024-55956 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-55956", "cwes": [] }, { "cveID": "CVE-2024-35250", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability ", "dateAdded": "2024-12-16", "shortDescription": "Microsoft Windows Kernel-Mode Driver contains an untrusted pointer dereference vulnerability that allows a local attacker to escalate privileges.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2025-01-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-35250 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-35250", "cwes": [ "CWE-822" ] }, { "cveID": "CVE-2024-20767", "vendorProject": "Adobe", "product": "ColdFusion", "vulnerabilityName": "Adobe ColdFusion Improper Access Control Vulnerability", "dateAdded": "2024-12-16", "shortDescription": "Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify restricted files via an internet-exposed admin panel.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2025-01-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/helpx.adobe.com\/security\/products\/coldfusion\/apsb24-14.html ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-20767", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2024-50623", "vendorProject": "Cleo", "product": "Multiple Products", "vulnerabilityName": "Cleo Multiple Products Unrestricted File Upload Vulnerability", "dateAdded": "2024-12-13", "shortDescription": "Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload and download vulnerability that can lead to remote code execution with elevated privileges.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2025-01-03", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/support.cleo.com\/hc\/en-us\/articles\/28408134019735-Cleo-Product-Security-Update ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-50623", "cwes": [ "CWE-434" ] }, { "cveID": "CVE-2024-49138", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability", "dateAdded": "2024-12-10", "shortDescription": "Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-31", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-49138 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-49138", "cwes": [ "CWE-122" ] }, { "cveID": "CVE-2024-51378", "vendorProject": "CyberPersons", "product": "CyberPanel", "vulnerabilityName": "CyberPanel Incorrect Default Permissions Vulnerability", "dateAdded": "2024-12-04", "shortDescription": "CyberPanel contains an incorrect default permissions vulnerability that allows for authentication bypass and the execution of arbitrary commands using shell metacharacters in the statusfile property.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-25", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/cyberpanel.net\/KnowledgeBase\/home\/change-logs\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-51378", "cwes": [ "CWE-276" ] }, { "cveID": "CVE-2024-11667", "vendorProject": "Zyxel", "product": "Multiple Firewalls", "vulnerabilityName": "Zyxel Multiple Firewalls Path Traversal Vulnerability", "dateAdded": "2024-12-03", "shortDescription": "Multiple Zyxel firewalls contain a path traversal vulnerability in the web management interface that could allow an attacker to download or upload files via a crafted URL.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-24", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.zyxel.com\/global\/en\/support\/security-advisories\/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-21-2024 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-11667", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2024-11680", "vendorProject": "ProjectSend", "product": "ProjectSend", "vulnerabilityName": "ProjectSend Improper Authentication Vulnerability", "dateAdded": "2024-12-03", "shortDescription": "ProjectSend contains an improper authentication vulnerability that allows a remote, unauthenticated attacker to enable unauthorized modification of the application's configuration via crafted HTTP requests to options.php. Successful exploitation allows attackers to create accounts, upload webshells, and embed malicious JavaScript.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/github.com\/projectsend\/projectsend\/commit\/193367d937b1a59ed5b68dd4e60bd53317473744 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-11680", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2023-45727", "vendorProject": "North Grid", "product": "Proself", "vulnerabilityName": "North Grid Proself Improper Restriction of XML External Entity (XXE) Reference Vulnerability", "dateAdded": "2024-12-03", "shortDescription": "North Grid Proself Enterprise\/Standard, Gateway, and Mail Sanitize contain an improper restriction of XML External Entity (XXE) reference vulnerability, which could allow a remote, unauthenticated attacker to conduct an XXE attack.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.proself.jp\/information\/153\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-45727", "cwes": [ "CWE-611" ] }, { "cveID": "CVE-2023-28461", "vendorProject": "Array Networks ", "product": "AG\/vxAG ArrayOS", "vulnerabilityName": "Array Networks AG and vxAG ArrayOS Missing Authentication for Critical Function Vulnerability", "dateAdded": "2024-11-25", "shortDescription": "Array Networks AG and vxAG ArrayOS contain a missing authentication for critical function vulnerability that allows an attacker to read local files and execute code on the SSL VPN gateway.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-16", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/support.arraynetworks.net\/prx\/001\/http\/supportportal.arraynetworks.net\/documentation\/FieldNotice\/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-28461", "cwes": [ "CWE-306" ] }, { "cveID": "CVE-2024-21287", "vendorProject": "Oracle", "product": "Agile Product Lifecycle Management (PLM)", "vulnerabilityName": "Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability", "dateAdded": "2024-11-21", "shortDescription": "Oracle Agile Product Lifecycle Management (PLM) contains an incorrect authorization vulnerability in the Process Extension component of the Software Development Kit. Successful exploitation of this vulnerability may result in unauthenticated file disclosure.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-12", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.oracle.com\/security-alerts\/alert-cve-2024-21287.html ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-21287", "cwes": [ "CWE-863" ] }, { "cveID": "CVE-2024-44309", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability", "dateAdded": "2024-11-21", "shortDescription": "Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to a cross-site scripting (XSS) attack.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-12", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/121752, https:\/\/support.apple.com\/en-us\/121753, https:\/\/support.apple.com\/en-us\/121754, https:\/\/support.apple.com\/en-us\/121755, https:\/\/support.apple.com\/en-us\/121756 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-44309", "cwes": [ "CWE-79" ] }, { "cveID": "CVE-2024-44308", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Code Execution Vulnerability", "dateAdded": "2024-11-21", "shortDescription": "Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to arbitrary code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-12", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/121752, https:\/\/support.apple.com\/en-us\/121753, https:\/\/support.apple.com\/en-us\/121754, https:\/\/support.apple.com\/en-us\/121755, https:\/\/support.apple.com\/en-us\/121756 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-44308", "cwes": [] }, { "cveID": "CVE-2024-38813", "vendorProject": "VMware", "product": "vCenter Server", "vulnerabilityName": "VMware vCenter Server Privilege Escalation Vulnerability", "dateAdded": "2024-11-20", "shortDescription": "VMware vCenter contains an improper check for dropped privileges vulnerability. This vulnerability could allow an attacker with network access to the vCenter Server to escalate privileges to root by sending a specially crafted packet.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-11", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.broadcom.com\/web\/ecx\/support-content-notification\/-\/external\/content\/SecurityAdvisories\/0\/24968 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38813", "cwes": [ "CWE-250", "CWE-273" ] }, { "cveID": "CVE-2024-38812", "vendorProject": "VMware", "product": "vCenter Server", "vulnerabilityName": "VMware vCenter Server Heap-Based Buffer Overflow Vulnerability", "dateAdded": "2024-11-20", "shortDescription": "VMware vCenter Server contains a heap-based buffer overflow vulnerability in the implementation of the DCERPC protocol. This vulnerability could allow an attacker with network access to the vCenter Server to execute remote code by sending a specially crafted packet.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-11", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.broadcom.com\/web\/ecx\/support-content-notification\/-\/external\/content\/SecurityAdvisories\/0\/24968 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38812", "cwes": [ "CWE-122" ] }, { "cveID": "CVE-2024-9474", "vendorProject": "Palo Alto Networks", "product": "PAN-OS", "vulnerabilityName": "Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability", "dateAdded": "2024-11-18", "shortDescription": "Palo Alto Networks PAN-OS contains an OS command injection vulnerability that allows for privilege escalation through the web-based management interface for several PAN products, including firewalls and VPN concentrators.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, the management interfaces for affected devices should not be exposed to untrusted networks, including the internet.", "dueDate": "2024-12-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.paloaltonetworks.com\/CVE-2024-9474 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-9474", "cwes": [ "CWE-77" ] }, { "cveID": "CVE-2024-0012", "vendorProject": "Palo Alto Networks", "product": "PAN-OS", "vulnerabilityName": "Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability", "dateAdded": "2024-11-18", "shortDescription": "Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in the web-based management interface for several PAN-OS products, including firewalls and VPN concentrators.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, management interface for affected devices should not be exposed to untrusted networks, including the internet.", "dueDate": "2024-12-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.paloaltonetworks.com\/CVE-2024-0012 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-0012", "cwes": [ "CWE-306" ] }, { "cveID": "CVE-2024-1212", "vendorProject": "Progress", "product": "Kemp LoadMaster", "vulnerabilityName": "Progress Kemp LoadMaster OS Command Injection Vulnerability", "dateAdded": "2024-11-18", "shortDescription": "Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/community.progress.com\/s\/article\/Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-1212", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2024-9465", "vendorProject": "Palo Alto Networks", "product": "Expedition", "vulnerabilityName": "Palo Alto Networks Expedition SQL Injection Vulnerability", "dateAdded": "2024-11-14", "shortDescription": "Palo Alto Networks Expedition contains a SQL injection vulnerability that allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.paloaltonetworks.com\/PAN-SA-2024-0010 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-9465", "cwes": [ "CWE-89" ] }, { "cveID": "CVE-2024-9463", "vendorProject": "Palo Alto Networks", "product": "Expedition", "vulnerabilityName": "Palo Alto Networks Expedition OS Command Injection Vulnerability", "dateAdded": "2024-11-14", "shortDescription": "Palo Alto Networks Expedition contains an OS command injection vulnerability that allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.paloaltonetworks.com\/PAN-SA-2024-0010 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-9463", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2021-26086", "vendorProject": "Atlassian", "product": "Jira Server and Data Center", "vulnerabilityName": "Atlassian Jira Server and Data Center Path Traversal Vulnerability", "dateAdded": "2024-11-12", "shortDescription": "Atlassian Jira Server and Data Center contain a path traversal vulnerability that allows a remote attacker to read particular files in the \/WEB-INF\/web.xml endpoint.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/jira.atlassian.com\/browse\/JRASERVER-72695 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-26086", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2014-2120", "vendorProject": "Cisco", "product": "Adaptive Security Appliance (ASA)", "vulnerabilityName": "Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability", "dateAdded": "2024-11-12", "shortDescription": "Cisco Adaptive Security Appliance (ASA) contains a cross-site scripting (XSS) vulnerability in the WebVPN login page. This vulnerability allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-CVE-2014-2120 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-2120", "cwes": [ "CWE-79" ] }, { "cveID": "CVE-2021-41277", "vendorProject": "Metabase", "product": "Metabase", "vulnerabilityName": "Metabase GeoJSON API Local File Inclusion Vulnerability", "dateAdded": "2024-11-12", "shortDescription": "Metabase contains a local file inclusion vulnerability in the custom map support in the API to read GeoJSON formatted data.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/github.com\/metabase\/metabase\/security\/advisories\/GHSA-w73v-6p7p-fpfr ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-41277", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2024-43451", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability", "dateAdded": "2024-11-12", "shortDescription": "Microsoft Windows contains an NTLMv2 hash spoofing vulnerability that could result in disclosing a user's NTLMv2 hash to an attacker via a file open operation. The attacker could then leverage this hash to impersonate that user.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-43451 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-43451", "cwes": [ "CWE-73" ] }, { "cveID": "CVE-2024-49039", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Task Scheduler Privilege Escalation Vulnerability", "dateAdded": "2024-11-12", "shortDescription": "Microsoft Windows Task Scheduler contains a privilege escalation vulnerability that can allow an attacker-provided, local application to escalate privileges outside of its AppContainer, and access privileged RPC functions.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-49039 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-49039", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2019-16278", "vendorProject": "Nostromo", "product": "nhttpd", "vulnerabilityName": "Nostromo nhttpd Directory Traversal Vulnerability", "dateAdded": "2024-11-07", "shortDescription": "Nostromo nhttpd contains a directory traversal vulnerability in the http_verify() function in a non-chrooted nhttpd server allowing for remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-11-28", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.nazgul.ch\/dev\/nostromo_cl.txt ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-16278", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2024-51567", "vendorProject": "CyberPersons", "product": "CyberPanel", "vulnerabilityName": "CyberPanel Incorrect Default Permissions Vulnerability", "dateAdded": "2024-11-07", "shortDescription": "CyberPanel contains an incorrect default permissions vulnerability that allows a remote, unauthenticated attacker to execute commands as root.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-11-28", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/cyberpanel.net\/blog\/detials-and-fix-of-recent-security-issue-and-patch-of-cyberpanel ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-51567", "cwes": [ "CWE-276" ] }, { "cveID": "CVE-2024-43093", "vendorProject": "Android", "product": "Framework", "vulnerabilityName": "Android Framework Privilege Escalation Vulnerability", "dateAdded": "2024-11-07", "shortDescription": "Android Framework contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-11-28", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/source.android.com\/docs\/security\/bulletin\/2024-11-01 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-43093", "cwes": [] }, { "cveID": "CVE-2024-5910", "vendorProject": "Palo Alto Networks", "product": "Expedition", "vulnerabilityName": "Palo Alto Networks Expedition Missing Authentication Vulnerability", "dateAdded": "2024-11-07", "shortDescription": "Palo Alto Networks Expedition contains a missing authentication vulnerability that allows an attacker with network access to takeover an Expedition admin account and potentially access configuration secrets, credentials, and other data.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-11-28", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.paloaltonetworks.com\/CVE-2024-5910 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-5910", "cwes": [ "CWE-306" ] }, { "cveID": "CVE-2024-8956", "vendorProject": "PTZOptics", "product": "PT30X-SDI\/NDI Cameras", "vulnerabilityName": "PTZOptics PT30X-SDI\/NDI Cameras Authentication Bypass Vulnerability", "dateAdded": "2024-11-04", "shortDescription": "PTZOptics PT30X-SDI\/NDI cameras contain an insecure direct object reference (IDOR) vulnerability that allows a remote, attacker to bypass authentication for the \/cgi-bin\/param.cgi CGI script. If combined with CVE-2024-8957, this can lead to remote code execution as root.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-11-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/ptzoptics.com\/firmware-changelog\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-8956", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2024-8957", "vendorProject": "PTZOptics", "product": "PT30X-SDI\/NDI Cameras", "vulnerabilityName": "PTZOptics PT30X-SDI\/NDI Cameras OS Command Injection Vulnerability", "dateAdded": "2024-11-04", "shortDescription": "PTZOptics PT30X-SDI\/NDI cameras contain an OS command injection vulnerability that allows a remote, authenticated attacker to escalate privileges to root via a crafted payload with the ntp_addr parameter of the \/cgi-bin\/param.cgi CGI script. ", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-11-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/ptzoptics.com\/firmware-changelog\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-8957", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2024-37383", "vendorProject": "Roundcube", "product": "Webmail", "vulnerabilityName": "RoundCube Webmail Cross-Site Scripting (XSS) Vulnerability", "dateAdded": "2024-10-24", "shortDescription": "RoundCube Webmail contains a cross-site scripting (XSS) vulnerability in the handling of SVG animate attributes that allows a remote attacker to run malicious JavaScript code.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-11-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/github.com\/roundcube\/roundcubemail\/releases\/tag\/1.5.7, https:\/\/github.com\/roundcube\/roundcubemail\/releases\/tag\/1.6.7 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-37383", "cwes": [ "CWE-79" ] }, { "cveID": "CVE-2024-20481", "vendorProject": "Cisco", "product": "Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)", "vulnerabilityName": "Cisco ASA and FTD Denial-of-Service Vulnerability", "dateAdded": "2024-10-24", "shortDescription": "Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) of the RAVPN service.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-11-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-asaftd-bf-dos-vDZhLqrW ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-20481", "cwes": [ "CWE-772" ] }, { "cveID": "CVE-2024-47575", "vendorProject": "Fortinet", "product": "FortiManager", "vulnerabilityName": "Fortinet FortiManager Missing Authentication Vulnerability", "dateAdded": "2024-10-23", "shortDescription": "Fortinet FortiManager contains a missing authentication vulnerability in the fgfmd daemon that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-11-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/fortiguard.fortinet.com\/psirt\/FG-IR-24-423 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-47575", "cwes": [ "CWE-306" ] }, { "cveID": "CVE-2024-38094", "vendorProject": "Microsoft", "product": "SharePoint", "vulnerabilityName": "Microsoft SharePoint Deserialization Vulnerability", "dateAdded": "2024-10-22", "shortDescription": "Microsoft SharePoint contains a deserialization vulnerability that allows for remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-11-12", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-38094 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38094", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2024-9537", "vendorProject": "ScienceLogic", "product": "SL1", "vulnerabilityName": "ScienceLogic SL1 Unspecified Vulnerability", "dateAdded": "2024-10-21", "shortDescription": "ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-11-11", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.sciencelogic.com\/s\/article\/15527 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-9537", "cwes": [] }, { "cveID": "CVE-2024-40711", "vendorProject": "Veeam", "product": "Backup & Replication", "vulnerabilityName": "Veeam Backup and Replication Deserialization Vulnerability", "dateAdded": "2024-10-17", "shortDescription": "Veeam Backup and Replication contains a deserialization vulnerability allowing an unauthenticated user to perform remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-11-07", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.veeam.com\/kb4649 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-40711", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2024-28987", "vendorProject": "SolarWinds", "product": "Web Help Desk", "vulnerabilityName": "SolarWinds Web Help Desk Hardcoded Credential Vulnerability", "dateAdded": "2024-10-15", "shortDescription": "SolarWinds Web Help Desk contains a hardcoded credential vulnerability that could allow a remote, unauthenticated user to access internal functionality and modify data.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-11-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.solarwinds.com\/trust-center\/security-advisories\/cve-2024-28987 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-28987", "cwes": [ "CWE-798" ] }, { "cveID": "CVE-2024-9680", "vendorProject": "Mozilla", "product": "Firefox", "vulnerabilityName": "Mozilla Firefox Use-After-Free Vulnerability", "dateAdded": "2024-10-15", "shortDescription": "Mozilla Firefox and Firefox ESR contain a use-after-free vulnerability in Animation timelines that allows for code execution in the content process.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-11-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.mozilla.org\/en-US\/security\/advisories\/mfsa2024-51\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-9680", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2024-30088", "vendorProject": "Microsoft", "product": "Windows ", "vulnerabilityName": "Microsoft Windows Kernel TOCTOU Race Condition Vulnerability", "dateAdded": "2024-10-15", "shortDescription": "Microsoft Windows Kernel contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that could allow for privilege escalation. ", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-11-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-30088 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-30088", "cwes": [ "CWE-367" ] }, { "cveID": "CVE-2024-9380", "vendorProject": "Ivanti", "product": "Cloud Services Appliance (CSA)", "vulnerabilityName": "Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability", "dateAdded": "2024-10-09", "shortDescription": "Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to the underlying OS.", "requiredAction": "As Ivanti CSA 4.6.x has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line, or later, of supported solution.", "dueDate": "2024-10-30", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/forums.ivanti.com\/s\/article\/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-9380", "cwes": [ "CWE-77" ] }, { "cveID": "CVE-2024-9379", "vendorProject": "Ivanti", "product": "Cloud Services Appliance (CSA)", "vulnerabilityName": "Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability", "dateAdded": "2024-10-09", "shortDescription": "Ivanti Cloud Services Appliance (CSA) contains a SQL injection vulnerability in the admin web console in versions prior to 5.0.2, which can allow a remote attacker authenticated as administrator to run arbitrary SQL statements.", "requiredAction": "As Ivanti CSA 4.6.x has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line, or later, of supported solution.", "dueDate": "2024-10-30", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/forums.ivanti.com\/s\/article\/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-9379", "cwes": [ "CWE-89" ] }, { "cveID": "CVE-2024-23113", "vendorProject": "Fortinet", "product": "Multiple Products", "vulnerabilityName": "Fortinet Multiple Products Format String Vulnerability", "dateAdded": "2024-10-09", "shortDescription": "Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb contain a format string vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-30", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.fortiguard.com\/psirt\/FG-IR-24-029 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-23113", "cwes": [ "CWE-134" ] }, { "cveID": "CVE-2024-43573", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows MSHTML Platform Spoofing Vulnerability", "dateAdded": "2024-10-08", "shortDescription": "Microsoft Windows MSHTML Platform contains an unspecified spoofing vulnerability which can lead to a loss of confidentiality.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-43573 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-43573", "cwes": [ "CWE-79" ] }, { "cveID": "CVE-2024-43572", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Management Console Remote Code Execution Vulnerability", "dateAdded": "2024-10-08", "shortDescription": "Microsoft Windows Management Console contains unspecified vulnerability that allows for remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/advisory\/CVE-2024-43572 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-43572", "cwes": [ "CWE-707" ] }, { "cveID": "CVE-2024-43047", "vendorProject": "Qualcomm", "product": "Multiple Chipsets ", "vulnerabilityName": "Qualcomm Multiple Chipsets Use-After-Free Vulnerability", "dateAdded": "2024-10-08", "shortDescription": "Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services while maintaining memory maps of HLOS memory. ", "requiredAction": "Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.", "dueDate": "2024-10-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/git.codelinaro.org\/clo\/la\/platform\/vendor\/qcom\/opensource\/dsp-kernel\/-\/commit\/0e27b6c7d2bd8d0453e4465ac2ca49a8f8c440e2 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-43047", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2024-45519", "vendorProject": "Synacor", "product": "Zimbra Collaboration", "vulnerabilityName": "Synacor Zimbra Collaboration Command Execution Vulnerability", "dateAdded": "2024-10-03", "shortDescription": "Synacor Zimbra Collaboration contains an unspecified vulnerability in the postjournal service that may allow an unauthenticated user to execute commands.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/wiki.zimbra.com\/wiki\/Zimbra_Security_Advisories ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-45519", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2024-29824", "vendorProject": "Ivanti", "product": "Endpoint Manager (EPM)", "vulnerabilityName": "Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability", "dateAdded": "2024-10-02", "shortDescription": "Ivanti Endpoint Manager (EPM) contains a SQL injection vulnerability in Core server that allows an unauthenticated attacker within the same network to execute arbitrary code. ", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-23", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/forums.ivanti.com\/s\/article\/Security-Advisory-May-2024 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-29824", "cwes": [ "CWE-89" ] }, { "cveID": "CVE-2019-0344", "vendorProject": "SAP", "product": "Commerce Cloud", "vulnerabilityName": "SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability", "dateAdded": "2024-09-30", "shortDescription": "SAP Commerce Cloud (formerly known as Hybris) contains a deserialization of untrusted data vulnerability within the mediaconversion and virtualjdbc extension that allows for code injection.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/web.archive.org\/web\/20191214053020\/https:\/\/wiki.scn.sap.com\/wiki\/pages\/viewpage.action?pageId=523998017 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-0344", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2020-15415", "vendorProject": "DrayTek", "product": "Multiple Vigor Routers", "vulnerabilityName": "DrayTek Multiple Vigor Routers OS Command Injection Vulnerability", "dateAdded": "2024-09-30", "shortDescription": "DrayTek Vigor3900, Vigor2960, and Vigor300B devices contain an OS command injection vulnerability in cgi-bin\/mainfunction.cgi\/cvmcfgupload that allows for remote code execution via shell metacharacters in a filename when the text\/x-python-script content type is used.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.draytek.com\/about\/security-advisory\/vigor3900-\/-vigor2960-\/-vigor300b-remote-code-injection\/execution-vulnerability-(cve-2020-14472) ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-15415", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2023-25280", "vendorProject": "D-Link", "product": "DIR-820 Router", "vulnerabilityName": "D-Link DIR-820 Router OS Command Injection Vulnerability", "dateAdded": "2024-09-30", "shortDescription": "D-Link DIR-820 routers contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp.", "requiredAction": "The impacted product is end-of-life (EoL) and\/or end-of-service (EoS). Users should discontinue utilization of the product.", "dueDate": "2024-10-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/supportannouncement.us.dlink.com\/security\/publication.aspx?name=SAP10358 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-25280", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2024-7593", "vendorProject": "Ivanti", "product": "Virtual Traffic Manager", "vulnerabilityName": "Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability", "dateAdded": "2024-09-24", "shortDescription": "Ivanti Virtual Traffic Manager contains an authentication bypass vulnerability that allows a remote, unauthenticated attacker to create a chosen administrator account.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/forums.ivanti.com\/s\/article\/Security-Advisory-Ivanti-Virtual-Traffic-Manager-vTM-CVE-2024-7593 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-7593", "cwes": [ "CWE-287", "CWE-303" ] }, { "cveID": "CVE-2024-8963", "vendorProject": "Ivanti", "product": "Cloud Services Appliance (CSA)", "vulnerabilityName": "Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability", "dateAdded": "2024-09-19", "shortDescription": "Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If CVE-2024-8963 is used in conjunction with CVE-2024-8190, an attacker could bypass admin authentication and execute arbitrary commands on the appliance.", "requiredAction": "As Ivanti CSA has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line of supported solutions, as future vulnerabilities on the 4.6.x version of CSA are unlikely to receive security updates.", "dueDate": "2024-10-10", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/forums.ivanti.com\/s\/article\/Security-Advisory-Ivanti-CSA-4-6-Cloud-Services-Appliance-CVE-2024-8963 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-8963", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2020-14644", "vendorProject": "Oracle", "product": "WebLogic Server", "vulnerabilityName": "Oracle WebLogic Server Remote Code Execution Vulnerability", "dateAdded": "2024-09-18", "shortDescription": "Oracle WebLogic Server, a product within the Fusion Middleware suite, contains a deserialization vulnerability. Unauthenticated attackers with network access via T3 or IIOP can exploit this vulnerability to achieve remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.oracle.com\/security-alerts\/cpujul2020.html ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-14644", "cwes": [] }, { "cveID": "CVE-2022-21445", "vendorProject": "Oracle", "product": "ADF Faces", "vulnerabilityName": "Oracle ADF Faces Deserialization of Untrusted Data Vulnerability", "dateAdded": "2024-09-18", "shortDescription": "Oracle ADF Faces library, included with Oracle JDeveloper Distribution, contains a deserialization of untrusted data vulnerability leading to unauthenticated remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.oracle.com\/security-alerts\/cpuapr2022.html ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-21445", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2020-0618", "vendorProject": "Microsoft", "product": "SQL Server", "vulnerabilityName": "Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability", "dateAdded": "2024-09-18", "shortDescription": "Microsoft SQL Server Reporting Services contains a deserialization vulnerability when handling page requests incorrectly. An authenticated attacker can exploit this vulnerability to execute code in the context of the Report Server service account.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2020-0618 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-0618", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2024-27348", "vendorProject": "Apache", "product": "HugeGraph-Server", "vulnerabilityName": "Apache HugeGraph-Server Improper Access Control Vulnerability", "dateAdded": "2024-09-18", "shortDescription": "Apache HugeGraph-Server contains an improper access control vulnerability that could allow a remote attacker to execute arbitrary code.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-09", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https:\/\/lists.apache.org\/thread\/nx6g6htyhpgtzsocybm242781o8w5kq9 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-27348", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2014-0502", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Double Free Vulnerablity", "dateAdded": "2024-09-17", "shortDescription": "Adobe Flash Player contains a double free vulnerability that allows a remote attacker to execute arbitrary code.", "requiredAction": "The impacted product is end-of-life (EoL) and\/or end-of-service (EoS). Users should discontinue utilization of the product.", "dueDate": "2024-10-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.adobe.com\/products\/flashplayer\/end-of-life-alternative.html#eol-alternative-faq ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-0502", "cwes": [ "CWE-399" ] }, { "cveID": "CVE-2013-0648", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Code Execution Vulnerability", "dateAdded": "2024-09-17", "shortDescription": "Adobe Flash Player contains an unspecified vulnerability in the ExternalInterface ActionScript functionality that allows a remote attacker to execute arbitrary code via crafted SWF content.", "requiredAction": "The impacted product is end-of-life (EoL) and\/or end-of-service (EoS). Users should discontinue utilization of the product.", "dueDate": "2024-10-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.adobe.com\/products\/flashplayer\/end-of-life-alternative.html#eol-alternative-faq ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-0648", "cwes": [] }, { "cveID": "CVE-2013-0643", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Incorrect Default Permissions Vulnerability", "dateAdded": "2024-09-17", "shortDescription": "Adobe Flash Player contains an incorrect default permissions vulnerability in the Firefox sandbox that allows a remote attacker to execute arbitrary code via crafted SWF content. ", "requiredAction": "The impacted product is end-of-life (EoL) and\/or end-of-service (EoS). Users should discontinue utilization of the product.", "dueDate": "2024-10-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.adobe.com\/products\/flashplayer\/end-of-life-alternative.html#eol-alternative-faq ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-0643", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2014-0497", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Integer Underflow Vulnerablity", "dateAdded": "2024-09-17", "shortDescription": "Adobe Flash Player contains an integer underflow vulnerability that allows a remote attacker to execute arbitrary code.", "requiredAction": "The impacted product is end-of-life (EoL) and\/or end-of-service (EoS). Users should discontinue utilization of the product.", "dueDate": "2024-10-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.adobe.com\/products\/flashplayer\/end-of-life-alternative.html#eol-alternative-faq ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-0497", "cwes": [ "CWE-191" ] }, { "cveID": "CVE-2024-6670", "vendorProject": "Progress", "product": "WhatsUp Gold", "vulnerabilityName": "Progress WhatsUp Gold SQL Injection Vulnerability", "dateAdded": "2024-09-16", "shortDescription": "Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-07", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/community.progress.com\/s\/article\/WhatsUp-Gold-Security-Bulletin-August-2024 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-6670", "cwes": [ "CWE-89" ] }, { "cveID": "CVE-2024-43461", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows MSHTML Platform Spoofing Vulnerability", "dateAdded": "2024-09-16", "shortDescription": "Microsoft Windows MSHTML Platform contains a user interface (UI) misrepresentation of critical information vulnerability that allows an attacker to spoof a web page. This vulnerability was exploited in conjunction with CVE-2024-38112.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-43461 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-43461", "cwes": [ "CWE-451" ] }, { "cveID": "CVE-2024-8190", "vendorProject": "Ivanti", "product": "Cloud Services Appliance", "vulnerabilityName": "Ivanti Cloud Services Appliance OS Command Injection Vulnerability", "dateAdded": "2024-09-13", "shortDescription": "Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to the underlying OS.", "requiredAction": "As Ivanti CSA has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line of supported solutions, as future vulnerabilities on the 4.6.x version of CSA are unlikely to receive future security updates.", "dueDate": "2024-10-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/forums.ivanti.com\/s\/article\/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-8190", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2024-38217", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability", "dateAdded": "2024-09-10", "shortDescription": "Microsoft Windows Mark of the Web (MOTW) contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-38217; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38217", "cwes": [ "CWE-693" ] }, { "cveID": "CVE-2024-38014", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Installer Improper Privilege Management Vulnerability", "dateAdded": "2024-09-10", "shortDescription": "Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-38014; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38014", "cwes": [ "CWE-269" ] }, { "cveID": "CVE-2024-38226", "vendorProject": "Microsoft", "product": "Publisher", "vulnerabilityName": "Microsoft Publisher Protection Mechanism Failure Vulnerability", "dateAdded": "2024-09-10", "shortDescription": "Microsoft Publisher contains a protection mechanism failure vulnerability that allows attacker to bypass Office macro policies used to block untrusted or malicious files.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-10-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-38226; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38226", "cwes": [ "CWE-693" ] }, { "cveID": "CVE-2024-40766", "vendorProject": "SonicWall", "product": "SonicOS", "vulnerabilityName": "SonicWall SonicOS Improper Access Control Vulnerability", "dateAdded": "2024-09-09", "shortDescription": "SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the firewall to crash.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-30", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/psirt.global.sonicwall.com\/vuln-detail\/SNWLID-2024-0015; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-40766", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2017-1000253", "vendorProject": "Linux", "product": "Kernel", "vulnerabilityName": "Linux Kernel PIE Stack Buffer Corruption Vulnerability ", "dateAdded": "2024-09-09", "shortDescription": "Linux kernel contains a position-independent executable (PIE) stack buffer corruption vulnerability in load_elf_ binary() that allows a local attacker to escalate privileges. ", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-30", "knownRansomwareCampaignUse": "Known", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=a87938b2e246b81b4fb713edb371a9fa3c5c3c86; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-1000253", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2016-3714", "vendorProject": "ImageMagick", "product": "ImageMagick", "vulnerabilityName": "ImageMagick Improper Input Validation Vulnerability", "dateAdded": "2024-09-09", "shortDescription": "ImageMagick contains an improper input validation vulnerability that affects the EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW, WIN, and PLT coders. This allows a remote attacker to execute arbitrary code via shell metacharacters in a crafted image.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-30", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https:\/\/www.imagemagick.org\/discourse-server\/viewtopic.php?f=4&t=29588#p132726, https:\/\/imagemagick.org\/archive\/releases\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-3714", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2024-7262", "vendorProject": "Kingsoft", "product": "WPS Office", "vulnerabilityName": "Kingsoft WPS Office Path Traversal Vulnerability", "dateAdded": "2024-09-03", "shortDescription": "Kingsoft WPS Office contains a path traversal vulnerability in promecefpluginhost.exe on Windows that allows an attacker to load an arbitrary Windows library.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-24", "knownRansomwareCampaignUse": "Unknown", "notes": "While CISA cannot confirm the effectiveness of patches at this time, it is recommended that mitigations be applied per vendor instructions if available. If these instructions cannot be located or if mitigations are unavailable, discontinue the use of the product.; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-7262", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2021-20124", "vendorProject": "DrayTek", "product": "VigorConnect", "vulnerabilityName": "Draytek VigorConnect Path Traversal Vulnerability ", "dateAdded": "2024-09-03", "shortDescription": "Draytek VigorConnect contains a path traversal vulnerability in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.draytek.com\/about\/security-advisory\/vigorconnect-software-security-vulnerability-(cve-2021-20123-cve-2021-20129); https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-20124", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2021-20123", "vendorProject": "DrayTek", "product": "VigorConnect", "vulnerabilityName": "Draytek VigorConnect Path Traversal Vulnerability ", "dateAdded": "2024-09-03", "shortDescription": "Draytek VigorConnect contains a path traversal vulnerability in the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges. ", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.draytek.com\/about\/security-advisory\/vigorconnect-software-security-vulnerability-(cve-2021-20123-cve-2021-20129); https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-20123", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2024-7965", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Inappropriate Implementation Vulnerability", "dateAdded": "2024-08-28", "shortDescription": "Google Chromium V8 contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2024\/08\/stable-channel-update-for-desktop_21.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-7965", "cwes": [ "CWE-358" ] }, { "cveID": "CVE-2024-38856", "vendorProject": "Apache", "product": "OFBiz", "vulnerabilityName": "Apache OFBiz Incorrect Authorization Vulnerability", "dateAdded": "2024-08-27", "shortDescription": "Apache OFBiz contains an incorrect authorization vulnerability that could allow remote code execution via a Groovy payload in the context of the OFBiz user process by an unauthenticated attacker.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-17", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/lists.apache.org\/thread\/olxxjk6b13sl3wh9cmp0k2dscvp24l7w; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38856", "cwes": [ "CWE-863" ] }, { "cveID": "CVE-2024-7971", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", "dateAdded": "2024-08-26", "shortDescription": "Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-16", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2024\/08\/stable-channel-update-for-desktop_21.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-7971", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2024-39717", "vendorProject": "Versa", "product": "Director", "vulnerabilityName": "Versa Director Dangerous File Type Upload Vulnerability", "dateAdded": "2024-08-23", "shortDescription": "The Versa Director GUI contains an unrestricted upload of file with dangerous type vulnerability that allows administrators with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin privileges to customize the user interface. The \u201cChange Favicon\u201d (Favorite Icon) enables the upload of a .png file, which can be exploited to upload a malicious file with a .png extension disguised as an image.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/versa-networks.com\/blog\/versa-security-bulletin-update-on-cve-2024-39717-versa-director-dangerous-file-type-upload-vulnerability\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-39717", "cwes": [ "CWE-434" ] }, { "cveID": "CVE-2021-31196", "vendorProject": "Microsoft", "product": "Exchange Server", "vulnerabilityName": "Microsoft Exchange Server Information Disclosure Vulnerability", "dateAdded": "2024-08-21", "shortDescription": "Microsoft Exchange Server contains an information disclosure vulnerability that allows for remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-11", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2021-31196; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-31196", "cwes": [] }, { "cveID": "CVE-2022-0185", "vendorProject": "Linux", "product": "Kernel", "vulnerabilityName": "Linux Kernel Heap-Based Buffer Overflow Vulnerability", "dateAdded": "2024-08-21", "shortDescription": "Linux kernel contains a heap-based buffer overflow vulnerability in the legacy_parse_param function in the Filesystem Context functionality. This allows an attacker to open a filesystem that does not support the Filesystem Context API and ultimately escalate privileges.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "dueDate": "2024-09-11", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit?id=722d94847de2; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-0185", "cwes": [ "CWE-190" ] }, { "cveID": "CVE-2021-33045", "vendorProject": "Dahua", "product": "IP Camera Firmware", "vulnerabilityName": "Dahua IP Camera Authentication Bypass Vulnerability", "dateAdded": "2024-08-21", "shortDescription": "Dahua IP cameras and related products contain an authentication bypass vulnerability when the loopback device is specified by the client during authentication.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-11", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.dahuasecurity.com\/aboutUs\/trustedCenter\/details\/582; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-33045", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2021-33044", "vendorProject": "Dahua", "product": "IP Camera Firmware", "vulnerabilityName": "Dahua IP Camera Authentication Bypass Vulnerability", "dateAdded": "2024-08-21", "shortDescription": "Dahua IP cameras and related products contain an authentication bypass vulnerability when the NetKeyboard type argument is specified by the client during authentication.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-11", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.dahuasecurity.com\/aboutUs\/trustedCenter\/details\/582; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-33044", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2024-23897", "vendorProject": "Jenkins", "product": "Jenkins Command Line Interface (CLI)", "vulnerabilityName": "Jenkins Command Line Interface (CLI) Path Traversal Vulnerability", "dateAdded": "2024-08-19", "shortDescription": "Jenkins Command Line Interface (CLI) contains a path traversal vulnerability that allows attackers limited read access to certain files, which can lead to code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-09", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.jenkins.io\/security\/advisory\/2024-01-24\/#SECURITY-3314; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-23897", "cwes": [ "CWE-27" ] }, { "cveID": "CVE-2024-28986", "vendorProject": "SolarWinds", "product": "Web Help Desk", "vulnerabilityName": "SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability", "dateAdded": "2024-08-15", "shortDescription": "SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could allow for remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.solarwinds.com\/trust-center\/security-advisories\/cve-2024-28986; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-28986", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2024-38107", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability", "dateAdded": "2024-08-13", "shortDescription": "Microsoft Windows Power Dependency Coordinator contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to obtain SYSTEM privileges.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-38107; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38107", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2024-38106", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", "dateAdded": "2024-08-13", "shortDescription": "Microsoft Windows Kernel contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. Successful exploitation of this vulnerability requires an attacker to win a race condition.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-38106; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38106", "cwes": [ "CWE-591" ] }, { "cveID": "CVE-2024-38193", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability", "dateAdded": "2024-08-13", "shortDescription": "Microsoft Windows Ancillary Function Driver for WinSock contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-38193; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38193", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2024-38213", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows SmartScreen Security Feature Bypass Vulnerability", "dateAdded": "2024-08-13", "shortDescription": "Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience via a malicious file.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-38213; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38213", "cwes": [ "CWE-693" ] }, { "cveID": "CVE-2024-38178", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Scripting Engine Memory Corruption Vulnerability", "dateAdded": "2024-08-13", "shortDescription": "Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to initiate remote code execution via a specially crafted URL.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-38178; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38178", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2024-38189", "vendorProject": "Microsoft", "product": "Project", "vulnerabilityName": "Microsoft Project Remote Code Execution Vulnerability ", "dateAdded": "2024-08-13", "shortDescription": "Microsoft Project contains an unspecified vulnerability that allows for remote code execution via a malicious file.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-38189; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38189", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2024-32113", "vendorProject": "Apache", "product": "OFBiz", "vulnerabilityName": "Apache OFBiz Path Traversal Vulnerability", "dateAdded": "2024-08-07", "shortDescription": "Apache OFBiz contains a path traversal vulnerability that could allow for remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-08-28", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/lists.apache.org\/thread\/w6s60okgkxp2th1sr8vx0ndmgk68fqrd; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-32113", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2024-36971", "vendorProject": "Android", "product": "Kernel", "vulnerabilityName": "Android Kernel Remote Code Execution Vulnerability", "dateAdded": "2024-08-07", "shortDescription": "Android contains an unspecified vulnerability in the kernel that allows for remote code execution. This vulnerability resides in Linux Kernel and could impact other products, including but not limited to Android OS.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-08-28", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/source.android.com\/docs\/security\/bulletin\/2024-08-01, https:\/\/lore.kernel.org\/linux-cve-announce\/20240610090330.1347021-2-lee@kernel.org\/T\/#u ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-36971", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2018-0824", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability", "dateAdded": "2024-08-05", "shortDescription": "Microsoft COM for Windows contains a deserialization of untrusted data vulnerability that allows for privilege escalation and remote code execution via a specially crafted file or script.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-08-26", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2018-0824; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0824", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2024-37085", "vendorProject": "VMware", "product": "ESXi", "vulnerabilityName": "VMware ESXi Authentication Bypass Vulnerability", "dateAdded": "2024-07-30", "shortDescription": "VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-08-20", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/support.broadcom.com\/web\/ecx\/support-content-notification\/-\/external\/content\/SecurityAdvisories\/0\/24505; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-37085", "cwes": [ "CWE-305" ] }, { "cveID": "CVE-2023-45249", "vendorProject": "Acronis", "product": "Cyber Infrastructure (ACI)", "vulnerabilityName": "Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability", "dateAdded": "2024-07-29", "shortDescription": "Acronis Cyber Infrastructure (ACI) allows an unauthenticated user to execute commands remotely due to the use of default passwords.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-08-19", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security-advisory.acronis.com\/advisories\/SEC-6452; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-45249", "cwes": [ "CWE-1393" ] }, { "cveID": "CVE-2024-5217", "vendorProject": "ServiceNow", "product": "Utah, Vancouver, and Washington DC Now", "vulnerabilityName": "ServiceNow Incomplete List of Disallowed Inputs Vulnerability", "dateAdded": "2024-07-29", "shortDescription": "ServiceNow Washington DC, Vancouver, and earlier Now Platform releases contain an incomplete list of disallowed inputs vulnerability in the GlideExpression script. An unauthenticated user could exploit this vulnerability to execute code remotely.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-08-19", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.servicenow.com\/kb?id=kb_article_view&sysparm_article=KB1648313; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-5217", "cwes": [ "CWE-184" ] }, { "cveID": "CVE-2024-4879", "vendorProject": "ServiceNow", "product": "Utah, Vancouver, and Washington DC Now", "vulnerabilityName": "ServiceNow Improper Input Validation Vulnerability", "dateAdded": "2024-07-29", "shortDescription": "ServiceNow Utah, Vancouver, and Washington DC Now releases contain a jelly template injection vulnerability in UI macros. An unauthenticated user could exploit this vulnerability to execute code remotely. ", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-08-19", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.servicenow.com\/kb?id=kb_article_view&sysparm_article=KB1645154; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-4879", "cwes": [ "CWE-1287" ] }, { "cveID": "CVE-2024-39891", "vendorProject": "Twilio", "product": "Authy", "vulnerabilityName": "Twilio Authy Information Disclosure Vulnerability", "dateAdded": "2024-07-23", "shortDescription": "Twilio Authy contains an information disclosure vulnerability in its API that allows an unauthenticated endpoint to accept a request containing a phone number and respond with information about whether the phone number was registered with Authy.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-08-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.twilio.com\/en-us\/changelog\/Security_Alert_Authy_App_Android_iOS; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-39891", "cwes": [ "CWE-203" ] }, { "cveID": "CVE-2012-4792", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Use-After-Free Vulnerability", "dateAdded": "2024-07-23", "shortDescription": "Microsoft Internet Explorer contains a use-after-free vulnerability that allows a remote attacker to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2024-08-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/learn.microsoft.com\/en-us\/lifecycle\/products\/internet-explorer-11; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-4792", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2022-22948", "vendorProject": "VMware", "product": "vCenter Server", "vulnerabilityName": "VMware vCenter Server Incorrect Default File Permissions Vulnerability ", "dateAdded": "2024-07-17", "shortDescription": "VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensitive information.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-08-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.vmware.com\/security\/advisories\/VMSA-2022-0009.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22948", "cwes": [ "CWE-276" ] }, { "cveID": "CVE-2024-28995", "vendorProject": "SolarWinds", "product": "Serv-U", "vulnerabilityName": "SolarWinds Serv-U Path Traversal Vulnerability ", "dateAdded": "2024-07-17", "shortDescription": "SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the host machine.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-08-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.solarwinds.com\/trust-center\/security-advisories\/cve-2024-28995; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-28995", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2024-34102", "vendorProject": "Adobe", "product": "Commerce and Magento Open Source", "vulnerabilityName": "Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability", "dateAdded": "2024-07-17", "shortDescription": "Adobe Commerce and Magento Open Source contain an improper restriction of XML external entity reference (XXE) vulnerability that allows for remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-08-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/helpx.adobe.com\/security\/products\/magento\/apsb24-40.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-34102", "cwes": [ "CWE-611" ] }, { "cveID": "CVE-2024-36401", "vendorProject": "OSGeo", "product": "GeoServer", "vulnerabilityName": "OSGeo GeoServer GeoTools Eval Injection Vulnerability", "dateAdded": "2024-07-15", "shortDescription": "OSGeo GeoServer GeoTools contains an improper neutralization of directives in dynamically evaluated code vulnerability due to unsafely evaluating property names as XPath expressions. This allows unauthenticated attackers to conduct remote code execution via specially crafted input.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-08-05", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects an open-source component, third-party library, or a protocol used by different products. For more information, please see: https:\/\/github.com\/geoserver\/geoserver\/security\/advisories\/GHSA-6jj6-gm7p-fcvv, https:\/\/github.com\/geotools\/geotools\/pull\/4797 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-36401", "cwes": [ "CWE-95" ] }, { "cveID": "CVE-2024-23692", "vendorProject": "Rejetto", "product": "HTTP File Server", "vulnerabilityName": "Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability", "dateAdded": "2024-07-09", "shortDescription": "Rejetto HTTP File Server contains an improper neutralization of special elements used in a template engine vulnerability. This allows a remote, unauthenticated attacker to execute commands on the affected system by sending a specially crafted HTTP request.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-07-30", "knownRansomwareCampaignUse": "Unknown", "notes": "The patched Rejetto HTTP File Server (HFS) is version 3: https:\/\/github.com\/rejetto\/hfs?tab=readme-ov-file#installation, https:\/\/www.rejetto.com\/hfs\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-23692", "cwes": [ "CWE-1336" ] }, { "cveID": "CVE-2024-38080", "vendorProject": "Microsoft", "product": "Windows ", "vulnerabilityName": "Microsoft Windows Hyper-V Privilege Escalation Vulnerability", "dateAdded": "2024-07-09", "shortDescription": "Microsoft Windows Hyper-V contains a privilege escalation vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-07-30", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-38080; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38080", "cwes": [ "CWE-190" ] }, { "cveID": "CVE-2024-38112", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows MSHTML Platform Spoofing Vulnerability", "dateAdded": "2024-07-09", "shortDescription": "Microsoft Windows MSHTML Platform contains a spoofing vulnerability that has a high impact to confidentiality, integrity, and availability.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-07-30", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-38112; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38112", "cwes": [ "CWE-451" ] }, { "cveID": "CVE-2024-20399", "vendorProject": "Cisco", "product": "NX-OS", "vulnerabilityName": "Cisco NX-OS Command Injection Vulnerability", "dateAdded": "2024-07-02", "shortDescription": "Cisco NX-OS contains a command injection vulnerability in the command line interface (CLI) that could allow an authenticated, local attacker to execute commands as root on the underlying operating system of an affected device.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-07-23", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-nxos-cmd-injection-xD9OhyOP; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-20399", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2020-13965", "vendorProject": "Roundcube", "product": "Webmail", "vulnerabilityName": "Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability", "dateAdded": "2024-06-26", "shortDescription": "Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows a remote attacker to manipulate data via a malicious XML attachment.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-07-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/roundcube.net\/news\/2020\/06\/02\/security-updates-1.4.5-and-1.3.12; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-13965", "cwes": [ "CWE-80" ] }, { "cveID": "CVE-2022-2586", "vendorProject": "Linux", "product": "Kernel", "vulnerabilityName": "Linux Kernel Use-After-Free Vulnerability", "dateAdded": "2024-06-26", "shortDescription": "Linux Kernel contains a use-after-free vulnerability in the nft_object, allowing local attackers to escalate privileges. ", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "dueDate": "2024-07-17", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https:\/\/seclists.org\/oss-sec\/2022\/q3\/131; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-2586", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2022-24816", "vendorProject": "OSGeo", "product": "JAI-EXT", "vulnerabilityName": "OSGeo GeoServer JAI-EXT Code Injection Vulnerability", "dateAdded": "2024-06-26", "shortDescription": "OSGeo GeoServer JAI-EXT contains a code injection vulnerability that, when programs use jt-jiffle and allow Jiffle script to be provided via network request, could allow remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-07-17", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. The patched JAI-EXT is version 1.1.22: https:\/\/github.com\/geosolutions-it\/jai-ext\/releases\/tag\/1.1.22, https:\/\/github.com\/geosolutions-it\/jai-ext\/security\/advisories\/GHSA-v92f-jx6p-73rx; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-24816", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2024-4358", "vendorProject": "Progress", "product": "Telerik Report Server", "vulnerabilityName": "Progress Telerik Report Server Authentication Bypass by Spoofing Vulnerability", "dateAdded": "2024-06-13", "shortDescription": "Progress Telerik Report Server contains an authorization bypass by spoofing vulnerability that allows an attacker to obtain unauthorized access.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-07-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/docs.telerik.com\/report-server\/knowledge-base\/registration-auth-bypass-cve-2024-4358; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-4358", "cwes": [ "CWE-290" ] }, { "cveID": "CVE-2024-26169", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability", "dateAdded": "2024-06-13", "shortDescription": "Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "dueDate": "2024-07-04", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-26169; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-26169", "cwes": [ "CWE-269" ] }, { "cveID": "CVE-2024-32896", "vendorProject": "Android", "product": "Pixel", "vulnerabilityName": "Android Pixel Privilege Escalation Vulnerability", "dateAdded": "2024-06-13", "shortDescription": "Android Pixel contains an unspecified vulnerability in the firmware that allows for privilege escalation.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-07-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/source.android.com\/docs\/security\/bulletin\/pixel\/2024-06-01; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-32896", "cwes": [ "CWE-783" ] }, { "cveID": "CVE-2024-4577", "vendorProject": "PHP Group", "product": "PHP", "vulnerabilityName": "PHP-CGI OS Command Injection Vulnerability", "dateAdded": "2024-06-12", "shortDescription": "PHP, specifically Windows-based PHP used in CGI mode, contains an OS command injection vulnerability that allows for arbitrary code execution. This vulnerability is a patch bypass for CVE-2012-1823.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-07-03", "knownRansomwareCampaignUse": "Known", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/www.php.net\/ChangeLog-8.php#; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-4577", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2024-4610", "vendorProject": "Arm", "product": "Mali GPU Kernel Driver", "vulnerabilityName": "Arm Mali GPU Kernel Driver Use-After-Free Vulnerability", "dateAdded": "2024-06-12", "shortDescription": "Arm Bifrost and Valhall GPU kernel drivers contain a use-after-free vulnerability that allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-07-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/developer.arm.com\/Arm%20Security%20Center\/Mali%20GPU%20Driver%20Vulnerabilities; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-4610", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2017-3506", "vendorProject": "Oracle", "product": "WebLogic Server", "vulnerabilityName": "Oracle WebLogic Server OS Command Injection Vulnerability", "dateAdded": "2024-06-03", "shortDescription": "Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an OS command injection vulnerability that allows an attacker to execute arbitrary code via a specially crafted HTTP request that includes a malicious XML document.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-06-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.oracle.com\/security-alerts\/cpuapr2017.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-3506", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2024-1086", "vendorProject": "Linux", "product": "Kernel", "vulnerabilityName": "Linux Kernel Use-After-Free Vulnerability", "dateAdded": "2024-05-30", "shortDescription": "Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-06-20", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=f342de4e2f33e0e39165d8639387aa6c19dff660; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-1086", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2024-24919", "vendorProject": "Check Point", "product": "Quantum Security Gateways", "vulnerabilityName": "Check Point Quantum Security Gateways Information Disclosure Vulnerability", "dateAdded": "2024-05-30", "shortDescription": "Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability potentially allows an attacker to access information on Gateways connected to the internet, with IPSec VPN, Remote Access VPN or Mobile Access enabled. This issue affects several product lines from Check Point, including CloudGuard Network, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark Appliances.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-06-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.checkpoint.com\/results\/sk\/sk182336; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-24919", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2024-4978", "vendorProject": "Justice AV Solutions", "product": "Viewer ", "vulnerabilityName": "Justice AV Solutions (JAVS) Viewer Installer Embedded Malicious Code Vulnerability", "dateAdded": "2024-05-29", "shortDescription": "Justice AV Solutions (JAVS) Viewer installer contains a malicious version of ffmpeg.exe, named fffmpeg.exe (SHA256: 421a4ad2615941b177b6ec4ab5e239c14e62af2ab07c6df1741e2a62223223c4). When run, this creates a backdoor connection to a malicious C2 server.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-06-19", "knownRansomwareCampaignUse": "Unknown", "notes": "Please follow the vendor\u2019s instructions as outlined in the public statements at https:\/\/www.rapid7.com\/blog\/post\/2024\/05\/23\/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack#remediation and https:\/\/www.javs.com\/downloads; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-4978", "cwes": [ "CWE-506" ] }, { "cveID": "CVE-2024-5274", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", "dateAdded": "2024-05-28", "shortDescription": "Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-06-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2024\/05\/stable-channel-update-for-desktop_23.html?m=1; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-5274", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2020-17519", "vendorProject": "Apache", "product": "Flink", "vulnerabilityName": "Apache Flink Improper Access Control Vulnerability", "dateAdded": "2024-05-23", "shortDescription": "Apache Flink contains an improper access control vulnerability that allows an attacker to read any file on the local filesystem of the JobManager through its REST interface.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/lists.apache.org\/thread\/typ0h03zyfrzjqlnb7plh64df1g2383d; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-17519", "cwes": [ "CWE-552" ] }, { "cveID": "CVE-2024-4947", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", "dateAdded": "2024-05-20", "shortDescription": "Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-06-10", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2024\/05\/stable-channel-update-for-desktop_15.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-4947", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2023-43208", "vendorProject": "NextGen Healthcare", "product": "Mirth Connect", "vulnerabilityName": "NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability", "dateAdded": "2024-05-20", "shortDescription": "NextGen Healthcare Mirth Connect contains a deserialization of untrusted data vulnerability that allows for unauthenticated remote code execution via a specially crafted request.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-06-10", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/github.com\/nextgenhealthcare\/connect\/wiki\/4.4.1---What%27s-New ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-43208", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2024-4761", "vendorProject": "Google", "product": "Chromium Visuals", "vulnerabilityName": "Google Chromium V8 Out-of-Bounds Memory Write Vulnerability", "dateAdded": "2024-05-16", "shortDescription": "Google Chromium V8 Engine contains an unspecified out-of-bounds memory write vulnerability via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. ", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-06-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2024\/05\/stable-channel-update-for-desktop_13.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-4761", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2021-40655", "vendorProject": "D-Link", "product": "DIR-605 Router", "vulnerabilityName": "D-Link DIR-605 Router Information Disclosure Vulnerability", "dateAdded": "2024-05-16", "shortDescription": "D-Link DIR-605 routers contain an information disclosure vulnerability that allows attackers to obtain a username and password by forging a post request to the \/getcfg.php page. ", "requiredAction": "This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.", "dueDate": "2024-06-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/legacy.us.dlink.com\/pages\/product.aspx?id=2b09e95d90ff4cb38830ecc04c89cee5; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-40655", "cwes": [ "CWE-863" ] }, { "cveID": "CVE-2014-100005", "vendorProject": "D-Link", "product": "DIR-600 Router", "vulnerabilityName": "D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability", "dateAdded": "2024-05-16", "shortDescription": "D-Link DIR-600 routers contain a cross-site request forgery (CSRF) vulnerability that allows an attacker to change router configurations by hijacking an existing administrator session.", "requiredAction": "This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.", "dueDate": "2024-06-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/legacy.us.dlink.com\/pages\/product.aspx?id=4587b63118524aec911191cc81605283; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-100005", "cwes": [ "CWE-352" ] }, { "cveID": "CVE-2024-30040", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability", "dateAdded": "2024-05-14", "shortDescription": "Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for a security feature bypass.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-06-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-30040; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-30040", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2024-30051", "vendorProject": "Microsoft", "product": "DWM Core Library", "vulnerabilityName": " Microsoft DWM Core Library Privilege Escalation Vulnerability", "dateAdded": "2024-05-14", "shortDescription": "Microsoft DWM Core Library contains a privilege escalation vulnerability that allows an attacker to gain SYSTEM privileges.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-06-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-30051; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-30051", "cwes": [ "CWE-122" ] }, { "cveID": "CVE-2024-4671", "vendorProject": "Google", "product": "Chromium", "vulnerabilityName": "Google Chromium Visuals Use-After-Free Vulnerability", "dateAdded": "2024-05-13", "shortDescription": "Google Chromium Visuals contains a use-after-free vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-06-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2024\/05\/stable-channel-update-for-desktop_9.html?m=1; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-4671", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2023-7028", "vendorProject": "GitLab", "product": "GitLab CE\/EE", "vulnerabilityName": "GitLab Community and Enterprise Editions Improper Access Control Vulnerability", "dateAdded": "2024-05-01", "shortDescription": "GitLab Community and Enterprise Editions contain an improper access control vulnerability. This allows an attacker to trigger password reset emails to be sent to an unverified email address to ultimately facilitate an account takeover.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-05-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/about.gitlab.com\/releases\/2024\/01\/11\/critical-security-release-gitlab-16-7-2-released\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-7028", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2024-29988", "vendorProject": "Microsoft", "product": "SmartScreen Prompt", "vulnerabilityName": "Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability", "dateAdded": "2024-04-30", "shortDescription": "Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web (MotW) feature. This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-05-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-29988; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-29988", "cwes": [ "CWE-693" ] }, { "cveID": "CVE-2024-4040", "vendorProject": "CrushFTP", "product": "CrushFTP", "vulnerabilityName": "CrushFTP VFS Sandbox Escape Vulnerability", "dateAdded": "2024-04-24", "shortDescription": "CrushFTP contains an unspecified sandbox escape vulnerability that allows a remote attacker to escape the CrushFTP virtual file system (VFS).", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-05-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.crushftp.com\/crush11wiki\/Wiki.jsp?page=Update&version=34; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-4040", "cwes": [ "CWE-1336" ] }, { "cveID": "CVE-2024-20359", "vendorProject": "Cisco", "product": "Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)", "vulnerabilityName": "Cisco ASA and FTD Privilege Escalation Vulnerability", "dateAdded": "2024-04-24", "shortDescription": "Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability that can allow local privilege escalation from Administrator to root.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-05-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-asaftd-persist-rce-FLsNXF4h; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-20359", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2024-20353", "vendorProject": "Cisco", "product": "Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)", "vulnerabilityName": "Cisco ASA and FTD Denial of Service Vulnerability", "dateAdded": "2024-04-24", "shortDescription": "Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that can lead to remote denial of service condition.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-05-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-asaftd-websrvs-dos-X8gNucD2; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-20353", "cwes": [ "CWE-835" ] }, { "cveID": "CVE-2022-38028", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Print Spooler Privilege Escalation Vulnerability ", "dateAdded": "2024-04-23", "shortDescription": "Microsoft Windows Print Spooler service contains a privilege escalation vulnerability. An attacker may modify a JavaScript constraints file and execute it with SYSTEM-level permissions.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. ", "dueDate": "2024-05-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-38028; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-38028", "cwes": [] }, { "cveID": "CVE-2024-3400", "vendorProject": "Palo Alto Networks", "product": "PAN-OS", "vulnerabilityName": "Palo Alto Networks PAN-OS Command Injection Vulnerability", "dateAdded": "2024-04-12", "shortDescription": "Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the firewall.", "requiredAction": "Apply mitigations per vendor instructions as they become available. Otherwise, users with vulnerable versions of affected devices should enable Threat Prevention IDs available from the vendor. See the vendor bulletin for more details and a patch release schedule.", "dueDate": "2024-04-19", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.paloaltonetworks.com\/CVE-2024-3400 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-3400", "cwes": [ "CWE-20", "CWE-77" ] }, { "cveID": "CVE-2024-3273", "vendorProject": "D-Link", "product": "Multiple NAS Devices", "vulnerabilityName": "D-Link Multiple NAS Devices Command Injection Vulnerability", "dateAdded": "2024-04-11", "shortDescription": "D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contain a command injection vulnerability. When combined with CVE-2024-3272, this can lead to remote, unauthorized code execution.", "requiredAction": "This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.", "dueDate": "2024-05-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/supportannouncement.us.dlink.com\/security\/publication.aspx?name=SAP10383; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-3273", "cwes": [ "CWE-77" ] }, { "cveID": "CVE-2024-3272", "vendorProject": "D-Link", "product": "Multiple NAS Devices", "vulnerabilityName": "D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability", "dateAdded": "2024-04-11", "shortDescription": "D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contains a hard-coded credential that allows an attacker to conduct authenticated command injection, leading to remote, unauthorized code execution.", "requiredAction": "This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.", "dueDate": "2024-05-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/supportannouncement.us.dlink.com\/security\/publication.aspx?name=SAP10383; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-3272", "cwes": [ "CWE-798" ] }, { "cveID": "CVE-2024-29748", "vendorProject": "Android", "product": "Pixel", "vulnerabilityName": "Android Pixel Privilege Escalation Vulnerability", "dateAdded": "2024-04-04", "shortDescription": "Android Pixel contains a privilege escalation vulnerability that allows an attacker to interrupt a factory reset triggered by a device admin app.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-04-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/source.android.com\/docs\/security\/bulletin\/pixel\/2024-04-01; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-29748", "cwes": [ "CWE-280" ] }, { "cveID": "CVE-2024-29745", "vendorProject": "Android", "product": "Pixel", "vulnerabilityName": "Android Pixel Information Disclosure Vulnerability", "dateAdded": "2024-04-04", "shortDescription": "Android Pixel contains an information disclosure vulnerability in the fastboot firmware used to support unlocking, flashing, and locking affected devices.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-04-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/source.android.com\/docs\/security\/bulletin\/pixel\/2024-04-01 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-29745", "cwes": [ "CWE-908" ] }, { "cveID": "CVE-2023-24955", "vendorProject": "Microsoft", "product": "SharePoint Server", "vulnerabilityName": "Microsoft SharePoint Server Code Injection Vulnerability", "dateAdded": "2024-03-26", "shortDescription": "Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code remotely.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-04-16", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-24955; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-24955", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2019-7256", "vendorProject": "Nice", "product": "Linear eMerge E3-Series", "vulnerabilityName": "Nice Linear eMerge E3-Series OS Command Injection Vulnerability", "dateAdded": "2024-03-25", "shortDescription": "Nice Linear eMerge E3-Series contains an OS command injection vulnerability that allows an attacker to conduct remote code execution.", "requiredAction": "Contact the vendor for guidance on remediating firmware, per their advisory.", "dueDate": "2024-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/linear-solutions.com\/wp-content\/uploads\/E3-Bulletin-06-27-2023.pdf, https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-065-01; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-7256", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2021-44529", "vendorProject": "Ivanti", "product": "Endpoint Manager Cloud Service Appliance (EPM CSA)", "vulnerabilityName": "Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability ", "dateAdded": "2024-03-25", "shortDescription": "Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody).", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/forums.ivanti.com\/s\/article\/SA-2021-12-02?language=en_US; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-44529", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2023-48788", "vendorProject": "Fortinet", "product": "FortiClient EMS", "vulnerabilityName": "Fortinet FortiClient EMS SQL Injection Vulnerability", "dateAdded": "2024-03-25", "shortDescription": "Fortinet FortiClient EMS contains a SQL injection vulnerability that allows an unauthenticated attacker to execute commands as SYSTEM via specifically crafted requests.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-04-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.fortiguard.com\/psirt\/FG-IR-24-007; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-48788", "cwes": [ "CWE-89" ] }, { "cveID": "CVE-2024-27198", "vendorProject": "JetBrains", "product": "TeamCity", "vulnerabilityName": "JetBrains TeamCity Authentication Bypass Vulnerability", "dateAdded": "2024-03-07", "shortDescription": "JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-03-28", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.jetbrains.com\/help\/teamcity\/teamcity-2023-11-4-release-notes.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-27198", "cwes": [ "CWE-288" ] }, { "cveID": "CVE-2024-23225", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability", "dateAdded": "2024-03-06", "shortDescription": "Apple iOS, iPadOS, macOS, tvOS, watchOS, and visionOS kernel contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-03-27", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT214081, https:\/\/support.apple.com\/en-us\/HT214082, https:\/\/support.apple.com\/en-us\/HT214083, https:\/\/support.apple.com\/en-us\/HT214084, https:\/\/support.apple.com\/en-us\/HT214085, https:\/\/support.apple.com\/en-us\/HT214086, https:\/\/support.apple.com\/en-us\/HT214087, https:\/\/support.apple.com\/en-us\/HT214088 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-23225", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2024-23296", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability", "dateAdded": "2024-03-06", "shortDescription": "Apple iOS, iPadOS, macOS, tvOS, and watchOS RTKit contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-03-27", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT214081, https:\/\/support.apple.com\/en-us\/HT214082, https:\/\/support.apple.com\/en-us\/HT214084, https:\/\/support.apple.com\/en-us\/HT214086, https:\/\/support.apple.com\/en-us\/HT214088 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-23296", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2023-21237", "vendorProject": "Android", "product": "Pixel", "vulnerabilityName": "Android Pixel Information Disclosure Vulnerability ", "dateAdded": "2024-03-05", "shortDescription": "Android Pixel contains a vulnerability in the Framework component, where the UI may be misleading or insufficient, providing a means to hide a foreground service notification. This could enable a local attacker to disclose sensitive information.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-03-26", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/source.android.com\/docs\/security\/bulletin\/pixel\/2023-06-01; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-21237", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2021-36380", "vendorProject": "Sunhillo", "product": "SureLine", "vulnerabilityName": "Sunhillo SureLine OS Command Injection Vulnerablity", "dateAdded": "2024-03-05", "shortDescription": "Sunhillo SureLine contains an OS command injection vulnerability that allows an attacker to cause a denial-of-service or utilize the device for persistence on the network via shell metacharacters in ipAddr or dnsAddr in \/cgi\/networkDiag.cgi.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-03-26", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.sunhillo.com\/fb011\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-36380", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2024-21338", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability", "dateAdded": "2024-03-04", "shortDescription": "Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-03-25", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-21338; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-21338", "cwes": [ "CWE-822" ] }, { "cveID": "CVE-2023-29360", "vendorProject": "Microsoft", "product": "Streaming Service", "vulnerabilityName": "Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability", "dateAdded": "2024-02-29", "shortDescription": "Microsoft Streaming Service contains an untrusted pointer dereference vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-03-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-29360 ;https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-29360", "cwes": [ "CWE-822" ] }, { "cveID": "CVE-2024-1709", "vendorProject": "ConnectWise", "product": "ScreenConnect", "vulnerabilityName": "ConnectWise ScreenConnect Authentication Bypass Vulnerability", "dateAdded": "2024-02-22", "shortDescription": "ConnectWise ScreenConnect contains an authentication bypass vulnerability that allows an attacker with network access to the management interface to create a new, administrator-level account on affected devices.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-02-29", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.connectwise.com\/company\/trust\/security-bulletins\/connectwise-screenconnect-23.9.8; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-1709", "cwes": [ "CWE-288" ] }, { "cveID": "CVE-2020-3259", "vendorProject": "Cisco", "product": "Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)", "vulnerabilityName": "Cisco ASA and FTD Information Disclosure Vulnerability", "dateAdded": "2024-02-15", "shortDescription": "Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an information disclosure vulnerability. An attacker could retrieve memory contents on an affected device, which could lead to the disclosure of confidential information due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. This vulnerability affects only specific AnyConnect and WebVPN configurations.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-03-07", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-asaftd-info-disclose-9eJtycMB; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-3259", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2024-21410", "vendorProject": "Microsoft", "product": "Exchange Server", "vulnerabilityName": "Microsoft Exchange Server Privilege Escalation Vulnerability", "dateAdded": "2024-02-15", "shortDescription": "Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-03-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-21410; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-21410", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2024-21412", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability", "dateAdded": "2024-02-13", "shortDescription": "Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypass.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-03-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-21412; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-21412", "cwes": [ "CWE-693" ] }, { "cveID": "CVE-2024-21351", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows SmartScreen Security Feature Bypass Vulnerability", "dateAdded": "2024-02-13", "shortDescription": "Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience and inject code to potentially gain code execution, which could lead to some data exposure, lack of system availability, or both.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-03-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-21351; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-21351", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2023-43770", "vendorProject": "Roundcube", "product": "Webmail", "vulnerabilityName": "Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability", "dateAdded": "2024-02-12", "shortDescription": "Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that can lead to information disclosure via malicious link references in plain\/text messages.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-03-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/roundcube.net\/news\/2023\/09\/15\/security-update-1.6.3-released ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-43770", "cwes": [ "CWE-79" ] }, { "cveID": "CVE-2024-21762", "vendorProject": "Fortinet", "product": "FortiOS", "vulnerabilityName": "Fortinet FortiOS Out-of-Bound Write Vulnerability", "dateAdded": "2024-02-09", "shortDescription": "Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute code or commands via specially crafted HTTP requests.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-02-16", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/fortiguard.fortinet.com\/psirt\/FG-IR-24-015 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-21762", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2023-4762", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", "dateAdded": "2024-02-06", "shortDescription": "Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-02-27", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2023\/09\/stable-channel-update-for-desktop.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-4762", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2022-48618", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability", "dateAdded": "2024-01-31", "shortDescription": "Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a time-of-check\/time-of-use (TOCTOU) memory corruption vulnerability that allows an attacker with read and write capabilities to bypass Pointer Authentication.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-02-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213530, https:\/\/support.apple.com\/en-us\/HT213532, https:\/\/support.apple.com\/en-us\/HT213535, https:\/\/support.apple.com\/en-us\/HT213536; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-48618", "cwes": [ "CWE-367" ] }, { "cveID": "CVE-2024-21893", "vendorProject": "Ivanti", "product": "Connect Secure, Policy Secure, and Neurons", "vulnerabilityName": "Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability", "dateAdded": "2024-01-31", "shortDescription": "Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons contain a server-side request forgery (SSRF) vulnerability in the SAML component that allows an attacker to access certain restricted resources without authentication.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-02-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/forums.ivanti.com\/s\/article\/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-21893", "cwes": [ "CWE-918" ] }, { "cveID": "CVE-2023-22527", "vendorProject": "Atlassian", "product": "Confluence Data Center and Server", "vulnerabilityName": "Atlassian Confluence Data Center and Server Template Injection Vulnerability", "dateAdded": "2024-01-24", "shortDescription": "Atlassian Confluence Data Center and Server contain an unauthenticated OGNL template injection vulnerability that can lead to remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-02-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/confluence.atlassian.com\/security\/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-22527", "cwes": [ "CWE-74" ] }, { "cveID": "CVE-2024-23222", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products WebKit Type Confusion Vulnerability", "dateAdded": "2024-01-23", "shortDescription": "Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-02-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT214055, https:\/\/support.apple.com\/en-us\/HT214056, https:\/\/support.apple.com\/en-us\/HT214057, https:\/\/support.apple.com\/en-us\/HT214058, https:\/\/support.apple.com\/en-us\/HT214059, https:\/\/support.apple.com\/en-us\/HT214061, https:\/\/support.apple.com\/en-us\/HT214063 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-23222", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2023-34048", "vendorProject": "VMware", "product": "vCenter Server", "vulnerabilityName": "VMware vCenter Server Out-of-Bounds Write Vulnerability", "dateAdded": "2024-01-22", "shortDescription": "VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol that allows an attacker to conduct remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-02-12", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.vmware.com\/security\/advisories\/VMSA-2023-0023.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-34048", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2023-35082", "vendorProject": "Ivanti", "product": "Endpoint Manager Mobile (EPMM) and MobileIron Core", "vulnerabilityName": "Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability", "dateAdded": "2024-01-18", "shortDescription": "Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core contain an authentication bypass vulnerability that allows unauthorized users to access restricted functionality or resources of the application.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-02-08", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/forums.ivanti.com\/s\/article\/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-35082", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2024-0519", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Out-of-Bounds Memory Access Vulnerability", "dateAdded": "2024-01-17", "shortDescription": "Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-02-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2024\/01\/stable-channel-update-for-desktop_16.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-0519", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2023-6549", "vendorProject": "Citrix", "product": "NetScaler ADC and NetScaler Gateway", "vulnerabilityName": "Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability", "dateAdded": "2024-01-17", "shortDescription": "Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for a denial-of-service when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-02-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.citrix.com\/article\/CTX584986\/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20236548-and-cve20236549; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-6549", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2023-6548", "vendorProject": "Citrix", "product": "NetScaler ADC and NetScaler Gateway", "vulnerabilityName": "Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability", "dateAdded": "2024-01-17", "shortDescription": "Citrix NetScaler ADC and NetScaler Gateway contain a code injection vulnerability that allows for authenticated remote code execution on the management interface with access to NSIP, CLIP, or SNIP.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-01-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.citrix.com\/article\/CTX584986\/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20236548-and-cve20236549; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-6548", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2018-15133", "vendorProject": "Laravel", "product": "Laravel Framework", "vulnerabilityName": "Laravel Deserialization of Untrusted Data Vulnerability", "dateAdded": "2024-01-16", "shortDescription": "Laravel Framework contains a deserialization of untrusted data vulnerability, allowing for remote command execution. This vulnerability may only be exploited if a malicious user has accessed the application encryption key (APP_KEY environment variable).", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-02-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/laravel.com\/docs\/5.6\/upgrade#upgrade-5.6.30; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-15133", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2023-29357", "vendorProject": "Microsoft", "product": "SharePoint Server", "vulnerabilityName": "Microsoft SharePoint Server Privilege Escalation Vulnerability", "dateAdded": "2024-01-10", "shortDescription": "Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gained access to spoofed JWT authentication tokens, to use them for executing a network attack. This attack bypasses authentication, enabling the attacker to gain administrator privileges.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-01-31", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-29357; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-29357", "cwes": [ "CWE-303" ] }, { "cveID": "CVE-2023-46805", "vendorProject": "Ivanti", "product": "Connect Secure and Policy Secure", "vulnerabilityName": "Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability", "dateAdded": "2024-01-10", "shortDescription": "Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure gateways contain an authentication bypass vulnerability in the web component that allows an attacker to access restricted resources by bypassing control checks. This vulnerability can be leveraged in conjunction with CVE-2024-21887, a command injection vulnerability.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-01-22", "knownRansomwareCampaignUse": "Unknown", "notes": "Please apply mitigations per vendor instructions. For more information, please see: https:\/\/forums.ivanti.com\/s\/article\/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-46805", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2024-21887", "vendorProject": "Ivanti", "product": "Connect Secure and Policy Secure", "vulnerabilityName": "Ivanti Connect Secure and Policy Secure Command Injection Vulnerability", "dateAdded": "2024-01-10", "shortDescription": "Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure contain a command injection vulnerability in the web components of these products, which can allow an authenticated administrator to send crafted requests to execute code on affected appliances. This vulnerability can be leveraged in conjunction with CVE-2023-46805, an authenticated bypass issue.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-01-22", "knownRansomwareCampaignUse": "Unknown", "notes": "Please apply mitigations per vendor instructions. For more information, please see: https:\/\/forums.ivanti.com\/s\/article\/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-21887", "cwes": [ "CWE-77" ] }, { "cveID": "CVE-2023-23752", "vendorProject": "Joomla!", "product": "Joomla!", "vulnerabilityName": "Joomla! Improper Access Control Vulnerability", "dateAdded": "2024-01-08", "shortDescription": "Joomla! contains an improper access control vulnerability that allows unauthorized access to webservice endpoints.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-01-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/developer.joomla.org\/security-centre\/894-20230201-core-improper-access-check-in-webservice-endpoints.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-23752", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2016-20017", "vendorProject": "D-Link", "product": "DSL-2750B Devices", "vulnerabilityName": "D-Link DSL-2750B Devices Command Injection Vulnerability", "dateAdded": "2024-01-08", "shortDescription": "D-Link DSL-2750B devices contain a command injection vulnerability that allows remote, unauthenticated command injection via the login.cgi cli parameter.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-01-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/supportannouncement.us.dlink.com\/announcement\/publication.aspx?name=SAP10088; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-20017", "cwes": [ "CWE-77" ] }, { "cveID": "CVE-2023-41990", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Code Execution Vulnerability", "dateAdded": "2024-01-08", "shortDescription": "Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability that allows for code execution when processing a font file.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-01-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213599, https:\/\/support.apple.com\/en-us\/HT213601, https:\/\/support.apple.com\/en-us\/HT213605, https:\/\/support.apple.com\/en-us\/HT213606, https:\/\/support.apple.com\/en-us\/HT213842, https:\/\/support.apple.com\/en-us\/HT213844, https:\/\/support.apple.com\/en-us\/HT213845 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-41990", "cwes": [] }, { "cveID": "CVE-2023-27524", "vendorProject": "Apache", "product": "Superset", "vulnerabilityName": "Apache Superset Insecure Default Initialization of Resource Vulnerability", "dateAdded": "2024-01-08", "shortDescription": "Apache Superset contains an insecure default initialization of a resource vulnerability that allows an attacker to authenticate and access unauthorized resources on installations that have not altered the default configured SECRET_KEY according to installation instructions.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-01-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/lists.apache.org\/thread\/n0ftx60sllf527j7g11kmt24wvof8xyk; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-27524", "cwes": [ "CWE-1188" ] }, { "cveID": "CVE-2023-29300", "vendorProject": "Adobe", "product": "ColdFusion", "vulnerabilityName": "Adobe ColdFusion Deserialization of Untrusted Data Vulnerability", "dateAdded": "2024-01-08", "shortDescription": "Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-01-29", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/helpx.adobe.com\/security\/products\/coldfusion\/apsb23-40.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-29300", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2023-38203", "vendorProject": "Adobe", "product": "ColdFusion", "vulnerabilityName": "Adobe ColdFusion Deserialization of Untrusted Data Vulnerability", "dateAdded": "2024-01-08", "shortDescription": "Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-01-29", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/helpx.adobe.com\/security\/products\/coldfusion\/apsb23-41.html ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-38203", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2023-7101", "vendorProject": "Spreadsheet::ParseExcel", "product": "Spreadsheet::ParseExcel", "vulnerabilityName": "Spreadsheet::ParseExcel Remote Code Execution Vulnerability", "dateAdded": "2024-01-02", "shortDescription": "Spreadsheet::ParseExcel contains a remote code execution vulnerability due to passing unvalidated input from a file into a string-type \u201ceval\u201d. Specifically, the issue stems from the evaluation of Number format strings within the Excel parsing logic.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-01-23", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/metacpan.org\/dist\/Spreadsheet-ParseExcel and Barracuda's specific implementation and fix for their downstream issue CVE-2023-7102 at https:\/\/www.barracuda.com\/company\/legal\/esg-vulnerability; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-7101", "cwes": [ "CWE-95" ] }, { "cveID": "CVE-2023-7024", "vendorProject": "Google", "product": "Chromium WebRTC", "vulnerabilityName": "Google Chromium WebRTC Heap Buffer Overflow Vulnerability", "dateAdded": "2024-01-02", "shortDescription": "Google Chromium WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buffer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using WebRTC, including but not limited to Google Chrome.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-01-23", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/chromereleases.googleblog.com\/2023\/12\/stable-channel-update-for-desktop_20.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-7024", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2023-49897", "vendorProject": "FXC", "product": "AE1021, AE1021PE", "vulnerabilityName": "FXC AE1021, AE1021PE OS Command Injection Vulnerability", "dateAdded": "2023-12-21", "shortDescription": "FXC AE1021 and AE1021PE contain an OS command injection vulnerability that allows authenticated users to execute commands via a network.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-01-11", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.fxc.jp\/news\/20231206 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-49897", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2023-47565", "vendorProject": "QNAP", "product": "VioStor NVR", "vulnerabilityName": "QNAP VioStor NVR OS Command Injection Vulnerability", "dateAdded": "2023-12-21", "shortDescription": "QNAP VioStar NVR contains an OS command injection vulnerability that allows authenticated users to execute commands via a network.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-01-11", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.qnap.com\/en\/security-advisory\/qsa-23-48 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-47565", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2023-6448", "vendorProject": "Unitronics", "product": "Vision PLC and HMI", "vulnerabilityName": "Unitronics Vision PLC and HMI Insecure Default Password Vulnerability", "dateAdded": "2023-12-11", "shortDescription": "Unitronics Vision Series PLCs and HMIs ship with an insecure default password, which if left unchanged, can allow attackers to execute remote commands.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-12-18", "knownRansomwareCampaignUse": "Unknown", "notes": "Note that while it is possible to change the default password, implementors are encouraged to remove affected controllers from public networks and update the affected firmware: https:\/\/downloads.unitronicsplc.com\/Sites\/plc\/Technical_Library\/Unitronics-Cybersecurity-Advisory-2023-001-CVE-2023-6448.pdf; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-6448", "cwes": [ "CWE-1188" ] }, { "cveID": "CVE-2023-41266", "vendorProject": "Qlik", "product": "Sense", "vulnerabilityName": "Qlik Sense Path Traversal Vulnerability", "dateAdded": "2023-12-07", "shortDescription": "Qlik Sense contains a path traversal vulnerability that allows a remote, unauthenticated attacker to create an anonymous session by sending maliciously crafted HTTP requests. This anonymous session could allow the attacker to send further requests to unauthorized endpoints.", "requiredAction": "Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.", "dueDate": "2023-12-28", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/community.qlik.com\/t5\/Official-Support-Articles\/Critical-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows\/ta-p\/2110801 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-41266", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2023-41265", "vendorProject": "Qlik", "product": "Sense", "vulnerabilityName": "Qlik Sense HTTP Tunneling Vulnerability", "dateAdded": "2023-12-07", "shortDescription": "Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.", "requiredAction": "Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.", "dueDate": "2023-12-28", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/community.qlik.com\/t5\/Official-Support-Articles\/Critical-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows\/ta-p\/2110801; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-41265", "cwes": [ "CWE-444" ] }, { "cveID": "CVE-2023-33107", "vendorProject": "Qualcomm", "product": "Multiple Chipsets", "vulnerabilityName": "Qualcomm Multiple Chipsets Integer Overflow Vulnerability", "dateAdded": "2023-12-05", "shortDescription": "Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.", "requiredAction": "Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.", "dueDate": "2023-12-26", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/git.codelinaro.org\/clo\/la\/kernel\/msm-4.19\/-\/commit\/d66b799c804083ea5226cfffac6d6c4e7ad4968b; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-33107", "cwes": [ "CWE-190" ] }, { "cveID": "CVE-2023-33106", "vendorProject": "Qualcomm", "product": "Multiple Chipsets", "vulnerabilityName": "Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability", "dateAdded": "2023-12-05", "shortDescription": "Multiple Qualcomm chipsets contain a use of out-of-range pointer offset vulnerability due to memory corruption in Graphics while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.", "requiredAction": "Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.", "dueDate": "2023-12-26", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/git.codelinaro.org\/clo\/la\/kernel\/msm-4.19\/-\/commit\/1e46e81dbeb69aafd5842ce779f07e617680fd58; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-33106", "cwes": [ "CWE-823" ] }, { "cveID": "CVE-2023-33063", "vendorProject": "Qualcomm", "product": "Multiple Chipsets", "vulnerabilityName": "Qualcomm Multiple Chipsets Use-After-Free Vulnerability", "dateAdded": "2023-12-05", "shortDescription": "Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a remote call from HLOS to DSP.", "requiredAction": "Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.", "dueDate": "2023-12-26", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/git.codelinaro.org\/clo\/la\/kernel\/msm-5.15\/-\/commit\/2643808ddbedfaabbb334741873fb2857f78188a, https:\/\/git.codelinaro.org\/clo\/la\/kernel\/msm-4.14\/-\/commit\/d43222efda5a01c9804d74a541e3c1be9b7fe110; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-33063", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2022-22071", "vendorProject": "Qualcomm", "product": "Multiple Chipsets", "vulnerabilityName": "Qualcomm Multiple Chipsets Use-After-Free Vulnerability", "dateAdded": "2023-12-05", "shortDescription": "Multiple Qualcomm chipsets contain a use-after-free vulnerability when process shell memory is freed using IOCTL munmap call and process initialization is in progress.", "requiredAction": "Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.", "dueDate": "2023-12-26", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/git.codelinaro.org\/clo\/la\/kernel\/msm-5.4\/-\/commit\/586840fde350d7b8563df9889c8ce397e2c20dda; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22071", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2023-42917", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products WebKit Memory Corruption Vulnerability", "dateAdded": "2023-12-04", "shortDescription": "Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", "requiredAction": "Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.", "dueDate": "2023-12-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT214031, https:\/\/support.apple.com\/en-us\/HT214032, https:\/\/support.apple.com\/en-us\/HT214033 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-42917", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2023-42916", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability", "dateAdded": "2023-12-04", "shortDescription": "Apple iOS, iPadOS, macOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", "requiredAction": "Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.", "dueDate": "2023-12-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT214031, https:\/\/support.apple.com\/en-us\/HT214032, https:\/\/support.apple.com\/en-us\/HT214033 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-42916", "cwes": [ "CWE-125" ] }, { "cveID": "CVE-2023-6345", "vendorProject": "Google", "product": "Chromium Skia", "vulnerabilityName": "Google Skia Integer Overflow Vulnerability", "dateAdded": "2023-11-30", "shortDescription": "Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a malicious file. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-12-21", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/chromereleases.googleblog.com\/2023\/11\/stable-channel-update-for-desktop_28.html ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-6345", "cwes": [ "CWE-190" ] }, { "cveID": "CVE-2023-49103", "vendorProject": "ownCloud", "product": "ownCloud graphapi", "vulnerabilityName": "ownCloud graphapi Information Disclosure Vulnerability", "dateAdded": "2023-11-30", "shortDescription": "ownCloud graphapi contains an information disclosure vulnerability that can reveal sensitive data stored in phpinfo() via GetPhpInfo.php, including administrative credentials.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-12-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/owncloud.com\/security-advisories\/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-49103", "cwes": [] }, { "cveID": "CVE-2023-4911", "vendorProject": "GNU", "product": "GNU C Library", "vulnerabilityName": "GNU C Library Buffer Overflow Vulnerability", "dateAdded": "2023-11-21", "shortDescription": "GNU C Library's dynamic loader ld.so contains a buffer overflow vulnerability when processing the GLIBC_TUNABLES environment variable, allowing a local attacker to execute code with elevated privileges.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-12-12", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/sourceware.org\/git\/?p=glibc.git;a=commitdiff;h=1056e5b4c3f2d90ed2b4a55f96add28da2f4c8fa, https:\/\/access.redhat.com\/security\/cve\/cve-2023-4911, https:\/\/www.debian.org\/security\/2023\/dsa-5514 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-4911 ", "cwes": [ "CWE-122" ] }, { "cveID": "CVE-2023-36584", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability", "dateAdded": "2023-11-16", "shortDescription": "Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-12-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36584 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-36584", "cwes": [] }, { "cveID": "CVE-2023-1671", "vendorProject": "Sophos", "product": "Web Appliance", "vulnerabilityName": "Sophos Web Appliance Command Injection Vulnerability", "dateAdded": "2023-11-16", "shortDescription": "Sophos Web Appliance contains a command injection vulnerability in the warn-proceed handler that allows for remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-12-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.sophos.com\/en-us\/security-advisories\/sophos-sa-20230404-swa-rce; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-1671", "cwes": [ "CWE-77" ] }, { "cveID": "CVE-2020-2551", "vendorProject": "Oracle", "product": "Fusion Middleware", "vulnerabilityName": "Oracle Fusion Middleware Unspecified Vulnerability", "dateAdded": "2023-11-16", "shortDescription": "Oracle Fusion Middleware contains an unspecified vulnerability in the WLS Core Components that allows an unauthenticated attacker with network access via IIOP to compromise the WebLogic Server.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-12-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.oracle.com\/security-alerts\/cpujan2020.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-2551", "cwes": [] }, { "cveID": "CVE-2023-36033", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability", "dateAdded": "2023-11-14", "shortDescription": "Microsoft Windows Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-12-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-36033 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-36033", "cwes": [ "CWE-822" ] }, { "cveID": "CVE-2023-36025", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows SmartScreen Security Feature Bypass Vulnerability", "dateAdded": "2023-11-14", "shortDescription": "Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to bypass Windows Defender SmartScreen checks and their associated prompts.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-12-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-36025; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-36025", "cwes": [] }, { "cveID": "CVE-2023-36036", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability", "dateAdded": "2023-11-14", "shortDescription": "Microsoft Windows Cloud Files Mini Filter Driver contains a privilege escalation vulnerability that could allow an attacker to gain SYSTEM privileges.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-12-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-36036 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-36036", "cwes": [ "CWE-122" ] }, { "cveID": "CVE-2023-47246", "vendorProject": "SysAid", "product": "SysAid Server", "vulnerabilityName": "SysAid Server Path Traversal Vulnerability", "dateAdded": "2023-11-13", "shortDescription": "SysAid Server (on-premises version) contains a path traversal vulnerability that leads to code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-12-04", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.sysaid.com\/blog\/service-desk\/on-premise-software-security-vulnerability-notification; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-47246", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2023-36844", "vendorProject": "Juniper", "product": "Junos OS", "vulnerabilityName": "Juniper Junos OS EX Series PHP External Variable Modification Vulnerability", "dateAdded": "2023-11-13", "shortDescription": "Juniper Junos OS on EX Series contains a PHP external variable modification vulnerability that allows an unauthenticated, network-based attacker to control certain, important environment variables. Using a crafted request an attacker is able to modify certain PHP environment variables, leading to partial loss of integrity, which may allow chaining to other vulnerabilities.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-11-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/supportportal.juniper.net\/s\/article\/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_US ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-36844", "cwes": [ "CWE-473" ] }, { "cveID": "CVE-2023-36845", "vendorProject": "Juniper", "product": "Junos OS", "vulnerabilityName": "Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability", "dateAdded": "2023-11-13", "shortDescription": "Juniper Junos OS on EX Series and SRX Series contains a PHP external variable modification vulnerability that allows an unauthenticated, network-based attacker to control an important environment variable. Using a crafted request, which sets the variable PHPRC, an attacker is able to modify the PHP execution environment allowing the injection und execution of code.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-11-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/supportportal.juniper.net\/s\/article\/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_US ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-36845", "cwes": [ "CWE-473" ] }, { "cveID": "CVE-2023-36846", "vendorProject": "Juniper", "product": "Junos OS", "vulnerabilityName": "Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability", "dateAdded": "2023-11-13", "shortDescription": "Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to user.php that doesn't require authentication, an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-11-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/supportportal.juniper.net\/s\/article\/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_US ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-36846", "cwes": [ "CWE-306" ] }, { "cveID": "CVE-2023-36847", "vendorProject": "Juniper", "product": "Junos OS", "vulnerabilityName": "Juniper Junos OS EX Series Missing Authentication for Critical Function Vulnerability", "dateAdded": "2023-11-13", "shortDescription": "Juniper Junos OS on EX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to installAppPackage.php that doesn't require authentication, an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-11-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/supportportal.juniper.net\/s\/article\/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_US; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-36847", "cwes": [ "CWE-306" ] }, { "cveID": "CVE-2023-36851", "vendorProject": "Juniper", "product": "Junos OS", "vulnerabilityName": "Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability", "dateAdded": "2023-11-13", "shortDescription": "Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauth_operation.php that doesn't require authentication, an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-11-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/supportportal.juniper.net\/s\/article\/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_US ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-36851", "cwes": [ "CWE-306" ] }, { "cveID": "CVE-2023-29552", "vendorProject": "IETF", "product": "Service Location Protocol (SLP)", "vulnerabilityName": "Service Location Protocol (SLP) Denial-of-Service Vulnerability", "dateAdded": "2023-11-08", "shortDescription": "The Service Location Protocol (SLP) contains a denial-of-service (DoS) vulnerability that could allow an unauthenticated, remote attacker to register services and use spoofed UDP traffic to conduct a denial-of-service (DoS) attack with a significant amplification factor.", "requiredAction": "Apply mitigations per vendor instructions or disable SLP service or port 427\/UDP on all systems running on untrusted networks, including those directly connected to the Internet.", "dueDate": "2023-11-29", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on the patching status. For more information please see https:\/\/www.bitsight.com\/blog\/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp and https:\/\/www.cisa.gov\/news-events\/alerts\/2023\/04\/25\/abuse-service-location-protocol-may-lead-dos-attacks.; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-29552", "cwes": [] }, { "cveID": "CVE-2023-22518", "vendorProject": "Atlassian", "product": "Confluence Data Center and Server", "vulnerabilityName": "Atlassian Confluence Data Center and Server Improper Authorization Vulnerability", "dateAdded": "2023-11-07", "shortDescription": "Atlassian Confluence Data Center and Server contain an improper authorization vulnerability that can result in significant data loss when exploited by an unauthenticated attacker. There is no impact on confidentiality since the attacker cannot exfiltrate any data.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-11-28", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/confluence.atlassian.com\/security\/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-22518", "cwes": [ "CWE-863" ] }, { "cveID": "CVE-2023-46604", "vendorProject": "Apache", "product": "ActiveMQ", "vulnerabilityName": "Apache ActiveMQ Deserialization of Untrusted Data Vulnerability", "dateAdded": "2023-11-02", "shortDescription": "Apache ActiveMQ contains a deserialization of untrusted data vulnerability that may allow a remote attacker with network access to a broker to run shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-11-23", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/activemq.apache.org\/security-advisories.data\/CVE-2023-46604-announcement.txt; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-46604", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2023-46748", "vendorProject": "F5", "product": "BIG-IP Configuration Utility", "vulnerabilityName": "F5 BIG-IP Configuration Utility SQL Injection Vulnerability", "dateAdded": "2023-10-31", "shortDescription": "F5 BIG-IP Configuration utility contains an SQL injection vulnerability that may allow an authenticated attacker with network access through the BIG-IP management port and\/or self IP addresses to execute system commands. This vulnerability can be used in conjunction with CVE-2023-46747.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-11-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/my.f5.com\/manage\/s\/article\/K000137365 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-46748", "cwes": [ "CWE-89" ] }, { "cveID": "CVE-2023-46747", "vendorProject": "F5", "product": "BIG-IP Configuration Utility", "vulnerabilityName": "F5 BIG-IP Configuration Utility Authentication Bypass Vulnerability", "dateAdded": "2023-10-31", "shortDescription": "F5 BIG-IP Configuration utility contains an authentication bypass using an alternate path or channel vulnerability due to undisclosed requests that may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and\/or self IP addresses to execute system commands. This vulnerability can be used in conjunction with CVE-2023-46748.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-11-21", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/my.f5.com\/manage\/s\/article\/K000137353; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-46747", "cwes": [ "CWE-288" ] }, { "cveID": "CVE-2023-5631", "vendorProject": "Roundcube", "product": "Webmail", "vulnerabilityName": "Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability", "dateAdded": "2023-10-26", "shortDescription": "Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that allows a remote attacker to run malicious JavaScript code.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-11-16", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/roundcube.net\/news\/2023\/10\/16\/security-update-1.6.4-released, https:\/\/roundcube.net\/news\/2023\/10\/16\/security-updates-1.5.5-and-1.4.15 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-5631", "cwes": [ "CWE-79" ] }, { "cveID": "CVE-2023-20273", "vendorProject": "Cisco", "product": "Cisco IOS XE Web UI", "vulnerabilityName": "Cisco IOS XE Web UI Command Injection Vulnerability", "dateAdded": "2023-10-23", "shortDescription": "Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privilege to root and write the implant to the file system. Cisco identified CVE-2023-20273 as the vulnerability exploited to deploy the implant. CVE-2021-1435, previously associated with the exploitation events, is no longer believed to be related to this activity.", "requiredAction": "Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.", "dueDate": "2023-10-27", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-iosxe-webui-privesc-j22SaA4z; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-20273", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2023-4966", "vendorProject": "Citrix", "product": "NetScaler ADC and NetScaler Gateway", "vulnerabilityName": "Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability", "dateAdded": "2023-10-18", "shortDescription": "Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.", "requiredAction": "Apply mitigations and kill all active and persistent sessions per vendor instructions [https:\/\/www.netscaler.com\/blog\/news\/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway\/] OR discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-11-08", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.netscaler.com\/blog\/news\/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway\/, https:\/\/support.citrix.com\/article\/CTX579459\/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20234966-and-cve20234967 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-4966", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2023-20198", "vendorProject": "Cisco", "product": "IOS XE Web UI", "vulnerabilityName": "Cisco IOS XE Web UI Privilege Escalation Vulnerability", "dateAdded": "2023-10-16", "shortDescription": "Cisco IOS XE Web UI contains a privilege escalation vulnerability in the web user interface that could allow a remote, unauthenticated attacker to create an account with privilege level 15 access. The attacker can then use that account to gain control of the affected device.", "requiredAction": "Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.", "dueDate": "2023-10-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/ios-nx-os-software\/ios-xe-dublin-17121\/221128-software-fix-availability-for-cisco-ios.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-20198", "cwes": [ "CWE-420" ] }, { "cveID": "CVE-2023-21608", "vendorProject": "Adobe", "product": "Acrobat and Reader", "vulnerabilityName": "Adobe Acrobat and Reader Use-After-Free Vulnerability", "dateAdded": "2023-10-10", "shortDescription": "Adobe Acrobat and Reader contains a use-after-free vulnerability that allows for code execution in the context of the current user.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-31", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/helpx.adobe.com\/security\/products\/acrobat\/apsb23-01.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-21608", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2023-20109", "vendorProject": "Cisco", "product": "IOS and IOS XE", "vulnerabilityName": "Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability", "dateAdded": "2023-10-10", "shortDescription": "Cisco IOS and IOS XE contain an out-of-bounds write vulnerability in the Group Encrypted Transport VPN (GET VPN) feature that could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute malicious code or cause a device to crash.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-31", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-getvpn-rce-g8qR68sx; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-20109", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2023-41763", "vendorProject": "Microsoft", "product": "Skype for Business", "vulnerabilityName": "Microsoft Skype for Business Privilege Escalation Vulnerability", "dateAdded": "2023-10-10", "shortDescription": "Microsoft Skype for Business contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-31", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-41763; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-41763", "cwes": [ "CWE-918" ] }, { "cveID": "CVE-2023-36563", "vendorProject": "Microsoft", "product": "WordPad", "vulnerabilityName": "Microsoft WordPad Information Disclosure Vulnerability", "dateAdded": "2023-10-10", "shortDescription": "Microsoft WordPad contains an unspecified vulnerability that allows for information disclosure.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-31", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-36563; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-36563", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2023-44487", "vendorProject": "IETF", "product": "HTTP\/2", "vulnerabilityName": "HTTP\/2 Rapid Reset Attack Vulnerability", "dateAdded": "2023-10-10", "shortDescription": "HTTP\/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-31", "knownRansomwareCampaignUse": "Unknown", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/blog.cloudflare.com\/technical-breakdown-http2-rapid-reset-ddos-attack\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-44487", "cwes": [ "CWE-400" ] }, { "cveID": "CVE-2023-22515", "vendorProject": "Atlassian", "product": "Confluence Data Center and Server", "vulnerabilityName": "Atlassian Confluence Data Center and Server Broken Access Control Vulnerability", "dateAdded": "2023-10-05", "shortDescription": "Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Check all affected Confluence instances for evidence of compromise per vendor instructions and report any positive findings to CISA.", "dueDate": "2023-10-13", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/confluence.atlassian.com\/security\/cve-2023-22515-privilege-escalation-vulnerability-in-confluence-data-center-and-server-1295682276.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-22515", "cwes": [] }, { "cveID": "CVE-2023-40044", "vendorProject": "Progress", "product": "WS_FTP Server", "vulnerabilityName": "Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability", "dateAdded": "2023-10-05", "shortDescription": "Progress WS_FTP Server contains a deserialization of untrusted data vulnerability in the Ad Hoc Transfer module that allows an authenticated attacker to execute remote commands on the underlying operating system.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-26", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/community.progress.com\/s\/article\/WS-FTP-Server-Critical-Vulnerability-September-2023; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-40044", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2023-42824", "vendorProject": "Apple", "product": "iOS and iPadOS", "vulnerabilityName": "Apple iOS and iPadOS Kernel Privilege Escalation Vulnerability", "dateAdded": "2023-10-05", "shortDescription": "Apple iOS and iPadOS contain an unspecified vulnerability that allows for local privilege escalation.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-26", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213961; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-42824", "cwes": [] }, { "cveID": "CVE-2023-42793", "vendorProject": "JetBrains", "product": "TeamCity", "vulnerabilityName": "JetBrains TeamCity Authentication Bypass Vulnerability", "dateAdded": "2023-10-04", "shortDescription": "JetBrains TeamCity contains an authentication bypass vulnerability that allows for remote code execution on TeamCity Server.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-25", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/blog.jetbrains.com\/teamcity\/2023\/09\/critical-security-issue-affecting-teamcity-on-premises-update-to-2023-05-4-now\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-42793", "cwes": [ "CWE-288" ] }, { "cveID": "CVE-2023-28229", "vendorProject": "Microsoft", "product": "Windows CNG Key Isolation Service", "vulnerabilityName": "Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability", "dateAdded": "2023-10-04", "shortDescription": "Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain specific limited SYSTEM privileges.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28229; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-28229", "cwes": [ "CWE-591" ] }, { "cveID": "CVE-2023-4211", "vendorProject": "Arm", "product": "Mali GPU Kernel Driver", "vulnerabilityName": "Arm Mali GPU Kernel Driver Use-After-Free Vulnerability", "dateAdded": "2023-10-03", "shortDescription": "Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/developer.arm.com\/Arm%20Security%20Center\/Mali%20GPU%20Driver%20Vulnerabilities; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-4211", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2023-5217", "vendorProject": "Google", "product": "Chromium libvpx", "vulnerabilityName": "Google Chromium libvpx Heap Buffer Overflow Vulnerability", "dateAdded": "2023-10-02", "shortDescription": "Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using libvpx, including but not limited to Google Chrome.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-23", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2023\/09\/stable-channel-update-for-desktop_27.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-5217", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2018-14667", "vendorProject": "Red Hat", "product": "JBoss RichFaces Framework", "vulnerabilityName": "Red Hat JBoss RichFaces Framework Expression Language Injection Vulnerability", "dateAdded": "2023-09-28", "shortDescription": "Red Hat JBoss RichFaces Framework contains an expression language injection vulnerability via the UserResource resource. A remote, unauthenticated attacker could exploit this vulnerability to execute malicious code using a chain of Java serialized objects via org.ajax4jsf.resource.UserResource$UriData.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-19", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=CVE-2018-14667; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-14667", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2023-41991", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Improper Certificate Validation Vulnerability", "dateAdded": "2023-09-25", "shortDescription": "Apple iOS, iPadOS, macOS, and watchOS contain an improper certificate validation vulnerability that can allow a malicious app to bypass signature validation.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-16", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213926, https:\/\/support.apple.com\/en-us\/HT213927, https:\/\/support.apple.com\/en-us\/HT213928, https:\/\/support.apple.com\/en-us\/HT213929, https:\/\/support.apple.com\/en-us\/HT213931 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-41991", "cwes": [ "CWE-295" ] }, { "cveID": "CVE-2023-41992", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Kernel Privilege Escalation Vulnerability", "dateAdded": "2023-09-25", "shortDescription": "Apple iOS, iPadOS, macOS, and watchOS contain an unspecified vulnerability that allows for local privilege escalation.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-16", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213926, https:\/\/support.apple.com\/en-us\/HT213927, https:\/\/support.apple.com\/en-us\/HT213928, https:\/\/support.apple.com\/en-us\/HT213929, https:\/\/support.apple.com\/en-us\/HT213931, https:\/\/support.apple.com\/en-us\/HT213932; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-41992", "cwes": [ "CWE-754" ] }, { "cveID": "CVE-2023-41993", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products WebKit Code Execution Vulnerability", "dateAdded": "2023-09-25", "shortDescription": "Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-16", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213926, https:\/\/support.apple.com\/en-us\/HT213927, https:\/\/support.apple.com\/en-us\/HT213930; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-41993", "cwes": [ "CWE-754" ] }, { "cveID": "CVE-2023-41179", "vendorProject": "Trend Micro", "product": "Apex One and Worry-Free Business Security", "vulnerabilityName": "Trend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability", "dateAdded": "2023-09-21", "shortDescription": "Trend Micro Apex One and Worry-Free Business Security contain an unspecified vulnerability in the third-party anti-virus uninstaller that could allow an attacker to manipulate the module to conduct remote code execution. An attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-12", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/success.trendmicro.com\/dcx\/s\/solution\/000294994?language=en_US ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-41179", "cwes": [] }, { "cveID": "CVE-2023-28434", "vendorProject": "MinIO", "product": "MinIO", "vulnerabilityName": "MinIO Security Feature Bypass Vulnerability", "dateAdded": "2023-09-19", "shortDescription": "MinIO contains a security feature bypass vulnerability that allows an attacker to use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket` to conduct privilege escalation. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-10", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/github.com\/minio\/minio\/security\/advisories\/GHSA-2pxw-r47w-4p8c; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-28434", "cwes": [ "CWE-269" ] }, { "cveID": "CVE-2022-22265", "vendorProject": "Samsung", "product": "Mobile Devices", "vulnerabilityName": "Samsung Mobile Devices Use-After-Free Vulnerability", "dateAdded": "2023-09-18", "shortDescription": "Samsung devices with selected Exynos chipsets contain a use-after-free vulnerability that allows malicious memory write and code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2022&month=1; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22265", "cwes": [ "CWE-703" ] }, { "cveID": "CVE-2014-8361", "vendorProject": "Realtek", "product": "SDK", "vulnerabilityName": "Realtek SDK Improper Input Validation Vulnerability", "dateAdded": "2023-09-18", "shortDescription": "Realtek SDK contains an improper input validation vulnerability in the miniigd SOAP service that allows remote attackers to execute malicious code via a crafted NewInternalClient request.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/web.archive.org\/web\/20150831100501\/http:\/\/securityadvisories.dlink.com\/security\/publication.aspx?name=SAP10055; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-8361", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2017-6884", "vendorProject": "Zyxel", "product": "EMG2926 Routers", "vulnerabilityName": "Zyxel EMG2926 Routers Command Injection Vulnerability", "dateAdded": "2023-09-18", "shortDescription": "Zyxel EMG2926 routers contain a command injection vulnerability located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute malicious commands on the router, such as the ping_ip parameter to the expert\/maintenance\/diagnostic\/nslookup URI.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.zyxel.com\/global\/en\/support\/security-advisories\/zyxel-security-advisory-for-command-injection-vulnerability-in-emg2926-q10a-ethernet-cpe, https:\/\/www.zyxelguard.com\/Zyxel-EOL.asp; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6884", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2021-3129", "vendorProject": "Laravel", "product": "Ignition", "vulnerabilityName": "Laravel Ignition File Upload Vulnerability", "dateAdded": "2023-09-18", "shortDescription": "Laravel Ignition contains a file upload vulnerability that allows unauthenticated remote attackers to execute malicious code due to insecure usage of file_get_contents() and file_put_contents().", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-09", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/github.com\/facade\/ignition\/releases\/tag\/2.5.2; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-3129", "cwes": [] }, { "cveID": "CVE-2023-26369", "vendorProject": "Adobe", "product": "Acrobat and Reader", "vulnerabilityName": "Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability", "dateAdded": "2023-09-14", "shortDescription": "Adobe Acrobat and Reader contains an out-of-bounds write vulnerability that allows for code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/helpx.adobe.com\/security\/products\/acrobat\/apsb23-34.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-26369", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2023-35674", "vendorProject": "Android", "product": "Framework", "vulnerabilityName": "Android Framework Privilege Escalation Vulnerability", "dateAdded": "2023-09-13", "shortDescription": "Android Framework contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/source.android.com\/docs\/security\/bulletin\/2023-09-01; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-35674", "cwes": [] }, { "cveID": "CVE-2023-20269", "vendorProject": "Cisco", "product": "Adaptive Security Appliance and Firepower Threat Defense", "vulnerabilityName": "Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability", "dateAdded": "2023-09-13", "shortDescription": "Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or establish a clientless SSL VPN session with an unauthorized user.", "requiredAction": "Apply mitigations per vendor instructions for group-lock and vpn-simultaneous-logins or discontinue use of the product for unsupported devices.", "dueDate": "2023-10-04", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-asaftd-ravpn-auth-8LyfCkeC; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-20269", "cwes": [ "CWE-288" ] }, { "cveID": "CVE-2023-4863", "vendorProject": "Google", "product": "Chromium WebP", "vulnerabilityName": "Google Chromium WebP Heap-Based Buffer Overflow Vulnerability", "dateAdded": "2023-09-13", "shortDescription": "Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. This vulnerability can affect applications that use the WebP Codec.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2023\/09\/stable-channel-update-for-desktop_11.html?m=1; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-4863", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2023-36761", "vendorProject": "Microsoft", "product": "Word", "vulnerabilityName": "Microsoft Word Information Disclosure Vulnerability", "dateAdded": "2023-09-12", "shortDescription": "Microsoft Word contains an unspecified vulnerability that allows for information disclosure.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36761; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-36761", "cwes": [ "CWE-668" ] }, { "cveID": "CVE-2023-36802", "vendorProject": "Microsoft", "product": "Streaming Service Proxy", "vulnerabilityName": "Microsoft Streaming Service Proxy Privilege Escalation Vulnerability", "dateAdded": "2023-09-12", "shortDescription": "Microsoft Streaming Service Proxy contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36802; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-36802", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2023-41064", "vendorProject": "Apple", "product": "iOS, iPadOS, and macOS", "vulnerabilityName": "Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability", "dateAdded": "2023-09-11", "shortDescription": "Apple iOS, iPadOS, and macOS contain a buffer overflow vulnerability in ImageIO when processing a maliciously crafted image, which may lead to code execution. This vulnerability was chained with CVE-2023-41061.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213905, https:\/\/support.apple.com\/en-us\/HT213906; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-41064", "cwes": [ "CWE-120" ] }, { "cveID": "CVE-2023-41061", "vendorProject": "Apple", "product": "iOS, iPadOS, and watchOS", "vulnerabilityName": "Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability", "dateAdded": "2023-09-11", "shortDescription": "Apple iOS, iPadOS, and watchOS contain an unspecified vulnerability due to a validation issue affecting Wallet in which a maliciously crafted attachment may result in code execution. This vulnerability was chained with CVE-2023-41064.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-10-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213905, https:\/\/support.apple.com\/kb\/HT213907; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-41061", "cwes": [] }, { "cveID": "CVE-2023-33246", "vendorProject": "Apache", "product": "RocketMQ", "vulnerabilityName": "Apache RocketMQ Command Execution Vulnerability", "dateAdded": "2023-09-06", "shortDescription": "Several components of Apache RocketMQ, including NameServer, Broker, and Controller, are exposed to the extranet and lack permission verification. An attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as or achieve the same effect by forging the RocketMQ protocol content.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-09-27", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/lists.apache.org\/thread\/1s8j2c8kogthtpv3060yddk03zq0pxyp; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-33246", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2023-38831", "vendorProject": "RARLAB", "product": "WinRAR", "vulnerabilityName": "RARLAB WinRAR Code Execution Vulnerability", "dateAdded": "2023-08-24", "shortDescription": "RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file within a ZIP archive.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-09-14", "knownRansomwareCampaignUse": "Known", "notes": "http:\/\/www.win-rar.com\/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-38831", "cwes": [ "CWE-351" ] }, { "cveID": "CVE-2023-32315", "vendorProject": "Ignite Realtime", "product": "Openfire", "vulnerabilityName": "Ignite Realtime Openfire Path Traversal Vulnerability", "dateAdded": "2023-08-24", "shortDescription": "Ignite Realtime Openfire contains a path traversal vulnerability that allows an unauthenticated attacker to access restricted pages in the Openfire Admin Console reserved for administrative users.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-09-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.igniterealtime.org\/downloads\/#openfire; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-32315", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2023-38035", "vendorProject": "Ivanti", "product": "Sentry", "vulnerabilityName": "Ivanti Sentry Authentication Bypass Vulnerability", "dateAdded": "2023-08-22", "shortDescription": "Ivanti Sentry, formerly known as MobileIron Sentry, contains an authentication bypass vulnerability that may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-09-12", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/forums.ivanti.com\/s\/article\/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface?language=en_US ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-38035", "cwes": [ "CWE-863" ] }, { "cveID": "CVE-2023-27532", "vendorProject": "Veeam", "product": "Backup & Replication", "vulnerabilityName": "Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability", "dateAdded": "2023-08-22", "shortDescription": "Veeam Backup & Replication Cloud Connect component contains a missing authentication for critical function vulnerability that allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-09-12", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.veeam.com\/kb4424; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-27532", "cwes": [ "CWE-306" ] }, { "cveID": "CVE-2023-26359", "vendorProject": "Adobe", "product": "ColdFusion", "vulnerabilityName": "Adobe ColdFusion Deserialization of Untrusted Data Vulnerability", "dateAdded": "2023-08-21", "shortDescription": "Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could result in code execution in the context of the current user.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-09-11", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/helpx.adobe.com\/security\/products\/coldfusion\/apsb23-25.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-26359", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2023-24489", "vendorProject": "Citrix", "product": "Content Collaboration", "vulnerabilityName": "Citrix Content Collaboration ShareFile Improper Access Control Vulnerability", "dateAdded": "2023-08-16", "shortDescription": "Citrix Content Collaboration contains an improper access control vulnerability that could allow an unauthenticated attacker to remotely compromise customer-managed ShareFile storage zones controllers.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-09-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.citrix.com\/article\/CTX559517\/sharefile-storagezones-controller-security-update-for-cve202324489; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-24489", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2023-38180", "vendorProject": "Microsoft", "product": ".NET Core and Visual Studio", "vulnerabilityName": "Microsoft .NET Core and Visual Studio Denial-of-Service Vulnerability", "dateAdded": "2023-08-09", "shortDescription": "Microsoft .NET Core and Visual Studio contain an unspecified vulnerability that allows for denial-of-service (DoS).", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-08-30", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-38180; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-38180", "cwes": [] }, { "cveID": "CVE-2017-18368", "vendorProject": "Zyxel", "product": "P660HN-T1A Routers", "vulnerabilityName": "Zyxel P660HN-T1A Routers Command Injection Vulnerability", "dateAdded": "2023-08-07", "shortDescription": "Zyxel P660HN-T1A routers contain a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user and exploited via the remote_host parameter of the ViewLog.asp page.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-08-28", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.zyxel.com\/global\/en\/support\/security-advisories\/zyxel-security-advisory-for-a-new-variant-of-gafgyt-malware; https:\/\/www.zyxel.com\/global\/en\/support\/security-advisories\/zyxel-security-advisory-for-command-injection-vulnerability-in-p660hn-t1a-dsl-cpe; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-18368", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2023-35081", "vendorProject": "Ivanti", "product": "Endpoint Manager Mobile (EPMM)", "vulnerabilityName": "Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability", "dateAdded": "2023-07-31", "shortDescription": "Ivanti Endpoint Manager Mobile (EPMM) contains a path traversal vulnerability that enables an authenticated administrator to perform malicious file writes to the EPMM server. This vulnerability can be used in conjunction with CVE-2023-35078 to bypass authentication and ACLs restrictions (if applicable).", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-08-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/forums.ivanti.com\/s\/article\/CVE-2023-35081-Arbitrary-File-Write?language=en_US; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-35081", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2023-37580", "vendorProject": "Zimbra", "product": "Collaboration (ZCS)", "vulnerabilityName": "Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) Vulnerability", "dateAdded": "2023-07-27", "shortDescription": "Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability impacting the confidentiality and integrity of data.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-08-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/wiki.zimbra.com\/wiki\/Security_Center ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-37580", "cwes": [ "CWE-79" ] }, { "cveID": "CVE-2023-38606", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Kernel Unspecified Vulnerability", "dateAdded": "2023-07-26", "shortDescription": "Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability allowing an app to modify a sensitive kernel state.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-08-16", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213841, https:\/\/support.apple.com\/en-us\/HT213842, https:\/\/support.apple.com\/en-us\/HT213843,https:\/\/support.apple.com\/en-us\/HT213844,https:\/\/support.apple.com\/en-us\/HT213845,https:\/\/support.apple.com\/en-us\/HT213846,https:\/\/support.apple.com\/en-us\/HT213848 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-38606", "cwes": [] }, { "cveID": "CVE-2023-35078", "vendorProject": "Ivanti", "product": "Endpoint Manager Mobile (EPMM)", "vulnerabilityName": "Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability", "dateAdded": "2023-07-25", "shortDescription": "Ivanti Endpoint Manager Mobile (EPMM, previously branded MobileIron Core) contains an authentication bypass vulnerability that allows unauthenticated access to specific API paths. An attacker with access to these API paths can access personally identifiable information (PII) such as names, phone numbers, and other mobile device details for users on a vulnerable system. An attacker can also make other configuration changes including installing software and modifying security profiles on registered devices.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-08-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/forums.ivanti.com\/s\/article\/CVE-2023-35078-Remote-unauthenticated-API-access-vulnerability?language=en_US; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-35078", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2023-29298", "vendorProject": "Adobe", "product": "ColdFusion", "vulnerabilityName": "Adobe ColdFusion Improper Access Control Vulnerability", "dateAdded": "2023-07-20", "shortDescription": "Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-08-10", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/helpx.adobe.com\/security\/products\/coldfusion\/apsb23-40.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-29298", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2023-38205", "vendorProject": "Adobe", "product": "ColdFusion", "vulnerabilityName": "Adobe ColdFusion Improper Access Control Vulnerability", "dateAdded": "2023-07-20", "shortDescription": "Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-08-10", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/helpx.adobe.com\/security\/products\/coldfusion\/apsb23-47.html ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-38205", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2023-3519", "vendorProject": "Citrix", "product": "NetScaler ADC and NetScaler Gateway", "vulnerabilityName": "Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability", "dateAdded": "2023-07-19", "shortDescription": "Citrix NetScaler ADC and NetScaler Gateway contains a code injection vulnerability that allows for unauthenticated remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-08-09", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/support.citrix.com\/article\/CTX561482\/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-3519", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2023-36884", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Search Remote Code Execution Vulnerability", "dateAdded": "2023-07-17", "shortDescription": "Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2023-08-29", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36884; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-36884", "cwes": [ "CWE-362" ] }, { "cveID": "CVE-2022-29303", "vendorProject": "SolarView", "product": "Compact", "vulnerabilityName": "SolarView Compact Command Injection Vulnerability", "dateAdded": "2023-07-13", "shortDescription": "SolarView Compact contains a command injection vulnerability due to improper validation of input values on the send test mail console of the product's web server.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "dueDate": "2023-08-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/jvn.jp\/en\/vu\/JVNVU92327282\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-29303", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2023-37450", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products WebKit Code Execution Vulnerability", "dateAdded": "2023-07-13", "shortDescription": "Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "dueDate": "2023-08-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213826, https:\/\/support.apple.com\/en-us\/HT213841, https:\/\/support.apple.com\/en-us\/HT213843, https:\/\/support.apple.com\/en-us\/HT213846, https:\/\/support.apple.com\/en-us\/HT213848; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-37450", "cwes": [] }, { "cveID": "CVE-2023-32046", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability", "dateAdded": "2023-07-11", "shortDescription": "Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "dueDate": "2023-08-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-32046; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-32046", "cwes": [] }, { "cveID": "CVE-2023-32049", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability", "dateAdded": "2023-07-11", "shortDescription": "Microsoft Windows Defender SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Open File - Security Warning prompt.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "dueDate": "2023-08-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-32049; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-32049", "cwes": [] }, { "cveID": "CVE-2023-35311", "vendorProject": "Microsoft", "product": "Outlook", "vulnerabilityName": "Microsoft Outlook Security Feature Bypass Vulnerability", "dateAdded": "2023-07-11", "shortDescription": "Microsoft Outlook contains a security feature bypass vulnerability that allows an attacker to bypass the Microsoft Outlook Security Notice prompt.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "dueDate": "2023-08-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-35311; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-35311", "cwes": [ "CWE-367" ] }, { "cveID": "CVE-2023-36874", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability", "dateAdded": "2023-07-11", "shortDescription": "Microsoft Windows Error Reporting Service contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "dueDate": "2023-08-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-36874; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-36874", "cwes": [ "CWE-59" ] }, { "cveID": "CVE-2022-31199", "vendorProject": "Netwrix", "product": "Auditor", "vulnerabilityName": "Netwrix Auditor Insecure Object Deserialization Vulnerability", "dateAdded": "2023-07-11", "shortDescription": "Netwrix Auditor User Activity Video Recording component contains an insecure objection deserialization vulnerability that allows an unauthenticated, remote attacker to execute code as the NT AUTHORITY\\SYSTEM user. Successful exploitation requires that the attacker is able to reach port 9004\/TCP, which is commonly blocked by standard enterprise firewalling.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "dueDate": "2023-08-01", "knownRansomwareCampaignUse": "Known", "notes": "Patch application requires login to customer portal: https:\/\/security.netwrix.com\/Account\/SignIn?ReturnUrl=%2FAdvisories%2FADV-2022-003; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-31199", "cwes": [ "CWE-502", "CWE-122" ] }, { "cveID": "CVE-2021-29256", "vendorProject": "Arm", "product": "Mali Graphics Processing Unit (GPU)", "vulnerabilityName": "Arm Mali GPU Kernel Driver Use-After-Free Vulnerability", "dateAdded": "2023-07-07", "shortDescription": "Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and\/or disclose information.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "dueDate": "2023-07-28", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/developer.arm.com\/Arm%20Security%20Center\/Mali%20GPU%20Driver%20Vulnerabilities; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-29256", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2019-17621", "vendorProject": "D-Link", "product": "DIR-859 Router", "vulnerabilityName": "D-Link DIR-859 Router Command Execution Vulnerability", "dateAdded": "2023-06-29", "shortDescription": "D-Link DIR-859 router contains a command execution vulnerability in the UPnP endpoint URL, \/gena.cgi. Exploitation allows an unauthenticated remote attacker to execute system commands as root by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "dueDate": "2023-07-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/supportannouncement.us.dlink.com\/announcement\/publication.aspx?name=SAP10147; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-17621", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2019-20500", "vendorProject": "D-Link", "product": "DWL-2600AP Access Point", "vulnerabilityName": "D-Link DWL-2600AP Access Point Command Injection Vulnerability", "dateAdded": "2023-06-29", "shortDescription": "D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "dueDate": "2023-07-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/supportannouncement.us.dlink.com\/announcement\/publication.aspx?name=SAP10113; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-20500", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2021-25487", "vendorProject": "Samsung", "product": "Mobile Devices", "vulnerabilityName": "Samsung Mobile Devices Out-of-Bounds Read Vulnerability", "dateAdded": "2023-06-29", "shortDescription": "Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable", "dueDate": "2023-07-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2021&month=10; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-25487", "cwes": [ "CWE-125" ] }, { "cveID": "CVE-2021-25489", "vendorProject": "Samsung", "product": "Mobile Devices", "vulnerabilityName": "Samsung Mobile Devices Improper Input Validation Vulnerability", "dateAdded": "2023-06-29", "shortDescription": "Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that results in a format string bug leading to kernel panic.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable", "dueDate": "2023-07-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2021&month=10; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-25489", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2021-25394", "vendorProject": "Samsung", "product": "Mobile Devices", "vulnerabilityName": "Samsung Mobile Devices Race Condition Vulnerability", "dateAdded": "2023-06-29", "shortDescription": "Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable", "dueDate": "2023-07-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2021&month=5; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-25394", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2021-25395", "vendorProject": "Samsung", "product": "Mobile Devices", "vulnerabilityName": "Samsung Mobile Devices Race Condition Vulnerability", "dateAdded": "2023-06-29", "shortDescription": "Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable", "dueDate": "2023-07-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2021&month=5; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-25395", "cwes": [ "CWE-362" ] }, { "cveID": "CVE-2021-25371", "vendorProject": "Samsung", "product": "Mobile Devices", "vulnerabilityName": "Samsung Mobile Devices Unspecified Vulnerability", "dateAdded": "2023-06-29", "shortDescription": "Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF libraries inside DSP.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable", "dueDate": "2023-07-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2021&month=3; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-25371", "cwes": [ "CWE-912" ] }, { "cveID": "CVE-2021-25372", "vendorProject": "Samsung", "product": "Mobile Devices", "vulnerabilityName": "Samsung Mobile Devices Improper Boundary Check Vulnerability", "dateAdded": "2023-06-29", "shortDescription": "Samsung mobile devices contain an improper boundary check vulnerability within DSP driver that allows for out-of-bounds memory access.", "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable", "dueDate": "2023-07-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2021&month=3; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-25372", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2023-32434", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Integer Overflow Vulnerability", "dateAdded": "2023-06-23", "shortDescription": "Apple iOS. iPadOS, macOS, and watchOS contain an integer overflow vulnerability that could allow an application to execute code with kernel privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-07-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213808, https:\/\/support.apple.com\/en-us\/HT213812, https:\/\/support.apple.com\/en-us\/HT213809, https:\/\/support.apple.com\/en-us\/HT213810, https:\/\/support.apple.com\/en-us\/HT213813, https:\/\/support.apple.com\/en-us\/HT213811, https:\/\/support.apple.com\/en-us\/HT213814; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-32434", "cwes": [ "CWE-190" ] }, { "cveID": "CVE-2023-32435", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products WebKit Memory Corruption Vulnerability", "dateAdded": "2023-06-23", "shortDescription": "Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-07-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213670, https:\/\/support.apple.com\/en-us\/HT213671, https:\/\/support.apple.com\/en-us\/HT213676, https:\/\/support.apple.com\/en-us\/HT213811; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-32435", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2023-32439", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products WebKit Type Confusion Vulnerability", "dateAdded": "2023-06-23", "shortDescription": "Apple iOS, iPadOS, macOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-07-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213813, https:\/\/support.apple.com\/en-us\/HT213811, https:\/\/support.apple.com\/en-us\/HT213814, https:\/\/support.apple.com\/en-us\/HT213816; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-32439", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2023-20867", "vendorProject": "VMware", "product": "Tools", "vulnerabilityName": "VMware Tools Authentication Bypass Vulnerability", "dateAdded": "2023-06-23", "shortDescription": "VMware Tools contains an authentication bypass vulnerability in the vgauth module. A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. An attacker must have root access over ESXi to exploit this vulnerability.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-07-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.vmware.com\/security\/advisories\/VMSA-2023-0013.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-20867", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2023-27992", "vendorProject": "Zyxel", "product": "Multiple Network-Attached Storage (NAS) Devices", "vulnerabilityName": "Zyxel Multiple NAS Devices Command Injection Vulnerability", "dateAdded": "2023-06-23", "shortDescription": "Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability that could allow an unauthenticated attacker to execute commands remotely via a crafted HTTP request.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-07-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.zyxel.com\/global\/en\/support\/security-advisories\/zyxel-security-advisory-for-pre-authentication-command-injection-vulnerability-in-nas-products; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-27992", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2023-20887", "vendorProject": "VMware", "product": "Aria Operations for Networks", "vulnerabilityName": "Vmware Aria Operations for Networks Command Injection Vulnerability", "dateAdded": "2023-06-22", "shortDescription": "VMware Aria Operations for Networks (formerly vRealize Network Insight) contains a command injection vulnerability that allows a malicious actor with network access to perform an attack resulting in remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-07-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.vmware.com\/security\/advisories\/VMSA-2023-0012.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-20887", "cwes": [ "CWE-77" ] }, { "cveID": "CVE-2020-35730", "vendorProject": "Roundcube", "product": "Roundcube Webmail", "vulnerabilityName": "Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability", "dateAdded": "2023-06-22", "shortDescription": "Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows an attacker to send a plain text e-mail message with Javascript in a link reference element that is mishandled by linkref_addinindex in rcube_string_replacer.php.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-07-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/roundcube.net\/news\/2020\/12\/27\/security-updates-1.4.10-1.3.16-and-1.2.13; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-35730", "cwes": [ "CWE-79" ] }, { "cveID": "CVE-2020-12641", "vendorProject": "Roundcube", "product": "Roundcube Webmail", "vulnerabilityName": "Roundcube Webmail Remote Code Execution Vulnerability", "dateAdded": "2023-06-22", "shortDescription": "Roundcube Webmail contains an remote code execution vulnerability that allows attackers to execute code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-07-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/roundcube.net\/news\/2020\/04\/29\/security-updates-1.4.4-1.3.11-and-1.2.10; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-12641", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2021-44026", "vendorProject": "Roundcube", "product": "Roundcube Webmail", "vulnerabilityName": "Roundcube Webmail SQL Injection Vulnerability", "dateAdded": "2023-06-22", "shortDescription": "Roundcube Webmail is vulnerable to SQL injection via search or search_params.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-07-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/roundcube.net\/news\/2021\/11\/12\/security-updates-1.4.12-and-1.3.17-released; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-44026", "cwes": [ "CWE-89" ] }, { "cveID": "CVE-2016-9079", "vendorProject": "Mozilla", "product": "Firefox, Firefox ESR, and Thunderbird", "vulnerabilityName": "Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free Vulnerability", "dateAdded": "2023-06-22", "shortDescription": "Mozilla Firefox, Firefox ESR, and Thunderbird contain a use-after-free vulnerability in SVG Animation, targeting Firefox and Tor browser users on Windows.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-07-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.mozilla.org\/en-US\/security\/advisories\/mfsa2016-92\/#CVE-2016-9079; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-9079", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2016-0165", "vendorProject": "Microsoft", "product": "Win32k", "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", "dateAdded": "2023-06-22", "shortDescription": "Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-07-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/learn.microsoft.com\/en-us\/security-updates\/securitybulletins\/2016\/ms16-039; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-0165", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2023-27997", "vendorProject": "Fortinet", "product": "FortiOS and FortiProxy SSL-VPN", "vulnerabilityName": "Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability", "dateAdded": "2023-06-13", "shortDescription": "Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-07-04", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.fortiguard.com\/psirt\/FG-IR-23-097; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-27997", "cwes": [ "CWE-122" ] }, { "cveID": "CVE-2023-3079", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", "dateAdded": "2023-06-07", "shortDescription": "Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-28", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2023\/06\/stable-channel-update-for-desktop.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-3079", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2023-33009", "vendorProject": "Zyxel", "product": "Multiple Firewalls", "vulnerabilityName": "Zyxel Multiple Firewalls Buffer Overflow Vulnerability", "dateAdded": "2023-06-05", "shortDescription": "Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL\/USG firewalls contain a buffer overflow vulnerability in the notification function that could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and remote code execution on an affected device.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-26", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.zyxel.com\/global\/en\/support\/security-advisories\/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-33009", "cwes": [ "CWE-120" ] }, { "cveID": "CVE-2023-33010", "vendorProject": "Zyxel", "product": "Multiple Firewalls", "vulnerabilityName": "Zyxel Multiple Firewalls Buffer Overflow Vulnerability", "dateAdded": "2023-06-05", "shortDescription": "Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL\/USG firewalls contain a buffer overflow vulnerability in the ID processing function that could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and remote code execution on an affected device.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-26", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.zyxel.com\/global\/en\/support\/security-advisories\/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-33010", "cwes": [ "CWE-120" ] }, { "cveID": "CVE-2023-34362", "vendorProject": "Progress", "product": "MOVEit Transfer", "vulnerabilityName": "Progress MOVEit Transfer SQL Injection Vulnerability", "dateAdded": "2023-06-02", "shortDescription": "Progress MOVEit Transfer contains a SQL injection vulnerability that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or delete database elements.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-23", "knownRansomwareCampaignUse": "Known", "notes": "This CVE has a CISA AA located here: https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa23-158a. Please see the AA for associated IOCs. Additional information is available at: https:\/\/community.progress.com\/s\/article\/MOVEit-Transfer-Critical-Vulnerability-31May2023.; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-34362", "cwes": [ "CWE-89" ] }, { "cveID": "CVE-2023-28771", "vendorProject": "Zyxel", "product": "Multiple Firewalls", "vulnerabilityName": "Zyxel Multiple Firewalls OS Command Injection Vulnerability", "dateAdded": "2023-05-31", "shortDescription": "Zyxel ATP, USG FLEX, VPN, and ZyWALL\/USG firewalls allow for improper error message handling which could allow an unauthenticated attacker to execute OS commands remotely by sending crafted packets to an affected device.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.zyxel.com\/global\/en\/support\/security-advisories\/zyxel-security-advisory-for-remote-command-injection-vulnerability-of-firewalls; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-28771", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2023-2868", "vendorProject": "Barracuda Networks", "product": "Email Security Gateway (ESG) Appliance", "vulnerabilityName": "Barracuda Networks ESG Appliance Improper Input Validation Vulnerability", "dateAdded": "2023-05-26", "shortDescription": "Barracuda Email Security Gateway (ESG) appliance contains an improper input validation vulnerability of a user-supplied .tar file, leading to remote command injection.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-16", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/status.barracuda.com\/incidents\/34kx82j5n4q9; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-2868", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2023-32409", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products WebKit Sandbox Escape Vulnerability", "dateAdded": "2023-05-22", "shortDescription": "Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an unspecified vulnerability that can allow a remote attacker to break out of the Web Content sandbox. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-12", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/HT213757, https:\/\/support.apple.com\/HT213758, https:\/\/support.apple.com\/HT213761, https:\/\/support.apple.com\/HT213762, https:\/\/support.apple.com\/HT213764, https:\/\/support.apple.com\/HT213765; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-32409", "cwes": [] }, { "cveID": "CVE-2023-28204", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability", "dateAdded": "2023-05-22", "shortDescription": "Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-12", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/HT213757, https:\/\/support.apple.com\/HT213758, https:\/\/support.apple.com\/HT213761, https:\/\/support.apple.com\/HT213762, https:\/\/support.apple.com\/HT213764, https:\/\/support.apple.com\/HT213765; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-28204", "cwes": [ "CWE-125" ] }, { "cveID": "CVE-2023-32373", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products WebKit Use-After-Free Vulnerability", "dateAdded": "2023-05-22", "shortDescription": "Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-12", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/HT213757, https:\/\/support.apple.com\/HT213758, https:\/\/support.apple.com\/HT213761, https:\/\/support.apple.com\/HT213762, https:\/\/support.apple.com\/HT213764, https:\/\/support.apple.com\/HT213765; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-32373", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2004-1464", "vendorProject": "Cisco", "product": "IOS", "vulnerabilityName": "Cisco IOS Denial-of-Service Vulnerability", "dateAdded": "2023-05-19", "shortDescription": "Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-20040827-telnet; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2004-1464", "cwes": [] }, { "cveID": "CVE-2016-6415", "vendorProject": "Cisco", "product": "IOS, IOS XR, and IOS XE", "vulnerabilityName": "Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability", "dateAdded": "2023-05-19", "shortDescription": "Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. contains an information disclosure vulnerability in the Internet Key Exchange version 1 (IKEv1) that could allow an attacker to retrieve memory contents. Successful exploitation could allow the attacker to retrieve memory contents, which can lead to information disclosure.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-20160916-ikev1; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-6415", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2023-21492", "vendorProject": "Samsung", "product": "Mobile Devices", "vulnerabilityName": "Samsung Mobile Devices Insertion of Sensitive Information Into Log File Vulnerability", "dateAdded": "2023-05-19", "shortDescription": "Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct an address space layout randomization (ASLR) bypass.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-21492", "cwes": [ "CWE-532" ] }, { "cveID": "CVE-2023-25717", "vendorProject": "Ruckus Wireless", "product": "Multiple Products", "vulnerabilityName": "Multiple Ruckus Wireless Products CSRF and RCE Vulnerability", "dateAdded": "2023-05-12", "shortDescription": "Ruckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the web services component is enabled on the AP, an attacker can perform cross-site request forgery (CSRF) or remote code execution (RCE). This vulnerability impacts Ruckus ZoneDirector, SmartZone, and Solo APs.", "requiredAction": "Apply updates per vendor instructions or disconnect product if it is end-of-life.", "dueDate": "2023-06-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.ruckuswireless.com\/security_bulletins\/315; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-25717", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2021-3560", "vendorProject": "Red Hat", "product": "Polkit", "vulnerabilityName": "Red Hat Polkit Incorrect Authorization Vulnerability", "dateAdded": "2023-05-12", "shortDescription": "Red Hat Polkit contains an incorrect authorization vulnerability through the bypassing of credential checks for D-Bus requests, allowing for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=1961710; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-3560", "cwes": [ "CWE-863" ] }, { "cveID": "CVE-2014-0196", "vendorProject": "Linux", "product": "Kernel", "vulnerabilityName": "Linux Kernel Race Condition Vulnerability", "dateAdded": "2023-05-12", "shortDescription": "Linux Kernel contains a race condition vulnerability within the n_tty_write function that allows local users to cause a denial-of-service (DoS) or gain privileges via read and write operations with long strings.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2023-06-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/lkml.iu.edu\/hypermail\/linux\/kernel\/1609.1\/02103.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-0196", "cwes": [ "CWE-362" ] }, { "cveID": "CVE-2010-3904", "vendorProject": "Linux", "product": "Kernel", "vulnerabilityName": "Linux Kernel Improper Input Validation Vulnerability", "dateAdded": "2023-05-12", "shortDescription": "Linux Kernel contains an improper input validation vulnerability in the Reliable Datagram Sockets (RDS) protocol implementation that allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2023-06-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/lkml.iu.edu\/hypermail\/linux\/kernel\/1601.3\/06474.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-3904", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2015-5317", "vendorProject": "Jenkins", "product": "Jenkins User Interface (UI)", "vulnerabilityName": "Jenkins User Interface (UI) Information Disclosure Vulnerability", "dateAdded": "2023-05-12", "shortDescription": "Jenkins User Interface (UI) contains an information disclosure vulnerability that allows users to see the names of jobs and builds otherwise inaccessible to them on the \"Fingerprints\" pages.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.jenkins.io\/security\/advisory\/2015-11-11\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-5317", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2016-3427", "vendorProject": "Oracle", "product": "Java SE and JRockit", "vulnerabilityName": "Oracle Java SE and JRockit Unspecified Vulnerability", "dateAdded": "2023-05-12", "shortDescription": "Oracle Java SE and JRockit contains an unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Management Extensions (JMX). This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.oracle.com\/security-alerts\/cpuapr2016v3.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-3427", "cwes": [] }, { "cveID": "CVE-2016-8735", "vendorProject": "Apache", "product": "Tomcat", "vulnerabilityName": "Apache Tomcat Remote Code Execution Vulnerability", "dateAdded": "2023-05-12", "shortDescription": "Apache Tomcat contains an unspecified vulnerability that allows for remote code execution if JmxRemoteLifecycleListener is used and an attacker can reach Java Management Extension (JMX) ports. This CVE exists because this listener wasn't updated for consistency with the Oracle patched issues for CVE-2016-3427 which affected credential types.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-06-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/tomcat.apache.org\/security-9.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-8735", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2023-29336", "vendorProject": "Microsoft", "product": "Win32k", "vulnerabilityName": "Microsoft Win32K Privilege Escalation Vulnerability", "dateAdded": "2023-05-09", "shortDescription": "Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation up to SYSTEM privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-05-30", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-29336; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-29336", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2023-1389", "vendorProject": "TP-Link", "product": "Archer AX21", "vulnerabilityName": "TP-Link Archer AX-21 Command Injection Vulnerability", "dateAdded": "2023-05-01", "shortDescription": "TP-Link Archer AX-21 contains a command injection vulnerability that allows for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-05-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.tp-link.com\/us\/support\/download\/archer-ax21\/v3\/#Firmware; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-1389", "cwes": [ "CWE-77" ] }, { "cveID": "CVE-2021-45046", "vendorProject": "Apache", "product": "Log4j2", "vulnerabilityName": "Apache Log4j2 Deserialization of Untrusted Data Vulnerability", "dateAdded": "2023-05-01", "shortDescription": "Apache Log4j2 contains a deserialization of untrusted data vulnerability due to the incomplete fix of CVE-2021-44228, where the Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-05-22", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/logging.apache.org\/log4j\/2.x\/security.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-45046", "cwes": [ "CWE-917" ] }, { "cveID": "CVE-2023-21839", "vendorProject": "Oracle", "product": "WebLogic Server", "vulnerabilityName": "Oracle WebLogic Server Unspecified Vulnerability", "dateAdded": "2023-05-01", "shortDescription": "Oracle WebLogic Server contains an unspecified vulnerability that allows an unauthenticated attacker with network access via T3, IIOP, to compromise Oracle WebLogic Server.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-05-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.oracle.com\/security-alerts\/cpujan2023.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-21839", "cwes": [] }, { "cveID": "CVE-2023-28432", "vendorProject": "MinIO", "product": "MinIO", "vulnerabilityName": "MinIO Information Disclosure Vulnerability", "dateAdded": "2023-04-21", "shortDescription": "MinIO contains a vulnerability in a cluster deployment where MinIO returns all environment variables, which allows for information disclosure.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-05-12", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/github.com\/minio\/minio\/security\/advisories\/GHSA-6xvq-wj2x-3h3q; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-28432", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2023-27350", "vendorProject": "PaperCut", "product": "MF\/NG", "vulnerabilityName": "PaperCut MF\/NG Improper Access Control Vulnerability", "dateAdded": "2023-04-21", "shortDescription": "PaperCut MF\/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-05-12", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.papercut.com\/kb\/Main\/PO-1216-and-PO-1219; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-27350", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2023-2136", "vendorProject": "Google", "product": "Chromium Skia", "vulnerabilityName": "Google Chrome Skia Integer Overflow Vulnerability", "dateAdded": "2023-04-21", "shortDescription": "Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-05-12", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2023\/04\/stable-channel-update-for-desktop_18.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-2136", "cwes": [ "CWE-190" ] }, { "cveID": "CVE-2017-6742", "vendorProject": "Cisco", "product": "IOS and IOS XE Software", "vulnerabilityName": "Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability", "dateAdded": "2023-04-19", "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-05-10", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-20170629-snmp; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6742", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2019-8526", "vendorProject": "Apple", "product": "macOS", "vulnerabilityName": "Apple macOS Use-After-Free Vulnerability", "dateAdded": "2023-04-17", "shortDescription": "Apple macOS contains a use-after-free vulnerability that could allow for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-05-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT209600; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-8526", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2023-2033", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", "dateAdded": "2023-04-17", "shortDescription": "Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-05-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2023\/04\/stable-channel-update-for-desktop_14.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-2033", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2023-20963", "vendorProject": "Android", "product": "Framework", "vulnerabilityName": "Android Framework Privilege Escalation Vulnerability", "dateAdded": "2023-04-13", "shortDescription": "Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges needed.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-05-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/source.android.com\/docs\/security\/bulletin\/2023-03-01; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-20963", "cwes": [ "CWE-295" ] }, { "cveID": "CVE-2023-29492", "vendorProject": "Novi Survey", "product": "Novi Survey", "vulnerabilityName": "Novi Survey Insecure Deserialization Vulnerability", "dateAdded": "2023-04-13", "shortDescription": "Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-05-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/novisurvey.net\/blog\/novi-survey-security-advisory-apr-2023.aspx; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-29492", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2023-28252", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability", "dateAdded": "2023-04-11", "shortDescription": "Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-05-02", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-28252; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-28252", "cwes": [ "CWE-122" ] }, { "cveID": "CVE-2023-28205", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products WebKit Use-After-Free Vulnerability", "dateAdded": "2023-04-10", "shortDescription": "Apple iOS, iPadOS, macOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-05-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213720,https:\/\/support.apple.com\/en-us\/HT213721,https:\/\/support.apple.com\/en-us\/HT213722,https:\/\/support.apple.com\/en-us\/HT213723; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-28205", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2023-28206", "vendorProject": "Apple", "product": "iOS, iPadOS, and macOS", "vulnerabilityName": "Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability", "dateAdded": "2023-04-10", "shortDescription": "Apple iOS, iPadOS, and macOS IOSurfaceAccelerator contain an out-of-bounds write vulnerability that allows an app to execute code with kernel privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-05-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213720, https:\/\/support.apple.com\/en-us\/HT213721; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-28206", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2021-27876", "vendorProject": "Veritas", "product": "Backup Exec Agent", "vulnerabilityName": "Veritas Backup Exec Agent File Access Vulnerability", "dateAdded": "2023-04-07", "shortDescription": "Veritas Backup Exec (BE) Agent contains a file access vulnerability that could allow an attacker to specially craft input parameters on a data management protocol command to access files on the BE Agent machine.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-28", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.veritas.com\/support\/en_US\/security\/VTS21-001; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-27876", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2021-27877", "vendorProject": "Veritas", "product": "Backup Exec Agent", "vulnerabilityName": "Veritas Backup Exec Agent Improper Authentication Vulnerability", "dateAdded": "2023-04-07", "shortDescription": "Veritas Backup Exec (BE) Agent contains an improper authentication vulnerability that could allow an attacker unauthorized access to the BE Agent via SHA authentication scheme.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-28", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.veritas.com\/support\/en_US\/security\/VTS21-001; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-27877", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2021-27878", "vendorProject": "Veritas", "product": "Backup Exec Agent", "vulnerabilityName": "Veritas Backup Exec Agent Command Execution Vulnerability", "dateAdded": "2023-04-07", "shortDescription": "Veritas Backup Exec (BE) Agent contains a command execution vulnerability that could allow an attacker to use a data management protocol command to execute a command on the BE Agent machine.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-28", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.veritas.com\/support\/en_US\/security\/VTS21-001; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-27878", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2019-1388", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability", "dateAdded": "2023-04-07", "shortDescription": "Microsoft Windows Certificate Dialog contains a privilege escalation vulnerability, allowing attackers to run processes in an elevated context.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-28", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2019-1388; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-1388", "cwes": [ "CWE-269" ] }, { "cveID": "CVE-2023-26083", "vendorProject": "Arm", "product": "Mali Graphics Processing Unit (GPU)", "vulnerabilityName": "Arm Mali GPU Kernel Driver Information Disclosure Vulnerability", "dateAdded": "2023-04-07", "shortDescription": "Arm Mali GPU Kernel Driver contains an information disclosure vulnerability that allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-28", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/developer.arm.com\/Arm%20Security%20Center\/Mali%20GPU%20Driver%20Vulnerabilities; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-26083", "cwes": [ "CWE-401" ] }, { "cveID": "CVE-2022-27926", "vendorProject": "Zimbra", "product": "Collaboration (ZCS)", "vulnerabilityName": "Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) Vulnerability", "dateAdded": "2023-04-03", "shortDescription": "Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability by allowing an endpoint URL to accept parameters without sanitizing.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/wiki.zimbra.com\/wiki\/Security_Center; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-27926", "cwes": [ "CWE-79", "CWE-138" ] }, { "cveID": "CVE-2013-3163", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Memory Corruption Vulnerability", "dateAdded": "2023-03-30", "shortDescription": "Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial of service via a crafted website.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2023-04-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/learn.microsoft.com\/en-us\/security-updates\/securitybulletins\/2013\/ms13-055; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-3163", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2017-7494", "vendorProject": "Samba", "product": "Samba", "vulnerabilityName": "Samba Remote Code Execution Vulnerability", "dateAdded": "2023-03-30", "shortDescription": "Samba contains a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share and then cause the server to load and execute it.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-20", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.samba.org\/samba\/security\/CVE-2017-7494.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-7494", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2022-42948", "vendorProject": "Fortra", "product": "Cobalt Strike", "vulnerabilityName": "Fortra Cobalt Strike User Interface Remote Code Execution Vulnerability", "dateAdded": "2023-03-30", "shortDescription": "Fortra Cobalt Strike User Interface contains an unspecified vulnerability rooted in Java Swing that may allow remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.cobaltstrike.com\/blog\/out-of-band-update-cobalt-strike-4-7-2\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-42948", "cwes": [ "CWE-79", "CWE-116" ] }, { "cveID": "CVE-2022-39197", "vendorProject": "Fortra", "product": "Cobalt Strike", "vulnerabilityName": "Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS) Vulnerability", "dateAdded": "2023-03-30", "shortDescription": "Fortra Cobalt Strike contains a cross-site scripting (XSS) vulnerability in Teamserver that would allow an attacker to set a malformed username in the Beacon configuration, allowing them to execute code remotely.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.cobaltstrike.com\/blog\/out-of-band-update-cobalt-strike-4-7-1\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-39197", "cwes": [ "CWE-20", "CWE-79" ] }, { "cveID": "CVE-2021-30900", "vendorProject": "Apple", "product": "iOS, iPadOS, and macOS", "vulnerabilityName": "Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability", "dateAdded": "2023-03-30", "shortDescription": "Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a malicious application to execute code with kernel privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT21286, https:\/\/support.apple.com\/en-us\/HT212868, https:\/\/support.apple.com\/kb\/HT212872; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-30900", "cwes": [ "CWE-20", "CWE-787" ] }, { "cveID": "CVE-2022-38181", "vendorProject": "Arm", "product": "Mali Graphics Processing Unit (GPU)", "vulnerabilityName": "Arm Mali GPU Kernel Driver Use-After-Free Vulnerability", "dateAdded": "2023-03-30", "shortDescription": "Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and\/or disclose information.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/developer.arm.com\/Arm%20Security%20Center\/Mali%20GPU%20Driver%20Vulnerabilities; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-38181", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2023-0266", "vendorProject": "Linux", "product": "Kernel", "vulnerabilityName": "Linux Kernel Use-After-Free Vulnerability", "dateAdded": "2023-03-30", "shortDescription": "Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the system user.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/stable\/stable-queue.git\/tree\/queue-5.10\/alsa-pcm-move-rwsem-lock-inside-snd_ctl_elem_read-to-prevent-uaf.patch?id=72783cf35e6c55bca84c4bb7b776c58152856fd4; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-0266", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2022-3038", "vendorProject": "Google", "product": "Chromium Network Service", "vulnerabilityName": "Google Chromium Network Service Use-After-Free Vulnerability", "dateAdded": "2023-03-30", "shortDescription": "Google Chromium Network Service contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2022\/08\/stable-channel-update-for-desktop_30.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-3038", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2022-22706", "vendorProject": "Arm", "product": "Mali Graphics Processing Unit (GPU)", "vulnerabilityName": "Arm Mali GPU Kernel Driver Unspecified Vulnerability", "dateAdded": "2023-03-30", "shortDescription": "Arm Mali GPU Kernel Driver contains an unspecified vulnerability that allows a non-privileged user to achieve write access to read-only memory pages.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-20", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/developer.arm.com\/Arm%20Security%20Center\/Mali%20GPU%20Driver%20Vulnerabilities; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22706", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2023-26360", "vendorProject": "Adobe", "product": "ColdFusion", "vulnerabilityName": "Adobe ColdFusion Deserialization of Untrusted Data Vulnerability", "dateAdded": "2023-03-15", "shortDescription": "Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/helpx.adobe.com\/security\/products\/coldfusion\/apsb23-25.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-26360", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2023-23397", "vendorProject": "Microsoft", "product": "Office", "vulnerabilityName": "Microsoft Office Outlook Privilege Escalation Vulnerability", "dateAdded": "2023-03-14", "shortDescription": "Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-23397, https:\/\/msrc.microsoft.com\/blog\/2023\/03\/microsoft-mitigates-outlook-elevation-of-privilege-vulnerability\/, ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-23397", "cwes": [ "CWE-294" ] }, { "cveID": "CVE-2023-24880", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows SmartScreen Security Feature Bypass Vulnerability", "dateAdded": "2023-03-14", "shortDescription": "Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-04", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-24880; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-24880", "cwes": [ "CWE-863" ] }, { "cveID": "CVE-2022-41328", "vendorProject": "Fortinet", "product": "FortiOS", "vulnerabilityName": "Fortinet FortiOS Path Traversal Vulnerability", "dateAdded": "2023-03-14", "shortDescription": "Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-04-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.fortiguard.com\/psirt\/FG-IR-22-369; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-41328", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2021-39144", "vendorProject": "XStream", "product": "XStream", "vulnerabilityName": "XStream Remote Code Execution Vulnerability", "dateAdded": "2023-03-10", "shortDescription": "XStream contains a remote code execution vulnerability that allows an attacker to manipulate the processed input stream and replace or inject objects that result in the execution of a local command on the server. This vulnerability can affect multiple products, including but not limited to VMware Cloud Foundation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-31", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.vmware.com\/security\/advisories\/VMSA-2022-0027.html, https:\/\/x-stream.github.io\/CVE-2021-39144.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-39144", "cwes": [ "CWE-94", "CWE-502" ] }, { "cveID": "CVE-2020-5741", "vendorProject": "Plex", "product": "Media Server", "vulnerabilityName": "Plex Media Server Remote Code Execution Vulnerability", "dateAdded": "2023-03-10", "shortDescription": "Plex Media Server contains a remote code execution vulnerability that allows an attacker with access to the server administrator's Plex account to upload a malicious file via the Camera Upload feature and have the media server execute it.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-31", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/forums.plex.tv\/t\/security-regarding-cve-2020-5741\/586819; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-5741", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2022-28810", "vendorProject": "Zoho", "product": "ManageEngine", "vulnerabilityName": "Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability", "dateAdded": "2023-03-07", "shortDescription": "Zoho ManageEngine ADSelfService Plus contains an unspecified vulnerability allowing for remote code execution when performing a password change or reset.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-28", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.manageengine.com\/products\/self-service-password\/advisory\/CVE-2022-28810.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-28810", "cwes": [ "CWE-78", "CWE-259" ] }, { "cveID": "CVE-2022-33891", "vendorProject": "Apache", "product": "Spark", "vulnerabilityName": "Apache Spark Command Injection Vulnerability", "dateAdded": "2023-03-07", "shortDescription": "Apache Spark contains a command injection vulnerability via Spark User Interface (UI) when Access Control Lists (ACLs) are enabled.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-28", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/lists.apache.org\/thread\/p847l3kopoo5bjtmxrcwk21xp6tjxqlc; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-33891", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2022-35914", "vendorProject": "Teclib", "product": "GLPI", "vulnerabilityName": "Teclib GLPI Remote Code Execution Vulnerability", "dateAdded": "2023-03-07", "shortDescription": "Teclib GLPI contains a remote code execution vulnerability in the third-party library, htmlawed.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-28", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/glpi-project.org\/fr\/glpi-10-0-3-disponible\/, http:\/\/www.bioinformatics.org\/phplabware\/sourceer\/sourceer.php?&Sfs=htmLawedTest.php&Sl=.%2Finternal_utilities%2FhtmLawed.; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-35914", "cwes": [ "CWE-74" ] }, { "cveID": "CVE-2022-36537", "vendorProject": "ZK Framework", "product": "AuUploader", "vulnerabilityName": "ZK Framework AuUploader Unspecified Vulnerability", "dateAdded": "2023-02-27", "shortDescription": "ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not limited to ConnectWise R1Soft Server Backup Manager.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-20", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/tracker.zkoss.org\/browse\/ZK-5150; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-36537", "cwes": [ "CWE-441" ] }, { "cveID": "CVE-2022-47986", "vendorProject": "IBM", "product": "Aspera Faspex", "vulnerabilityName": "IBM Aspera Faspex Code Execution Vulnerability", "dateAdded": "2023-02-21", "shortDescription": "IBM Aspera Faspex could allow a remote attacker to execute code on the system, caused by a YAML deserialization flaw.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/243512?_ga=2.189195179.1800390251.1676559338-700333034.1676325890; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-47986", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2022-41223", "vendorProject": "Mitel", "product": "MiVoice Connect", "vulnerabilityName": "Mitel MiVoice Connect Code Injection Vulnerability", "dateAdded": "2023-02-21", "shortDescription": "The Director component in Mitel MiVoice Connect allows an authenticated attacker with internal network access to execute code within the context of the application.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.mitel.com\/support\/security-advisories\/mitel-product-security-advisory-22-0008; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-41223", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2022-40765", "vendorProject": "Mitel", "product": "MiVoice Connect", "vulnerabilityName": "Mitel MiVoice Connect Command Injection Vulnerability", "dateAdded": "2023-02-21", "shortDescription": "The Mitel Edge Gateway component of MiVoice Connect allows an authenticated attacker with internal network access to execute commands within the context of the system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.mitel.com\/support\/security-advisories\/mitel-product-security-advisory-22-0007; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-40765", "cwes": [ "CWE-77" ] }, { "cveID": "CVE-2022-46169", "vendorProject": "Cacti", "product": "Cacti", "vulnerabilityName": "Cacti Command Injection Vulnerability", "dateAdded": "2023-02-16", "shortDescription": "Cacti contains a command injection vulnerability that allows an unauthenticated user to execute code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-6p93-p743-35gf; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-46169", "cwes": [ "CWE-74" ] }, { "cveID": "CVE-2023-21715", "vendorProject": "Microsoft", "product": "Office", "vulnerabilityName": "Microsoft Office Publisher Security Feature Bypass Vulnerability", "dateAdded": "2023-02-14", "shortDescription": "Microsoft Office Publisher contains a security feature bypass vulnerability that allows for a local, authenticated attack on a targeted system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-21715; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-21715", "cwes": [ "CWE-863" ] }, { "cveID": "CVE-2023-23376", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability", "dateAdded": "2023-02-14", "shortDescription": "Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-23376; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-23376", "cwes": [ "CWE-122" ] }, { "cveID": "CVE-2023-23529", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products WebKit Type Confusion Vulnerability", "dateAdded": "2023-02-14", "shortDescription": "Apple iOS, MacOS, Safari and iPadOS WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213635, https:\/\/support.apple.com\/en-us\/HT213633, https:\/\/support.apple.com\/en-us\/HT213638; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-23529", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2023-21823", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Graphic Component Privilege Escalation Vulnerability", "dateAdded": "2023-02-14", "shortDescription": "Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-21823; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-21823", "cwes": [ "CWE-190" ] }, { "cveID": "CVE-2015-2291", "vendorProject": "Intel", "product": "Ethernet Diagnostics Driver for Windows", "vulnerabilityName": "Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability", "dateAdded": "2023-02-10", "shortDescription": "Intel ethernet diagnostics driver for Windows IQVW32.sys and IQVW64.sys contain an unspecified vulnerability that allows for a denial-of-service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.intel.com\/content\/www\/us\/en\/security-center\/advisory\/intel-sa-00051.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-2291", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2022-24990", "vendorProject": "TerraMaster", "product": "TerraMaster OS", "vulnerabilityName": "TerraMaster OS Remote Command Execution Vulnerability", "dateAdded": "2023-02-10", "shortDescription": "TerraMaster OS contains a remote command execution vulnerability that allows an unauthenticated user to execute commands on the target endpoint.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-03", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/forum.terra-master.com\/en\/viewtopic.php?t=3030; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-24990", "cwes": [ "CWE-306" ] }, { "cveID": "CVE-2023-0669", "vendorProject": "Fortra", "product": "GoAnywhere MFT", "vulnerabilityName": "Fortra GoAnywhere MFT Remote Code Execution Vulnerability", "dateAdded": "2023-02-10", "shortDescription": "Fortra (formerly, HelpSystems) GoAnywhere MFT contains a pre-authentication remote code execution vulnerability in the License Response Servlet due to deserializing an attacker-controlled object.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-03-03", "knownRansomwareCampaignUse": "Known", "notes": "This CVE has a CISA AA located here: https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa23-158a. Please see the AA for associated IOCs. Additional information is available at: https:\/\/my.goanywhere.com\/webclient\/DownloadProductFiles.xhtml. Fortra users must have an account in order to login and access the patch.; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-0669", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2022-21587", "vendorProject": "Oracle", "product": "E-Business Suite", "vulnerabilityName": "Oracle E-Business Suite Unspecified Vulnerability", "dateAdded": "2023-02-02", "shortDescription": "Oracle E-Business Suite contains an unspecified vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-02-23", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.oracle.com\/security-alerts\/cpuoct2022.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-21587", "cwes": [ "CWE-306" ] }, { "cveID": "CVE-2023-22952", "vendorProject": "SugarCRM", "product": "Multiple Products", "vulnerabilityName": "Multiple SugarCRM Products Remote Code Execution Vulnerability", "dateAdded": "2023-02-02", "shortDescription": "Multiple SugarCRM products contain a remote code execution vulnerability in the EmailTemplates. Using a specially crafted request, custom PHP code can be injected through the EmailTemplates.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-02-23", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.sugarcrm.com\/Resources\/Security\/sugarcrm-sa-2023-001\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-22952", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2017-11357", "vendorProject": "Telerik", "product": "User Interface (UI) for ASP.NET AJAX", "vulnerabilityName": "Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability", "dateAdded": "2023-01-26", "shortDescription": "Telerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and\/or remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-02-16", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/docs.telerik.com\/devtools\/aspnet-ajax\/knowledge-base\/asyncupload-insecure-direct-object-reference; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-11357", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2022-47966", "vendorProject": "Zoho", "product": "ManageEngine", "vulnerabilityName": "Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability", "dateAdded": "2023-01-23", "shortDescription": "Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-02-13", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.manageengine.com\/security\/advisory\/CVE\/cve-2022-47966.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-47966", "cwes": [] }, { "cveID": "CVE-2022-44877", "vendorProject": "CWP", "product": "Control Web Panel", "vulnerabilityName": "CWP Control Web Panel OS Command Injection Vulnerability", "dateAdded": "2023-01-17", "shortDescription": "CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-02-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/control-webpanel.com\/changelog#1669855527714-450fb335-6194; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-44877", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2022-41080", "vendorProject": "Microsoft", "product": "Exchange Server", "vulnerabilityName": "Microsoft Exchange Server Privilege Escalation Vulnerability", "dateAdded": "2023-01-10", "shortDescription": "Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation. This vulnerability is chainable with CVE-2022-41082, which allows for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-01-31", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2022-41080; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-41080", "cwes": [] }, { "cveID": "CVE-2023-21674", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability", "dateAdded": "2023-01-10", "shortDescription": "Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-01-31", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-21674; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-21674", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2018-5430", "vendorProject": "TIBCO", "product": "JasperReports", "vulnerabilityName": "TIBCO JasperReports Server Information Disclosure Vulnerability", "dateAdded": "2022-12-29", "shortDescription": "TIBCO JasperReports Server contain a vulnerability which may allow any authenticated user read-only access to the contents of the web application, including key configuration files.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-01-19", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.tibco.com\/support\/advisories\/2018\/04\/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5430;https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-5430", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2018-18809", "vendorProject": "TIBCO", "product": "JasperReports", "vulnerabilityName": "TIBCO JasperReports Library Directory Traversal Vulnerability", "dateAdded": "2022-12-29", "shortDescription": "TIBCO JasperReports Library contains a directory-traversal vulnerability that may allow web server users to access contents of the host system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-01-19", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.tibco.com\/support\/advisories\/2019\/03\/tibco-security-advisory-march-6-2019-tibco-jasperreports-library-2018-18809; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-18809", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2022-42856", "vendorProject": "Apple", "product": "iOS", "vulnerabilityName": "Apple iOS Type Confusion Vulnerability", "dateAdded": "2022-12-14", "shortDescription": "Apple iOS contains a type confusion vulnerability when processing maliciously crafted web content leading to code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-01-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213516; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-42856", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2022-42475", "vendorProject": "Fortinet", "product": "FortiOS", "vulnerabilityName": "Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability", "dateAdded": "2022-12-13", "shortDescription": "Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-01-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.fortiguard.com\/psirt\/FG-IR-22-398; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-42475", "cwes": [ "CWE-197" ] }, { "cveID": "CVE-2022-44698", "vendorProject": "Microsoft", "product": "Defender", "vulnerabilityName": "Microsoft Defender SmartScreen Security Feature Bypass Vulnerability", "dateAdded": "2022-12-13", "shortDescription": "Microsoft Defender SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-01-03", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-44698; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-44698", "cwes": [ "CWE-755" ] }, { "cveID": "CVE-2022-27518", "vendorProject": "Citrix", "product": "Application Delivery Controller (ADC) and Gateway", "vulnerabilityName": "Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability", "dateAdded": "2022-12-13", "shortDescription": "Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability that allows an attacker to execute code as administrator.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-01-03", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.citrix.com\/blogs\/2022\/12\/13\/critical-security-update-now-available-for-citrix-adc-citrix-gateway\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-27518", "cwes": [ "CWE-664" ] }, { "cveID": "CVE-2022-26500", "vendorProject": "Veeam", "product": "Backup & Replication", "vulnerabilityName": "Veeam Backup & Replication Remote Code Execution Vulnerability", "dateAdded": "2022-12-13", "shortDescription": "The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-01-03", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.veeam.com\/kb4288; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-26500", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2022-26501", "vendorProject": "Veeam", "product": "Backup & Replication", "vulnerabilityName": "Veeam Backup & Replication Remote Code Execution Vulnerability", "dateAdded": "2022-12-13", "shortDescription": "The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2023-01-03", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.veeam.com\/kb4288; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-26501", "cwes": [ "CWE-306" ] }, { "cveID": "CVE-2022-4262", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", "dateAdded": "2022-12-05", "shortDescription": "Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-12-26", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2022\/12\/stable-channel-update-for-desktop.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-4262", "cwes": [ "CWE-122", "CWE-843" ] }, { "cveID": "CVE-2021-35587", "vendorProject": "Oracle", "product": "Fusion Middleware", "vulnerabilityName": "Oracle Fusion Middleware Unspecified Vulnerability", "dateAdded": "2022-11-28", "shortDescription": "Oracle Fusion Middleware Access Manager allows an unauthenticated attacker with network access via HTTP to takeover the Access Manager product.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-12-19", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.oracle.com\/security-alerts\/cpujan2022.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-35587", "cwes": [ "CWE-502", "CWE-790" ] }, { "cveID": "CVE-2022-4135", "vendorProject": "Google", "product": "Chromium GPU", "vulnerabilityName": "Google Chromium GPU Heap Buffer Overflow Vulnerability", "dateAdded": "2022-11-28", "shortDescription": "Google Chromium GPU contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-12-19", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2022\/11\/stable-channel-update-for-desktop_24.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-4135", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2022-41049", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability", "dateAdded": "2022-11-14", "shortDescription": "Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-12-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2022-41049; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-41049", "cwes": [ "CWE-274" ] }, { "cveID": "CVE-2022-41091", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability", "dateAdded": "2022-11-08", "shortDescription": "Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-12-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2022-41091; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-41091", "cwes": [ "CWE-863" ] }, { "cveID": "CVE-2022-41073", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Print Spooler Privilege Escalation Vulnerability", "dateAdded": "2022-11-08", "shortDescription": "Microsoft Windows Print Spooler contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-12-09", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2022-41073; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-41073", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2022-41125", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability", "dateAdded": "2022-11-08", "shortDescription": "Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-12-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2022-41125; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-41125", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2022-41128", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Scripting Languages Remote Code Execution Vulnerability", "dateAdded": "2022-11-08", "shortDescription": "Microsoft Windows contains an unspecified vulnerability in the JScript9 scripting language which allows for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-12-09", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-41128; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-41128", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2021-25337", "vendorProject": "Samsung", "product": "Mobile Devices", "vulnerabilityName": "Samsung Mobile Devices Improper Access Control Vulnerability", "dateAdded": "2022-11-08", "shortDescription": "Samsung mobile devices contain an improper access control vulnerability in clipboard service which allows untrusted applications to read or write arbitrary files. This vulnerability was chained with CVE-2021-25369 and CVE-2021-25370.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-11-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-25337", "cwes": [ "CWE-269" ] }, { "cveID": "CVE-2021-25369", "vendorProject": "Samsung", "product": "Mobile Devices", "vulnerabilityName": "Samsung Mobile Devices Improper Access Control Vulnerability", "dateAdded": "2022-11-08", "shortDescription": "Samsung mobile devices using Mali GPU contains an improper access control vulnerability in sec_log file. Exploitation of the vulnerability exposes sensitive kernel information to the userspace. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25370.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-11-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-25369", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2021-25370", "vendorProject": "Samsung", "product": "Mobile Devices", "vulnerabilityName": "Samsung Mobile Devices Memory Corruption Vulnerability", "dateAdded": "2022-11-08", "shortDescription": "Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leading to kernel panic. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25369.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-11-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-25370", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2022-3723", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", "dateAdded": "2022-10-28", "shortDescription": "Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-11-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2022\/10\/stable-channel-update-for-desktop_27.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-3723", "cwes": [ "CWE-122", "CWE-843" ] }, { "cveID": "CVE-2022-42827", "vendorProject": "Apple", "product": "iOS and iPadOS", "vulnerabilityName": "Apple iOS and iPadOS Out-of-Bounds Write Vulnerability", "dateAdded": "2022-10-25", "shortDescription": "Apple iOS and iPadOS kernel contain an out-of-bounds write vulnerability which can allow an application to perform code execution with kernel privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-11-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213489; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-42827", "cwes": [ "CWE-20", "CWE-787" ] }, { "cveID": "CVE-2020-3433", "vendorProject": "Cisco", "product": "AnyConnect Secure", "vulnerabilityName": "Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability", "dateAdded": "2022-10-24", "shortDescription": "Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-11-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-anyconnect-dll-F26WwJW; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-3433", "cwes": [ "CWE-427" ] }, { "cveID": "CVE-2020-3153", "vendorProject": "Cisco", "product": "AnyConnect Secure", "vulnerabilityName": "Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability", "dateAdded": "2022-10-24", "shortDescription": "Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-11-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-ac-win-path-traverse-qO4HWBsj; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-3153", "cwes": [ "CWE-427" ] }, { "cveID": "CVE-2018-19323", "vendorProject": "GIGABYTE", "product": "Multiple Products", "vulnerabilityName": "GIGABYTE Multiple Products Privilege Escalation Vulnerability", "dateAdded": "2022-10-24", "shortDescription": "The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-11-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.gigabyte.com\/Support\/Security\/1801; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-19323", "cwes": [] }, { "cveID": "CVE-2018-19322", "vendorProject": "GIGABYTE", "product": "Multiple Products", "vulnerabilityName": "GIGABYTE Multiple Products Code Execution Vulnerability", "dateAdded": "2022-10-24", "shortDescription": "The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read\/write data from\/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-11-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.gigabyte.com\/Support\/Security\/1801; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-19322", "cwes": [ "CWE-749" ] }, { "cveID": "CVE-2018-19321", "vendorProject": "GIGABYTE", "product": "Multiple Products", "vulnerabilityName": "GIGABYTE Multiple Products Privilege Escalation Vulnerability", "dateAdded": "2022-10-24", "shortDescription": "The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-11-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.gigabyte.com\/Support\/Security\/1801; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-19321", "cwes": [] }, { "cveID": "CVE-2018-19320", "vendorProject": "GIGABYTE", "product": "Multiple Products", "vulnerabilityName": "GIGABYTE Multiple Products Unspecified Vulnerability", "dateAdded": "2022-10-24", "shortDescription": "The GDrv low-level driver in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-11-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.gigabyte.com\/Support\/Security\/1801; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-19320", "cwes": [] }, { "cveID": "CVE-2022-41352", "vendorProject": "Zimbra", "product": "Collaboration (ZCS)", "vulnerabilityName": "Zimbra Collaboration (ZCS) Arbitrary File Upload Vulnerability", "dateAdded": "2022-10-20", "shortDescription": "Zimbra Collaboration (ZCS) allows an attacker to upload arbitrary files using cpio package to gain incorrect access to any other user accounts.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-11-10", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/wiki.zimbra.com\/wiki\/Security_Center; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-41352", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2021-3493", "vendorProject": "Linux", "product": "Kernel", "vulnerabilityName": "Linux Kernel Privilege Escalation Vulnerability", "dateAdded": "2022-10-20", "shortDescription": "The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-11-10", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-3493", "cwes": [ "CWE-862" ] }, { "cveID": "CVE-2022-40684", "vendorProject": "Fortinet", "product": "Multiple Products", "vulnerabilityName": "Fortinet Multiple Products Authentication Bypass Vulnerability", "dateAdded": "2022-10-11", "shortDescription": "Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-11-01", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.fortiguard.com\/psirt\/FG-IR-22-377; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-40684", "cwes": [ "CWE-288" ] }, { "cveID": "CVE-2022-41033", "vendorProject": "Microsoft", "product": "Windows COM+ Event System Service", "vulnerabilityName": "Microsoft Windows COM+ Event System Service Privilege Escalation Vulnerability", "dateAdded": "2022-10-11", "shortDescription": "Microsoft Windows COM+ Event System Service contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-11-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2022-41033; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-41033", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2022-41082", "vendorProject": "Microsoft", "product": "Exchange Server", "vulnerabilityName": "Microsoft Exchange Server Remote Code Execution Vulnerability", "dateAdded": "2022-09-30", "shortDescription": "Microsoft Exchange Server contains an unspecified vulnerability that allows for authenticated remote code execution. Dubbed \"ProxyNotShell,\" this vulnerability is chainable with CVE-2022-41040 which allows for the remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-10-21", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/msrc-blog.microsoft.com\/2022\/09\/29\/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-41082", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2022-41040", "vendorProject": "Microsoft", "product": "Exchange Server", "vulnerabilityName": "Microsoft Exchange Server Server-Side Request Forgery Vulnerability", "dateAdded": "2022-09-30", "shortDescription": "Microsoft Exchange Server allows for server-side request forgery. Dubbed \"ProxyNotShell,\" this vulnerability is chainable with CVE-2022-41082 which allows for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-10-21", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/msrc-blog.microsoft.com\/2022\/09\/29\/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-41040", "cwes": [ "CWE-918" ] }, { "cveID": "CVE-2022-36804", "vendorProject": "Atlassian", "product": "Bitbucket Server and Data Center", "vulnerabilityName": "Atlassian Bitbucket Server and Data Center Command Injection Vulnerability", "dateAdded": "2022-09-30", "shortDescription": "Multiple API endpoints of Atlassian Bitbucket Server and Data Center contain a command injection vulnerability where an attacker with access to a public Bitbucket repository, or with read permissions to a private one, can execute code by sending a malicious HTTP request.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-10-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/jira.atlassian.com\/browse\/BSERV-13438; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-36804", "cwes": [ "CWE-78", "CWE-88", "CWE-158" ] }, { "cveID": "CVE-2022-3236", "vendorProject": "Sophos", "product": "Firewall", "vulnerabilityName": "Sophos Firewall Code Injection Vulnerability", "dateAdded": "2022-09-23", "shortDescription": "A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-10-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.sophos.com\/en-us\/security-advisories\/sophos-sa-20220923-sfos-rce; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-3236", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2022-35405", "vendorProject": "Zoho", "product": "ManageEngine", "vulnerabilityName": "Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability", "dateAdded": "2022-09-22", "shortDescription": "Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability that allows for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-10-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.manageengine.com\/products\/passwordmanagerpro\/advisory\/cve-2022-35405.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-35405", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2022-40139", "vendorProject": "Trend Micro", "product": "Apex One and Apex One as a Service", "vulnerabilityName": "Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability", "dateAdded": "2022-09-15", "shortDescription": "Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-10-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/success.trendmicro.com\/dcx\/s\/solution\/000291528?language=en_US; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-40139", "cwes": [ "CWE-353", "CWE-641" ] }, { "cveID": "CVE-2013-6282", "vendorProject": "Linux", "product": "Kernel", "vulnerabilityName": "Linux Kernel Improper Input Validation Vulnerability", "dateAdded": "2022-09-15", "shortDescription": "The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k\/v7 platforms. This allows an application to read and write kernel memory which could lead to privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-10-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=8404663f81d212918ff85f493649a7991209fa04; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-6282", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2013-2597", "vendorProject": "Code Aurora", "product": "ACDB Audio Driver", "vulnerabilityName": "Code Aurora ACDB Audio Driver Stack-based Buffer Overflow Vulnerability", "dateAdded": "2022-09-15", "shortDescription": "The Code Aurora audio calibration database (acdb) audio driver contains a stack-based buffer overflow vulnerability that allows for privilege escalation. Code Aurora is used in third-party products such as Qualcomm and Android.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-10-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/web.archive.org\/web\/20161226013354\/https:\/www.codeaurora.org\/news\/security-advisories\/stack-based-buffer-overflow-acdb-audio-driver-cve-2013-2597; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-2597", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2013-2596", "vendorProject": "Linux", "product": "Kernel", "vulnerabilityName": "Linux Kernel Integer Overflow Vulnerability", "dateAdded": "2022-09-15", "shortDescription": "Linux kernel fb_mmap function in drivers\/video\/fbmem.c contains an integer overflow vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-10-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=fc9bbca8f650e5f738af8806317c0a041a48ae4a; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-2596", "cwes": [ "CWE-189" ] }, { "cveID": "CVE-2013-2094", "vendorProject": "Linux", "product": "Kernel", "vulnerabilityName": "Linux Kernel Privilege Escalation Vulnerability", "dateAdded": "2022-09-15", "shortDescription": "Linux kernel fails to check all 64 bits of attr.config passed by user space, resulting to out-of-bounds access of the perf_swevent_enabled array in sw_perf_event_destroy(). Explotation allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-10-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=8176cced706b5e5d15887584150764894e94e02f; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-2094", "cwes": [ "CWE-189" ] }, { "cveID": "CVE-2010-2568", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Remote Code Execution Vulnerability", "dateAdded": "2022-09-15", "shortDescription": "Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attacker who successfully exploited this vulnerability could execute code as the logged-on user.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-10-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/docs.microsoft.com\/en-us\/security-updates\/securitybulletins\/2010\/ms10-046; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-2568", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2022-37969", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability", "dateAdded": "2022-09-14", "shortDescription": "Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-10-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2022-37969; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-37969", "cwes": [ "CWE-20", "CWE-787" ] }, { "cveID": "CVE-2022-32917", "vendorProject": "Apple", "product": "iOS, iPadOS, and macOS", "vulnerabilityName": "Apple iOS, iPadOS, and macOS Remote Code Execution Vulnerability", "dateAdded": "2022-09-14", "shortDescription": "Apple kernel, which is included in iOS, iPadOS, and macOS, contains an unspecified vulnerability where an application may be able to execute code with kernel privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-10-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT213445, https:\/\/support.apple.com\/en-us\/HT213444; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-32917", "cwes": [ "CWE-20", "CWE-787" ] }, { "cveID": "CVE-2022-3075", "vendorProject": "Google", "product": "Chromium Mojo", "vulnerabilityName": "Google Chromium Mojo Insufficient Data Validation Vulnerability", "dateAdded": "2022-09-08", "shortDescription": "Google Chromium Mojo contains an insufficient data validation vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2022\/09\/stable-channel-update-for-desktop.html, https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-3075; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-3075", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2022-27593", "vendorProject": "QNAP", "product": "Photo Station", "vulnerabilityName": "QNAP Photo Station Externally Controlled Reference Vulnerability", "dateAdded": "2022-09-08", "shortDescription": "Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-29", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.qnap.com\/en\/security-advisory\/qsa-22-24; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-27593", "cwes": [ "CWE-610" ] }, { "cveID": "CVE-2022-26258", "vendorProject": "D-Link", "product": "DIR-820L", "vulnerabilityName": "D-Link DIR-820L Remote Code Execution Vulnerability", "dateAdded": "2022-09-08", "shortDescription": "D-Link DIR-820L contains an unspecified vulnerability in Device Name parameter in \/lan.asp which allows for remote code execution.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-09-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/supportannouncement.us.dlink.com\/announcement\/publication.aspx?name=SAP10295; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-26258", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2020-9934", "vendorProject": "Apple", "product": "iOS, iPadOS, and macOS", "vulnerabilityName": "Apple iOS, iPadOS, and macOS Input Validation Vulnerability", "dateAdded": "2022-09-08", "shortDescription": "Apple iOS, iPadOS, and macOS contain an unspecified vulnerability involving input validation which can allow a local attacker to view sensitive user information.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT211288, https:\/\/support.apple.com\/en-us\/HT211289; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-9934", "cwes": [] }, { "cveID": "CVE-2018-7445", "vendorProject": "MikroTik", "product": "RouterOS", "vulnerabilityName": "MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability", "dateAdded": "2022-09-08", "shortDescription": "In MikroTik RouterOS, a stack-based buffer overflow occurs when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.coresecurity.com\/core-labs\/advisories\/mikrotik-routeros-smb-buffer-overflow#vendor_update, https:\/\/mikrotik.com\/download; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-7445", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2018-6530", "vendorProject": "D-Link", "product": "Multiple Routers", "vulnerabilityName": "D-Link Multiple Routers OS Command Injection Vulnerability", "dateAdded": "2022-09-08", "shortDescription": "Multiple D-Link routers contain an unspecified vulnerability that allows for execution of OS commands.", "requiredAction": "The vendor D-Link published an advisory stating the fix under CVE-2018-20114 properly patches KEV entry CVE-2018-6530. If the device is still supported, apply updates per vendor instructions. If the affected device has since entered its end-of-life, it should be disconnected if still in use.", "dueDate": "2022-09-29", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/supportannouncement.us.dlink.com\/announcement\/publication.aspx?name=SAP10105; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-6530", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2018-2628", "vendorProject": "Oracle", "product": "WebLogic Server", "vulnerabilityName": "Oracle WebLogic Server Unspecified Vulnerability", "dateAdded": "2022-09-08", "shortDescription": "Oracle WebLogic Server contains an unspecified vulnerability which can allow an unauthenticated attacker with T3 network access to compromise the server.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.oracle.com\/security-alerts\/cpuapr2018.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-2628", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2018-13374", "vendorProject": "Fortinet", "product": "FortiOS and FortiADC", "vulnerabilityName": "Fortinet FortiOS and FortiADC Improper Access Control Vulnerability", "dateAdded": "2022-09-08", "shortDescription": "Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointing a LDAP server connectivity test request to a rogue LDAP server.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-29", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.fortiguard.com\/psirt\/FG-IR-18-157; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-13374", "cwes": [ "CWE-732" ] }, { "cveID": "CVE-2017-5521", "vendorProject": "NETGEAR", "product": "Multiple Devices", "vulnerabilityName": "NETGEAR Multiple Devices Exposure of Sensitive Information Vulnerability", "dateAdded": "2022-09-08", "shortDescription": "Multiple NETGEAR devices are prone to admin password disclosure via simple crafted requests to the web management server.", "requiredAction": "Apply updates per vendor instructions. If the affected device has since entered end-of-life, it should be disconnected if still in use.", "dueDate": "2022-09-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/kb.netgear.com\/30632\/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-5521", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2011-4723", "vendorProject": "D-Link", "product": "DIR-300 Router", "vulnerabilityName": "D-Link DIR-300 Router Cleartext Storage of a Password Vulnerability", "dateAdded": "2022-09-08", "shortDescription": "The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-09-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.dlink.com\/uk\/en\/support\/product\/dir-300-wireless-g-router; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2011-4723", "cwes": [ "CWE-310" ] }, { "cveID": "CVE-2011-1823", "vendorProject": "Android", "product": "Android OS", "vulnerabilityName": "Android OS Privilege Escalation Vulnerability", "dateAdded": "2022-09-08", "shortDescription": "The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is associated with GingerBreak and Exploit.AndroidOS.Lotoor.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-29", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/android.googlesource.com\/platform\/system\/vold\/+\/c51920c82463b240e2be0430849837d6fdc5352e; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2011-1823", "cwes": [ "CWE-189" ] }, { "cveID": "CVE-2022-26352", "vendorProject": "dotCMS", "product": "dotCMS", "vulnerabilityName": "dotCMS Unrestricted Upload of File Vulnerability", "dateAdded": "2022-08-25", "shortDescription": "dotCMS ContentResource API contains an unrestricted upload of file with a dangerous type vulnerability that allows for directory traversal, in which the file is saved outside of the intended storage location. Exploitation allows for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/www.dotcms.com\/security\/SI-62; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-26352", "cwes": [ "CWE-22", "CWE-138" ] }, { "cveID": "CVE-2022-24706", "vendorProject": "Apache", "product": "CouchDB", "vulnerabilityName": "Apache CouchDB Insecure Default Initialization of Resource Vulnerability", "dateAdded": "2022-08-25", "shortDescription": "Apache CouchDB contains an insecure default initialization of resource vulnerability which can allow an attacker to escalate to administrative privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/lists.apache.org\/thread\/w24wo0h8nlctfps65txvk0oc5hdcnv00; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-24706", "cwes": [ "CWE-1188" ] }, { "cveID": "CVE-2022-24112", "vendorProject": "Apache", "product": "APISIX", "vulnerabilityName": "Apache APISIX Authentication Bypass Vulnerability", "dateAdded": "2022-08-25", "shortDescription": "Apache APISIX contains an authentication bypass vulnerability that allows for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/lists.apache.org\/thread\/lcdqywz8zy94mdysk7p3gfdgn51jmt94; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-24112", "cwes": [ "CWE-290" ] }, { "cveID": "CVE-2022-22963", "vendorProject": "VMware Tanzu", "product": "Spring Cloud", "vulnerabilityName": "VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability", "dateAdded": "2022-08-25", "shortDescription": "When using routing functionality in VMware Tanzu's Spring Cloud Function, it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/tanzu.vmware.com\/security\/cve-2022-22963; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22963", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2022-2294", "vendorProject": "WebRTC", "product": "WebRTC", "vulnerabilityName": "WebRTC Heap Buffer Overflow Vulnerability", "dateAdded": "2022-08-25", "shortDescription": "WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buffer overflow vulnerability that allows an attacker to perform shellcode execution. This vulnerability impacts web browsers using WebRTC including but not limited to Google Chrome.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/groups.google.com\/g\/discuss-webrtc\/c\/5KBtZx2gvcQ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-2294", "cwes": [ "CWE-122" ] }, { "cveID": "CVE-2021-39226", "vendorProject": "Grafana Labs", "product": "Grafana", "vulnerabilityName": "Grafana Authentication Bypass Vulnerability", "dateAdded": "2022-08-25", "shortDescription": "Grafana contains an authentication bypass vulnerability that allows authenticated and unauthenticated users to view and delete all snapshot data, potentially resulting in complete snapshot data loss.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/grafana.com\/blog\/2021\/10\/05\/grafana-7.5.11-and-8.1.6-released-with-critical-security-fix\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-39226", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2021-38406", "vendorProject": "Delta Electronics", "product": "DOPSoft 2", "vulnerabilityName": "Delta Electronics DOPSoft 2 Improper Input Validation Vulnerability", "dateAdded": "2022-08-25", "shortDescription": "Delta Electronics DOPSoft 2 lacks proper validation of user-supplied data when parsing specific project files (improper input validation) resulting in an out-of-bounds write that allows for code execution.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-09-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/www.cisa.gov\/uscert\/ics\/advisories\/icsa-21-252-02; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-38406", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2021-31010", "vendorProject": "Apple", "product": "iOS, macOS, watchOS", "vulnerabilityName": "Apple iOS, macOS, watchOS Sandbox Bypass Vulnerability", "dateAdded": "2022-08-25", "shortDescription": "In affected versions of Apple iOS, macOS, and watchOS, a sandboxed process may be able to circumvent sandbox restrictions.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-us\/HT212804, https:\/\/support.apple.com\/en-us\/HT212805, https:\/\/support.apple.com\/en-us\/HT212806, https:\/\/support.apple.com\/en-us\/HT212807, https:\/\/support.apple.com\/en-us\/HT212824; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-31010", "cwes": [ "CWE-20", "CWE-502" ] }, { "cveID": "CVE-2020-36193", "vendorProject": "PEAR", "product": "Archive_Tar", "vulnerabilityName": "PEAR Archive_Tar Improper Link Resolution Vulnerability", "dateAdded": "2022-08-25", "shortDescription": "PEAR Archive_Tar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/github.com\/pear\/Archive_Tar\/commit\/cde460582ff389404b5b3ccb59374e9b389de916, https:\/\/www.drupal.org\/sa-core-2021-001, https:\/\/access.redhat.com\/security\/cve\/cve-2020-36193; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-36193", "cwes": [ "CWE-22", "CWE-59" ] }, { "cveID": "CVE-2020-28949", "vendorProject": "PEAR", "product": "Archive_Tar", "vulnerabilityName": "PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability", "dateAdded": "2022-08-25", "shortDescription": "PEAR Archive_Tar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/pear.php.net\/bugs\/bug.php?id=27002, https:\/\/www.drupal.org\/sa-core-2020-013, https:\/\/access.redhat.com\/security\/cve\/cve-2020-28949; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-28949", "cwes": [ "CWE-74" ] }, { "cveID": "CVE-2022-0028", "vendorProject": "Palo Alto Networks", "product": "PAN-OS", "vulnerabilityName": "Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability", "dateAdded": "2022-08-22", "shortDescription": "A Palo Alto Networks PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-12", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.paloaltonetworks.com\/CVE-2022-0028; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-0028", "cwes": [ "CWE-940" ] }, { "cveID": "CVE-2022-22536", "vendorProject": "SAP", "product": "Multiple Products", "vulnerabilityName": "SAP Multiple Products HTTP Request Smuggling Vulnerability", "dateAdded": "2022-08-18", "shortDescription": "SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server and SAP Web Dispatcher allow HTTP request smuggling. An unauthenticated attacker can prepend a victim's request with arbitrary data, allowing for function execution impersonating the victim or poisoning intermediary Web caches.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-08", "knownRansomwareCampaignUse": "Unknown", "notes": "SAP users must have an account in order to login and access the patch. https:\/\/accounts.sap.com\/saml2\/idp\/sso; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22536", "cwes": [ "CWE-444" ] }, { "cveID": "CVE-2022-32894", "vendorProject": "Apple", "product": "iOS and macOS", "vulnerabilityName": "Apple iOS and macOS Out-of-Bounds Write Vulnerability", "dateAdded": "2022-08-18", "shortDescription": "Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow an application to execute code with kernel privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-gb\/HT213412, https:\/\/support.apple.com\/en-gb\/HT213413; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-32894", "cwes": [ "CWE-20", "CWE-787" ] }, { "cveID": "CVE-2022-32893", "vendorProject": "Apple", "product": "iOS and macOS", "vulnerabilityName": "Apple iOS and macOS Out-of-Bounds Write Vulnerability", "dateAdded": "2022-08-18", "shortDescription": "Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow for remote code execution when processing malicious crafted web content.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/support.apple.com\/en-gb\/HT213412, https:\/\/support.apple.com\/en-gb\/HT213413; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-32893", "cwes": [ "CWE-20", "CWE-787" ] }, { "cveID": "CVE-2022-2856", "vendorProject": "Google", "product": "Chromium Intents", "vulnerabilityName": "Google Chromium Intents Insufficient Input Validation Vulnerability", "dateAdded": "2022-08-18", "shortDescription": "Google Chromium Intents contains an insufficient validation of untrusted input vulnerability that allows a remote attacker to browse to a malicious website via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/chromereleases.googleblog.com\/2022\/08\/stable-channel-update-for-desktop_16.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-2856", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2022-26923", "vendorProject": "Microsoft", "product": "Active Directory", "vulnerabilityName": "Microsoft Active Directory Domain Services Privilege Escalation Vulnerability", "dateAdded": "2022-08-18", "shortDescription": "An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2022-26923; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-26923", "cwes": [ "CWE-295" ] }, { "cveID": "CVE-2022-21971", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Runtime Remote Code Execution Vulnerability", "dateAdded": "2022-08-18", "shortDescription": "Microsoft Windows Runtime contains an unspecified vulnerability that allows for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-21971; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-21971", "cwes": [ "CWE-824" ] }, { "cveID": "CVE-2017-15944", "vendorProject": "Palo Alto Networks", "product": "PAN-OS", "vulnerabilityName": "Palo Alto Networks PAN-OS Remote Code Execution Vulnerability", "dateAdded": "2022-08-18", "shortDescription": "Palo Alto Networks PAN-OS contains multiple, unspecified vulnerabilities which can allow for remote code execution when chained.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/security.paloaltonetworks.com\/CVE-2017-15944; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-15944", "cwes": [] }, { "cveID": "CVE-2022-27925", "vendorProject": "Zimbra", "product": "Collaboration (ZCS)", "vulnerabilityName": "Zimbra Collaboration (ZCS) Arbitrary File Upload Vulnerability", "dateAdded": "2022-08-11", "shortDescription": "Zimbra Collaboration (ZCS) contains flaw in the mboximport functionality, allowing an authenticated attacker to upload arbitrary files to perform remote code execution. This vulnerability was chained with CVE-2022-37042 which allows for unauthenticated remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/blog.zimbra.com\/2022\/08\/authentication-bypass-in-mailboximportservlet-vulnerability\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-27925", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2022-37042", "vendorProject": "Zimbra", "product": "Collaboration (ZCS)", "vulnerabilityName": "Zimbra Collaboration (ZCS) Authentication Bypass Vulnerability", "dateAdded": "2022-08-11", "shortDescription": "Zimbra Collaboration (ZCS) contains an authentication bypass vulnerability in MailboxImportServlet. This vulnerability was chained with CVE-2022-27925 which allows for unauthenticated remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/blog.zimbra.com\/2022\/08\/authentication-bypass-in-mailboximportservlet-vulnerability\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-37042", "cwes": [ "CWE-23" ] }, { "cveID": "CVE-2022-34713", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability", "dateAdded": "2022-08-09", "shortDescription": "A remote code execution vulnerability exists when Microsoft Windows MSDT is called using the URL protocol from a calling application.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-08-30", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-34713; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-34713", "cwes": [] }, { "cveID": "CVE-2022-30333", "vendorProject": "RARLAB", "product": "UnRAR", "vulnerabilityName": "RARLAB UnRAR Directory Traversal Vulnerability", "dateAdded": "2022-08-09", "shortDescription": "RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability, allowing an attacker to write to files during an extract (unpack) operation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-08-30", "knownRansomwareCampaignUse": "Unknown", "notes": "Vulnerability updated with version 6.12. Accessing link will download update information: https:\/\/www.rarlab.com\/rar\/rarlinux-x32-612.tar.gz; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-30333", "cwes": [ "CWE-22", "CWE-59" ] }, { "cveID": "CVE-2022-27924", "vendorProject": "Zimbra", "product": "Collaboration (ZCS)", "vulnerabilityName": "Zimbra Collaboration (ZCS) Command Injection Vulnerability", "dateAdded": "2022-08-04", "shortDescription": "Zimbra Collaboration (ZCS) allows an attacker to inject memcache commands into a targeted instance which causes an overwrite of arbitrary cached entries.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-08-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/wiki.zimbra.com\/wiki\/Zimbra_Releases\/9.0.0\/P24.1#Security_Fixes; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-27924", "cwes": [ "CWE-93" ] }, { "cveID": "CVE-2022-26138", "vendorProject": "Atlassian", "product": "Confluence", "vulnerabilityName": "Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability", "dateAdded": "2022-07-29", "shortDescription": "Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-08-19", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/confluence.atlassian.com\/doc\/questions-for-confluence-security-advisory-2022-07-20-1142446709.html; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-26138", "cwes": [ "CWE-798" ] }, { "cveID": "CVE-2022-22047", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Client Server Runtime Subsystem (CSRSS) Privilege Escalation Vulnerability", "dateAdded": "2022-07-12", "shortDescription": "Microsoft Windows CSRSS contains an unspecified vulnerability that allows for privilege escalation to SYSTEM privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-08-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-22047; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22047", "cwes": [ "CWE-426" ] }, { "cveID": "CVE-2022-26925", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows LSA Spoofing Vulnerability", "dateAdded": "2022-07-01", "shortDescription": "Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.", "requiredAction": "Apply remediation actions outlined in CISA guidance [https:\/\/www.cisa.gov\/guidance-applying-june-microsoft-patch].", "dueDate": "2022-07-22", "knownRansomwareCampaignUse": "Unknown", "notes": "WARNING: This update is required on all Microsoft Windows endpoints but if deployed to domain controllers without additional configuration changes the update breaks PIV\/CAC authentication. Read CISA implementation guidance carefully before deploying to domain controllers.; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-26925", "cwes": [ "CWE-306" ] }, { "cveID": "CVE-2022-29499", "vendorProject": "Mitel", "product": "MiVoice Connect", "vulnerabilityName": "Mitel MiVoice Connect Data Validation Vulnerability", "dateAdded": "2022-06-27", "shortDescription": "The Service Appliance component in Mitel MiVoice Connect allows remote code execution due to incorrect data validation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-07-18", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-29499", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2021-30533", "vendorProject": "Google", "product": "Chromium PopupBlocker", "vulnerabilityName": "Google Chromium PopupBlocker Security Bypass Vulnerability", "dateAdded": "2022-06-27", "shortDescription": "Google Chromium PopupBlocker contains an insufficient policy enforcement vulnerability that allows a remote attacker to bypass navigation restrictions via a crafted iframe. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-07-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-30533", "cwes": [ "CWE-863" ] }, { "cveID": "CVE-2021-4034", "vendorProject": "Red Hat", "product": "Polkit", "vulnerabilityName": "Red Hat Polkit Out-of-Bounds Read and Write Vulnerability", "dateAdded": "2022-06-27", "shortDescription": "The Red Hat polkit pkexec utility contains an out-of-bounds read and write vulnerability that allows for privilege escalation with administrative rights.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-07-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-4034", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2021-30983", "vendorProject": "Apple", "product": "iOS and iPadOS", "vulnerabilityName": "Apple iOS and iPadOS Buffer Overflow Vulnerability", "dateAdded": "2022-06-27", "shortDescription": "Apple iOS and iPadOS contain a buffer overflow vulnerability that could allow an application to execute code with kernel privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-07-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-30983", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2020-3837", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability", "dateAdded": "2022-06-27", "shortDescription": "Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-07-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-3837", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2020-9907", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability", "dateAdded": "2022-06-27", "shortDescription": "Apple iOS, iPadOS, and tvOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-07-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-9907", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2019-8605", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Use-After-Free Vulnerability", "dateAdded": "2022-06-27", "shortDescription": "A use-after-free vulnerability in Apple iOS, macOS, tvOS, and watchOS could allow a malicious application to execute code with system privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-07-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-8605", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2018-4344", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability", "dateAdded": "2022-06-27", "shortDescription": "Apple iOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability which can allow for code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-07-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-4344", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2022-30190", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability", "dateAdded": "2022-06-14", "shortDescription": "A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-07-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-30190", "cwes": [ "CWE-610" ] }, { "cveID": "CVE-2021-38163", "vendorProject": "SAP", "product": "NetWeaver", "vulnerabilityName": "SAP NetWeaver Unrestricted File Upload Vulnerability", "dateAdded": "2022-06-09", "shortDescription": "SAP NetWeaver contains a vulnerability that allows unrestricted file upload.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-30", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-38163", "cwes": [ "CWE-23" ] }, { "cveID": "CVE-2016-2386", "vendorProject": "SAP", "product": "NetWeaver", "vulnerabilityName": "SAP NetWeaver SQL Injection Vulnerability", "dateAdded": "2022-06-09", "shortDescription": "SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-30", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-2386", "cwes": [ "CWE-89" ] }, { "cveID": "CVE-2016-2388", "vendorProject": "SAP", "product": "NetWeaver", "vulnerabilityName": "SAP NetWeaver Information Disclosure Vulnerability", "dateAdded": "2022-06-09", "shortDescription": "The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-30", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-2388", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2019-7195", "vendorProject": "QNAP", "product": "Photo Station", "vulnerabilityName": "QNAP Photo Station Path Traversal Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-7195", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2019-7194", "vendorProject": "QNAP", "product": "Photo Station", "vulnerabilityName": "QNAP Photo Station Path Traversal Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-7194", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2019-7193", "vendorProject": "QNAP", "product": "QTS", "vulnerabilityName": "QNAP QTS Improper Input Validation Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "QNAP QTS contains an improper input validation vulnerability allowing remote attackers to inject code on the system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-7193", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2019-7192", "vendorProject": "QNAP", "product": "Photo Station", "vulnerabilityName": "QNAP Photo Station Improper Access Control Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "QNAP NAS devices running Photo Station contain an improper access control vulnerability allowing remote attackers to gain unauthorized access to the system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-7192", "cwes": [ "CWE-863" ] }, { "cveID": "CVE-2019-5825", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Out-of-Bounds Write Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-5825", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2019-15271", "vendorProject": "Cisco", "product": "RV Series Routers", "vulnerabilityName": "Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "A deserialization of untrusted data vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an attacker to execute code with root privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-15271", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2018-6065", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Integer Overflow Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Google Chromium V8 Engine contains an integer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-6065", "cwes": [ "CWE-190", "CWE-787" ] }, { "cveID": "CVE-2018-4990", "vendorProject": "Adobe", "product": "Acrobat and Reader", "vulnerabilityName": "Adobe Acrobat and Reader Double Free Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Adobe Acrobat and Reader have a double free vulnerability that could lead to remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-4990", "cwes": [ "CWE-415" ] }, { "cveID": "CVE-2018-17480", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Out-of-Bounds Write Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Google Chromium V8 Engine contains out-of-bounds write vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-17480", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2018-17463", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Remote Code Execution Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Google Chromium V8 Engine contains an unspecified vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-17463", "cwes": [] }, { "cveID": "CVE-2017-6862", "vendorProject": "NETGEAR", "product": "Multiple Devices", "vulnerabilityName": "NETGEAR Multiple Devices Buffer Overflow Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Multiple NETGEAR devices contain a buffer overflow vulnerability that allows for authentication bypass and remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6862", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2017-5070", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-5070", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2017-5030", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Memory Corruption Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Google Chromium V8 Engine contains a memory corruption vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-5030", "cwes": [ "CWE-125" ] }, { "cveID": "CVE-2016-5198", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Out-of-Bounds Memory Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to perform read\/write operations, leading to code execution, via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-5198", "cwes": [ "CWE-125", "CWE-787" ] }, { "cveID": "CVE-2016-1646", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Out-of-Bounds Read Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Google Chromium V8 Engine contains an out-of-bounds read vulnerability that allows a remote attacker to cause a denial of service or possibly have another unspecified impact via crafted JavaScript code. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-1646", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2013-1331", "vendorProject": "Microsoft", "product": "Office", "vulnerabilityName": "Microsoft Office Buffer Overflow Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Microsoft Office contains a buffer overflow vulnerability that allows remote attackers to execute code via crafted PNG data in an Office document.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-1331", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2012-5054", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Integer Overflow Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Adobe Flash Player contains an integer overflow vulnerability that allows remote attackers to execute code via malformed arguments.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-5054", "cwes": [ "CWE-189" ] }, { "cveID": "CVE-2012-4969", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Use-After-Free Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Microsoft Internet Explorer contains a use-after-free vulnerability that allows remote attackers to execute code via a crafted web site.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-4969", "cwes": [] }, { "cveID": "CVE-2012-1889", "vendorProject": "Microsoft", "product": "XML Core Services", "vulnerabilityName": "Microsoft XML Core Services Memory Corruption Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Microsoft XML Core Services contains a memory corruption vulnerability which could allow for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-1889", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2012-0767", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Cross-Site Scripting (XSS) Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Adobe Flash Player contains a XSS vulnerability that allows remote attackers to inject web script or HTML.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-0767", "cwes": [ "CWE-79" ] }, { "cveID": "CVE-2012-0754", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Memory Corruption Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-0754", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2012-0151", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-0151", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2011-2462", "vendorProject": "Adobe", "product": "Acrobat and Reader", "vulnerabilityName": "Adobe Acrobat and Reader Universal 3D Memory Corruption Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "The Universal 3D (U3D) component in Adobe Acrobat and Reader contains a memory corruption vulnerability which could allow remote attackers to execute code or cause denial-of-service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2011-2462", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2011-0609", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Unspecified Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Adobe Flash Player contains an unspecified vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2011-0609", "cwes": [] }, { "cveID": "CVE-2010-2883", "vendorProject": "Adobe", "product": "Acrobat and Reader", "vulnerabilityName": "Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Adobe Acrobat and Reader contain a stack-based buffer overflow vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-2883", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2010-2572", "vendorProject": "Microsoft", "product": "PowerPoint", "vulnerabilityName": "Microsoft PowerPoint Buffer Overflow Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Microsoft PowerPoint contains a buffer overflow vulnerability that alllows for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-2572", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2010-1297", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Memory Corruption Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-1297", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2009-4324", "vendorProject": "Adobe", "product": "Acrobat and Reader", "vulnerabilityName": "Adobe Acrobat and Reader Use-After-Free Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Use-after-free vulnerability in Adobe Acrobat and Reader allows remote attackers to execute code via a crafted PDF file.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2009-4324", "cwes": [ "CWE-399" ] }, { "cveID": "CVE-2009-3953", "vendorProject": "Adobe", "product": "Acrobat and Reader", "vulnerabilityName": "Adobe Acrobat and Reader Universal 3D Remote Code Execution Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Adobe Acrobat and Reader contains an array boundary issue in Universal 3D (U3D) support that could lead to remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2009-3953", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2009-1862", "vendorProject": "Adobe", "product": "Acrobat and Reader, Flash Player", "vulnerabilityName": "Adobe Acrobat and Reader, Flash Player Unspecified Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Adobe Acrobat and Reader and Adobe Flash Player allows remote attackers to execute code or cause denial-of-service (DoS).", "requiredAction": "For Adobe Acrobat and Reader, apply updates per vendor instructions. For Adobe Flash Player, the impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2009-1862", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2009-0563", "vendorProject": "Microsoft", "product": "Office", "vulnerabilityName": "Microsoft Office Buffer Overflow Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Microsoft Office contains a buffer overflow vulnerability that allows remote attackers to execute code via a Word document with a crafted tag containing an invalid length field.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2009-0563", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2009-0557", "vendorProject": "Microsoft", "product": "Office", "vulnerabilityName": "Microsoft Office Object Record Corruption Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Microsoft Office contains an object record corruption vulnerability that allows remote attackers to execute code via a crafted Excel file with a malformed record object.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2009-0557", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2008-0655", "vendorProject": "Adobe", "product": "Acrobat and Reader", "vulnerabilityName": "Adobe Acrobat and Reader Unspecified Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2008-0655", "cwes": [] }, { "cveID": "CVE-2007-5659", "vendorProject": "Adobe", "product": "Acrobat and Reader", "vulnerabilityName": "Adobe Acrobat and Reader Buffer Overflow Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Adobe Acrobat and Reader contain a buffer overflow vulnerability that allows remote attackers to execute code via a PDF file with long arguments to unspecified JavaScript methods.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2007-5659", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2006-2492", "vendorProject": "Microsoft", "product": "Word", "vulnerabilityName": "Microsoft Word Malformed Object Pointer Vulnerability", "dateAdded": "2022-06-08", "shortDescription": "Microsoft Word and Microsoft Works Suites contain a malformed object pointer which allows attackers to execute code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2006-2492", "cwes": [ "CWE-120" ] }, { "cveID": "CVE-2022-26134", "vendorProject": "Atlassian", "product": "Confluence Server\/Data Center", "vulnerabilityName": "Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability", "dateAdded": "2022-06-02", "shortDescription": "Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.", "requiredAction": "Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https:\/\/confluence.atlassian.com\/doc\/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.", "dueDate": "2022-06-06", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-26134", "cwes": [ "CWE-917" ] }, { "cveID": "CVE-2019-3010", "vendorProject": "Oracle", "product": "Solaris", "vulnerabilityName": "Oracle Solaris Privilege Escalation Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Oracle Solaris component: XScreenSaver contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-3010", "cwes": [] }, { "cveID": "CVE-2016-3393", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Graphics Device Interface (GDI) Remote Code Execution Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "A remote code execution vulnerability exists due to the way the Windows GDI component handles objects in the memory. An attacker who successfully exploits this vulnerability could take control of the affected system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-3393", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2016-7256", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Open Type Font Remote Code Execution Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-7256", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2016-1010", "vendorProject": "Adobe", "product": "Flash Player and AIR", "vulnerabilityName": "Adobe Flash Player and AIR Integer Overflow Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Integer overflow vulnerability in Adobe Flash Player and AIR allows attackers to execute code.", "requiredAction": "The impacted products are end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-1010", "cwes": [ "CWE-190" ] }, { "cveID": "CVE-2016-0984", "vendorProject": "Adobe", "product": "Flash Player and AIR", "vulnerabilityName": "Adobe Flash Player and AIR Use-After-Free Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Use-after-free vulnerability in Adobe Flash Player and Adobe AIR allows attackers to execute code.", "requiredAction": "The impacted products are end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-0984", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2016-0034", "vendorProject": "Microsoft", "product": "Silverlight", "vulnerabilityName": "Microsoft Silverlight Runtime Remote Code Execution Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Microsoft Silverlight mishandles negative offsets during decoding, which allows attackers to execute remote code or cause a denial-of-service (DoS).", "requiredAction": "The impacted products are end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-0034", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2015-0310", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player ASLR Bypass Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Adobe Flash Player does not properly restrict discovery of memory addresses, which allows attackers to bypass the address space layout randomization (ASLR) protection mechanism.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-0310", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2015-0016", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows TS WebProxy Directory Traversal Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Directory traversal vulnerability in the TS WebProxy (TSWbPrxy) component in Microsoft Windows allows remote attackers to escalate privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-0016", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2015-0071", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer ASLR Bypass Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Microsoft Internet Explorer allows remote attackers to bypass the address space layout randomization (ASLR) protection mechanism via a crafted web site.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-0071", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2015-2360", "vendorProject": "Microsoft", "product": "Win32k", "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Win32k.sys in the kernel-mode drivers in Microsoft Windows allows local users to gain privileges or cause denial-of-service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-2360", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2015-2425", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Memory Corruption Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-2425", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2015-1769", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Mount Manager Privilege Escalation Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "A privilege escalation vulnerability exists when the Windows Mount Manager component improperly processes symbolic links.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-1769", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2015-4495", "vendorProject": "Mozilla", "product": "Firefox", "vulnerabilityName": "Mozilla Firefox Security Feature Bypass Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Moxilla Firefox allows remote attackers to bypass the Same Origin Policy to read arbitrary files or gain privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-4495", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2015-8651", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Integer Overflow Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Integer overflow in Adobe Flash Player allows attackers to execute code.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-8651", "cwes": [ "CWE-189" ] }, { "cveID": "CVE-2015-6175", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "The kernel in Microsoft Windows contains a vulnerability that allows local users to gain privileges via a crafted application.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-6175", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2015-1671", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Remote Code Execution Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "A remote code execution vulnerability exists when components of Windows, .NET Framework, Office, Lync, and Silverlight fail to properly handle TrueType fonts.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-1671", "cwes": [ "CWE-19" ] }, { "cveID": "CVE-2014-4148", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Remote Code Execution Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "A remote code execution vulnerability exists when the Windows kernel-mode driver improperly handles TrueType fonts.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-4148", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2014-8439", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Dereferenced Pointer Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Adobe Flash Player has a vulnerability in the way it handles a dereferenced memory pointer which could lead to code execution.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-8439", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2014-4123", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Privilege Escalation Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Microsoft Internet Explorer contains an unspecified vulnerability that allows remote attackers to gain privileges via a crafted web site.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-4123", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2014-0546", "vendorProject": "Adobe", "product": "Acrobat and Reader", "vulnerabilityName": "Adobe Acrobat and Reader Sandbox Bypass Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Adobe Acrobat and Reader on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-0546", "cwes": [] }, { "cveID": "CVE-2014-2817", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Privilege Escalation Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Microsoft Internet Explorer cotains an unspecified vulnerability that allows remote attackers to gain privileges via a crafted web site.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-2817", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2014-4077", "vendorProject": "Microsoft", "product": "Input Method Editor (IME) Japanese", "vulnerabilityName": "Microsoft IME Japanese Privilege Escalation Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Microsoft Input Method Editor (IME) Japanese is a keyboard with Japanese characters that can be enabled on Windows systems as it is included by default (with the default set as disabled). IME Japanese contains an unspecified vulnerability when IMJPDCT.EXE (IME for Japanese) is installed which allows attackers to bypass a sandbox and perform privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-4077", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2014-3153", "vendorProject": "Linux", "product": "Kernel", "vulnerabilityName": "Linux Kernel Privilege Escalation Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "The futex_requeue function in kernel\/futex.c in Linux kernel does not ensure that calls have two different futex addresses, which allows local users to gain privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-3153", "cwes": [ "CWE-269" ] }, { "cveID": "CVE-2013-7331", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Information Disclosure Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "An information disclosure vulnerability exists in Internet Explorer which allows resources loaded into memory to be queried. This vulnerability could allow an attacker to detect anti-malware applications.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-7331", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2013-3993", "vendorProject": "IBM", "product": "InfoSphere BigInsights", "vulnerabilityName": "IBM InfoSphere BigInsights Invalid Input Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Certain APIs within BigInsights can take invalid input that might allow attackers unauthorized access to read, write, modify, or delete data.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-3993", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2013-3896", "vendorProject": "Microsoft", "product": "Silverlight", "vulnerabilityName": "Microsoft Silverlight Information Disclosure Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Microsoft Silverlight does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-3896", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2013-2423", "vendorProject": "Oracle", "product": "Java Runtime Environment (JRE)", "vulnerabilityName": "Oracle JRE Unspecified Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Unspecified vulnerability in hotspot for Java Runtime Environment (JRE) allows remote attackers to affect integrity.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-2423", "cwes": [] }, { "cveID": "CVE-2013-0431", "vendorProject": "Oracle", "product": "Java Runtime Environment (JRE)", "vulnerabilityName": "Oracle JRE Sandbox Bypass Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle allows remote attackers to bypass the Java security sandbox.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-0431", "cwes": [] }, { "cveID": "CVE-2013-0422", "vendorProject": "Oracle", "product": "Java Runtime Environment (JRE)", "vulnerabilityName": "Oracle JRE Remote Code Execution Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "A vulnerability in the way Java restricts the permissions of Java applets could allow an attacker to execute commands on a vulnerable system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-0422", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2013-0074", "vendorProject": "Microsoft", "product": "Silverlight", "vulnerabilityName": "Microsoft Silverlight Double Dereference Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Microsoft Silverlight does not properly validate pointers during HTML object rendering, which allows remote attackers to execute code via a crafted Silverlight application.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-0074", "cwes": [] }, { "cveID": "CVE-2012-1710", "vendorProject": "Oracle", "product": "Fusion Middleware", "vulnerabilityName": "Oracle Fusion Middleware Unspecified Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Designer.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-1710", "cwes": [] }, { "cveID": "CVE-2010-1428", "vendorProject": "Red Hat", "product": "JBoss", "vulnerabilityName": "Red Hat JBoss Information Disclosure Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Unauthenticated access to the JBoss Application Server Web Console (\/web-console) is blocked by default. However, it was found that this block was incomplete, and only blocked GET and POST HTTP verbs. A remote attacker could use this flaw to gain access to sensitive information.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-1428", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2010-0840", "vendorProject": "Oracle", "product": "Java Runtime Environment (JRE)", "vulnerabilityName": "Oracle JRE Unspecified Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "Unspecified vulnerability in the Java Runtime Environment (JRE) in Java SE component allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-0840", "cwes": [] }, { "cveID": "CVE-2010-0738", "vendorProject": "Red Hat", "product": "JBoss", "vulnerabilityName": "Red Hat JBoss Authentication Bypass Vulnerability", "dateAdded": "2022-05-25", "shortDescription": "The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-0738", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2018-8611", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-8611", "cwes": [ "CWE-404" ] }, { "cveID": "CVE-2018-19953", "vendorProject": "QNAP", "product": "Network Attached Storage (NAS)", "vulnerabilityName": "QNAP NAS File Station Cross-Site Scripting Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-19953", "cwes": [ "CWE-79", "CWE-80" ] }, { "cveID": "CVE-2018-19949", "vendorProject": "QNAP", "product": "Network Attached Storage (NAS)", "vulnerabilityName": "QNAP NAS File Station Command Injection Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "A command injection vulnerability affecting QNAP NAS File Station could allow remote attackers to run commands.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-19949", "cwes": [ "CWE-20", "CWE-77", "CWE-78" ] }, { "cveID": "CVE-2018-19943", "vendorProject": "QNAP", "product": "Network Attached Storage (NAS)", "vulnerabilityName": "QNAP NAS File Station Cross-Site Scripting Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-19943", "cwes": [ "CWE-79", "CWE-80" ] }, { "cveID": "CVE-2017-0147", "vendorProject": "Microsoft", "product": "SMBv1 server", "vulnerabilityName": "Microsoft Windows SMBv1 Information Disclosure Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "The SMBv1 server in Microsoft Windows allows remote attackers to obtain sensitive information from process memory via a crafted packet.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-0147", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2017-0022", "vendorProject": "Microsoft", "product": "XML Core Services", "vulnerabilityName": "Microsoft XML Core Services Information Disclosure Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "Microsoft XML Core Services (MSXML) improperly handles objects in memory, allowing attackers to test for files on disk via a crafted web site.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-0022", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2017-0005", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Graphics Device Interface (GDI) Privilege Escalation Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "The Graphics Device Interface (GDI) in Microsoft Windows allows local users to gain privileges via a crafted application.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-0005", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2017-0149", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Memory Corruption Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial-of-service (DoS) via a crafted website.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-0149", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2017-0210", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Privilege Escalation Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "A privilege escalation vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-0210", "cwes": [] }, { "cveID": "CVE-2017-8291", "vendorProject": "Artifex", "product": "Ghostscript", "vulnerabilityName": "Artifex Ghostscript Type Confusion Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "Artifex Ghostscript allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a \"\/OutputFile.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-8291", "cwes": [ "CWE-704" ] }, { "cveID": "CVE-2017-8543", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Search Remote Code Execution Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "Microsoft Windows allows an attacker to take control of the affected system when Windows Search fails to handle objects in memory.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-8543", "cwes": [ "CWE-281" ] }, { "cveID": "CVE-2017-18362", "vendorProject": "Kaseya", "product": "Virtual System\/Server Administrator (VSA)", "vulnerabilityName": "Kaseya VSA SQL Injection Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "ConnectWise ManagedITSync integration for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-18362", "cwes": [ "CWE-89" ] }, { "cveID": "CVE-2016-0162", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Information Disclosure Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "An information disclosure vulnerability exists when Internet Explorer does not properly handle JavaScript. The vulnerability could allow an attacker to detect specific files on the user's computer.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-0162", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2016-3351", "vendorProject": "Microsoft", "product": "Internet Explorer and Edge", "vulnerabilityName": "Microsoft Internet Explorer and Edge Information Disclosure Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "An information disclosure vulnerability exists in the way that certain functions in Internet Explorer and Edge handle objects in memory. The vulnerability could allow an attacker to detect specific files on the user's computer.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-3351", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2016-4655", "vendorProject": "Apple", "product": "iOS", "vulnerabilityName": "Apple iOS Information Disclosure Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "The Apple iOS kernel allows attackers to obtain sensitive information from memory via a crafted application.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-4655", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2016-4656", "vendorProject": "Apple", "product": "iOS", "vulnerabilityName": "Apple iOS Memory Corruption Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "A memory corruption vulnerability in Apple iOS kernel allows attackers to execute code in a privileged context or cause a denial-of-service (DoS) via a crafted application.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-4656", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2016-4657", "vendorProject": "Apple", "product": "iOS", "vulnerabilityName": "Apple iOS Webkit Memory Corruption Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "Apple iOS WebKit contains a memory corruption vulnerability that allows attackers to execute remote code or cause a denial-of-service (DoS) via a crafted web site. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-4657", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2016-6366", "vendorProject": "Cisco", "product": "Adaptive Security Appliance (ASA)", "vulnerabilityName": "Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "A buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco ASA software could allow an attacker to cause a reload of the affected system or to remotely execute code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-6366", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2016-6367", "vendorProject": "Cisco", "product": "Adaptive Security Appliance (ASA)", "vulnerabilityName": "Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "A vulnerability in the command-line interface (CLI) parser of Cisco ASA software could allow an authenticated, local attacker to create a denial-of-service (DoS) condition or potentially execute code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-6367", "cwes": [ "CWE-77" ] }, { "cveID": "CVE-2016-3298", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability", "dateAdded": "2022-05-24", "shortDescription": "An information disclosure vulnerability exists when the Microsoft Internet Messaging API improperly handles objects in memory. An attacker who successfully exploited this vulnerability could allow the attacker to test for the presence of files on disk.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-14", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-3298", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2022-20821", "vendorProject": "Cisco", "product": "IOS XR", "vulnerabilityName": "Cisco IOS XR Open Port Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "Cisco IOS XR software health check opens TCP port 6379 by default on activation. An attacker can connect to the Redis instance on the open port and allow access to the Redis instance that is running within the NOSi container.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-20821", "cwes": [ "CWE-923" ] }, { "cveID": "CVE-2021-1048", "vendorProject": "Android", "product": "Kernel", "vulnerabilityName": "Android Kernel Use-After-Free Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "Android kernel contains a use-after-free vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-1048", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2021-0920", "vendorProject": "Android", "product": "Kernel", "vulnerabilityName": "Android Kernel Race Condition Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "Android kernel contains a race condition, which allows for a use-after-free vulnerability. Exploitation can allow for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-0920", "cwes": [ "CWE-362", "CWE-416" ] }, { "cveID": "CVE-2021-30883", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "Apple iOS, macOS, watchOS, and tvOS contain a memory corruption vulnerability that could allow for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-30883", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2020-1027", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-1027", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2020-0638", "vendorProject": "Microsoft", "product": "Update Notification Manager", "vulnerabilityName": "Microsoft Update Notification Manager Privilege Escalation Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "Microsoft Update Notification Manager contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-0638", "cwes": [] }, { "cveID": "CVE-2019-7286", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "Apple iOS, macOS, watchOS, and tvOS contain a memory corruption vulnerability that could allow for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-7286", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2019-7287", "vendorProject": "Apple", "product": "iOS", "vulnerabilityName": "Apple iOS Memory Corruption Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "Apple iOS contains a memory corruption vulnerability which could allow an attacker to perform remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-7287", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2019-0676", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Information Disclosure Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could test for the presence of files on disk.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-0676", "cwes": [] }, { "cveID": "CVE-2019-5786", "vendorProject": "Google", "product": "Chrome Blink", "vulnerabilityName": "Google Chrome Blink Use-After-Free Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "Google Chrome Blink contains a heap use-after-free vulnerability that allows an attacker to potentially perform out of bounds memory access via a crafted HTML page.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-5786", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2019-0703", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows SMB Information Disclosure Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, which could lead to information disclosure from the server.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-0703", "cwes": [] }, { "cveID": "CVE-2019-0880", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-0880", "cwes": [] }, { "cveID": "CVE-2019-13720", "vendorProject": "Google", "product": "Chrome WebAudio", "vulnerabilityName": "Google Chrome WebAudio Use-After-Free Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "Google Chrome WebAudio contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-13720", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2019-11707", "vendorProject": "Mozilla", "product": "Firefox and Thunderbird", "vulnerabilityName": "Mozilla Firefox and Thunderbird Type Confusion Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "Mozilla Firefox and Thunderbird contain a type confusion vulnerability that can occur when manipulating JavaScript objects due to issues in Array.pop, allowing for an exploitable crash.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-11707", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2019-11708", "vendorProject": "Mozilla", "product": "Firefox and Thunderbird", "vulnerabilityName": "Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "Mozilla Firefox and Thunderbird contain a sandbox escape vulnerability that could result in remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-11708", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2019-8720", "vendorProject": "WebKitGTK", "product": "WebKitGTK", "vulnerabilityName": "WebKitGTK Memory Corruption Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "WebKitGTK contains a memory corruption vulnerability which can allow an attacker to perform remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-8720", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2019-18426", "vendorProject": "Meta Platforms", "product": "WhatsApp", "vulnerabilityName": "WhatsApp Cross-Site Scripting Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "A vulnerability in WhatsApp Desktop when paired with WhatsApp for iPhone allows cross-site scripting and local file reading.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-18426", "cwes": [ "CWE-79" ] }, { "cveID": "CVE-2019-1385", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows AppX Deployment Extensions Privilege Escalation Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "A privilege escalation vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-1385", "cwes": [ "CWE-59" ] }, { "cveID": "CVE-2019-1130", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows AppX Deployment Service Privilege Escalation Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "A privilege escalation vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-1130", "cwes": [ "CWE-59" ] }, { "cveID": "CVE-2018-5002", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Stack-based Buffer Overflow Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "Adobe Flash Player have a stack-based buffer overflow vulnerability that could lead to remote code execution.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-5002", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2018-8589", "vendorProject": "Microsoft", "product": "Win32k", "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", "dateAdded": "2022-05-23", "shortDescription": "A privilege escalation vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited this vulnerability could run remote code in the security context of the local system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-13", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-8589", "cwes": [] }, { "cveID": "CVE-2022-30525", "vendorProject": "Zyxel", "product": "Multiple Firewalls", "vulnerabilityName": "Zyxel Multiple Firewalls OS Command Injection Vulnerability", "dateAdded": "2022-05-16", "shortDescription": "A command injection vulnerability in the CGI program of some Zyxel firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-30525", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2022-22947", "vendorProject": "VMware", "product": "Spring Cloud Gateway", "vulnerabilityName": "VMware Spring Cloud Gateway Code Injection Vulnerability", "dateAdded": "2022-05-16", "shortDescription": "Spring Cloud Gateway applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-06-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22947", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2022-1388", "vendorProject": "F5", "product": "BIG-IP", "vulnerabilityName": "F5 BIG-IP Missing Authentication Vulnerability", "dateAdded": "2022-05-10", "shortDescription": "F5 BIG-IP contains a missing authentication in critical function vulnerability which can allow for remote code execution, creation or deletion of files, or disabling services.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-31", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-1388", "cwes": [ "CWE-306" ] }, { "cveID": "CVE-2021-1789", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Type Confusion Vulnerability", "dateAdded": "2022-05-04", "shortDescription": "A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-1789", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2019-8506", "vendorProject": "Apple", "product": "Multiple Products", "vulnerabilityName": "Apple Multiple Products Type Confusion Vulnerability", "dateAdded": "2022-05-04", "shortDescription": "A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-8506", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2014-4113", "vendorProject": "Microsoft", "product": "Win32k", "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", "dateAdded": "2022-05-04", "shortDescription": "Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-4113", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2014-0322", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Use-After-Free Vulnerability", "dateAdded": "2022-05-04", "shortDescription": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-0322", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2014-0160", "vendorProject": "OpenSSL", "product": "OpenSSL", "vulnerabilityName": "OpenSSL Information Disclosure Vulnerability", "dateAdded": "2022-05-04", "shortDescription": "The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-0160", "cwes": [ "CWE-125" ] }, { "cveID": "CVE-2022-29464", "vendorProject": "WSO2", "product": "Multiple Products", "vulnerabilityName": "WSO2 Multiple Products Unrestrictive Upload of File Vulnerability", "dateAdded": "2022-04-25", "shortDescription": "Multiple WSO2 products allow for unrestricted file upload, resulting in remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-16", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-29464", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2022-26904", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows User Profile Service Privilege Escalation Vulnerability", "dateAdded": "2022-04-25", "shortDescription": "Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-16", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-26904", "cwes": [ "CWE-362" ] }, { "cveID": "CVE-2022-21919", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows User Profile Service Privilege Escalation Vulnerability", "dateAdded": "2022-04-25", "shortDescription": "Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-16", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-21919", "cwes": [ "CWE-1386" ] }, { "cveID": "CVE-2022-0847", "vendorProject": "Linux", "product": "Kernel", "vulnerabilityName": "Linux Kernel Privilege Escalation Vulnerability", "dateAdded": "2022-04-25", "shortDescription": "Linux kernel contains an improper initialization vulnerability where an unprivileged local user could escalate their privileges on the system. This vulnerability has the moniker of \"Dirty Pipe.\"", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-16", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-0847", "cwes": [ "CWE-665" ] }, { "cveID": "CVE-2021-41357", "vendorProject": "Microsoft", "product": "Win32k", "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", "dateAdded": "2022-04-25", "shortDescription": "Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-16", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-41357", "cwes": [] }, { "cveID": "CVE-2021-40450", "vendorProject": "Microsoft", "product": "Win32k", "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", "dateAdded": "2022-04-25", "shortDescription": "Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-16", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-40450", "cwes": [] }, { "cveID": "CVE-2019-1003029", "vendorProject": "Jenkins", "product": "Script Security Plugin", "vulnerabilityName": "Jenkins Script Security Plugin Sandbox Bypass Vulnerability", "dateAdded": "2022-04-25", "shortDescription": "Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-16", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-1003029", "cwes": [] }, { "cveID": "CVE-2018-6882", "vendorProject": "Zimbra", "product": "Collaboration Suite (ZCS)", "vulnerabilityName": "Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability", "dateAdded": "2022-04-19", "shortDescription": "Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that might allow remote attackers to inject arbitrary web script or HTML.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-10", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-6882", "cwes": [ "CWE-79" ] }, { "cveID": "CVE-2019-3568", "vendorProject": "Meta Platforms", "product": "WhatsApp", "vulnerabilityName": "WhatsApp VOIP Stack Buffer Overflow Vulnerability", "dateAdded": "2022-04-19", "shortDescription": "A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-10", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-3568", "cwes": [ "CWE-122" ] }, { "cveID": "CVE-2022-22718", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Print Spooler Privilege Escalation Vulnerability", "dateAdded": "2022-04-19", "shortDescription": "Microsoft Windows Print Spooler contains an unspecified vulnerability which allow for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-10", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22718", "cwes": [] }, { "cveID": "CVE-2022-22960", "vendorProject": "VMware", "product": "Multiple Products", "vulnerabilityName": "VMware Multiple Products Privilege Escalation Vulnerability", "dateAdded": "2022-04-15", "shortDescription": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22960", "cwes": [ "CWE-250" ] }, { "cveID": "CVE-2022-1364", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", "dateAdded": "2022-04-15", "shortDescription": "Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-1364", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2019-3929", "vendorProject": "Crestron", "product": "Multiple Products", "vulnerabilityName": "Crestron Multiple Products Command Injection Vulnerability", "dateAdded": "2022-04-15", "shortDescription": "Multiple Crestron products are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-3929", "cwes": [ "CWE-79" ] }, { "cveID": "CVE-2019-16057", "vendorProject": "D-Link", "product": "DNS-320 Storage Device", "vulnerabilityName": "D-Link DNS-320 Remote Code Execution Vulnerability", "dateAdded": "2022-04-15", "shortDescription": "The login_mgr.cgi script in D-Link DNS-320 is vulnerable to remote code execution.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-05-06", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-16057", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2018-7841", "vendorProject": "Schneider Electric", "product": "U.motion Builder", "vulnerabilityName": "Schneider Electric U.motion Builder SQL Injection Vulnerability", "dateAdded": "2022-04-15", "shortDescription": "A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-05-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-7841", "cwes": [ "CWE-89" ] }, { "cveID": "CVE-2016-4523", "vendorProject": "Trihedral", "product": "VTScada (formerly VTS)", "vulnerabilityName": "Trihedral VTScada (formerly VTS) Denial-of-Service Vulnerability", "dateAdded": "2022-04-15", "shortDescription": "The WAP interface in Trihedral VTScada (formerly VTS) allows remote attackers to cause a denial-of-service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-4523", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2014-0780", "vendorProject": "InduSoft", "product": "Web Studio", "vulnerabilityName": "InduSoft Web Studio NTWebServer Directory Traversal Vulnerability", "dateAdded": "2022-04-15", "shortDescription": "InduSoft Web Studio NTWebServer contains a directory traversal vulnerability that allows remote attackers to read administrative passwords in APP files, allowing for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-0780", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2010-5330", "vendorProject": "Ubiquiti", "product": "AirOS", "vulnerabilityName": "Ubiquiti AirOS Command Injection Vulnerability", "dateAdded": "2022-04-15", "shortDescription": "Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-5330", "cwes": [ "CWE-77" ] }, { "cveID": "CVE-2007-3010", "vendorProject": "Alcatel", "product": "OmniPCX Enterprise", "vulnerabilityName": "Alcatel OmniPCX Enterprise Remote Code Execution Vulnerability", "dateAdded": "2022-04-15", "shortDescription": "masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server allows remote attackers to execute arbitrary commands.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-06", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2007-3010", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2022-22954", "vendorProject": "VMware", "product": "Workspace ONE Access and Identity Manager", "vulnerabilityName": "VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability", "dateAdded": "2022-04-14", "shortDescription": "VMware Workspace ONE Access and Identity Manager allow for remote code execution due to server-side template injection.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-05", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22954", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2022-24521", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows CLFS Driver Privilege Escalation Vulnerability", "dateAdded": "2022-04-13", "shortDescription": "Microsoft Windows Common Log File System (CLFS) Driver contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-04", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-24521", "cwes": [ "CWE-787", "CWE-1285" ] }, { "cveID": "CVE-2018-7602", "vendorProject": "Drupal", "product": "Core", "vulnerabilityName": "Drupal Core Remote Code Execution Vulnerability", "dateAdded": "2022-04-13", "shortDescription": "A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-04", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-7602", "cwes": [] }, { "cveID": "CVE-2018-20753", "vendorProject": "Kaseya", "product": "Virtual System\/Server Administrator (VSA)", "vulnerabilityName": "Kaseya VSA Remote Code Execution Vulnerability", "dateAdded": "2022-04-13", "shortDescription": "Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-04", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-20753", "cwes": [] }, { "cveID": "CVE-2015-5123", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", "dateAdded": "2022-04-13", "shortDescription": "Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-05-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-5123", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2015-5122", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", "dateAdded": "2022-04-13", "shortDescription": "Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-05-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-5122", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2015-3113", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Heap-Based Buffer Overflow Vulnerability", "dateAdded": "2022-04-13", "shortDescription": "Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-05-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-3113", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2015-2502", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Memory Corruption Vulnerability", "dateAdded": "2022-04-13", "shortDescription": "Microsoft Internet Explorer contains a memory corruption vulnerability that allows an attacker to execute code or cause a denial-of-service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-2502", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2015-0313", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", "dateAdded": "2022-04-13", "shortDescription": "Use-after-free vulnerability in Adobe Flash Player allows remote attackers to execute code.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-05-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-0313", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2015-0311", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Remote Code Execution Vulnerability", "dateAdded": "2022-04-13", "shortDescription": "Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute code.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-05-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-0311", "cwes": [] }, { "cveID": "CVE-2014-9163", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Stack-Based Buffer Overflow Vulnerability", "dateAdded": "2022-04-13", "shortDescription": "Stack-based buffer overflow in Adobe Flash Player allows attackers to execute code remotely.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-05-04", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-9163", "cwes": [] }, { "cveID": "CVE-2022-23176", "vendorProject": "WatchGuard", "product": "Firebox and XTM", "vulnerabilityName": "WatchGuard Firebox and XTM Privilege Escalation Vulnerability", "dateAdded": "2022-04-11", "shortDescription": "WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-23176", "cwes": [] }, { "cveID": "CVE-2021-42287", "vendorProject": "Microsoft", "product": "Active Directory", "vulnerabilityName": "Microsoft Active Directory Domain Services Privilege Escalation Vulnerability", "dateAdded": "2022-04-11", "shortDescription": "Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-02", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-42287", "cwes": [ "CWE-269" ] }, { "cveID": "CVE-2021-42278", "vendorProject": "Microsoft", "product": "Active Directory", "vulnerabilityName": "Microsoft Active Directory Domain Services Privilege Escalation Vulnerability", "dateAdded": "2022-04-11", "shortDescription": "Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-02", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-42278", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2021-39793", "vendorProject": "Google", "product": "Pixel", "vulnerabilityName": "Google Pixel Out-of-Bounds Write Vulnerability", "dateAdded": "2022-04-11", "shortDescription": "Google Pixel contains a possible out-of-bounds write due to a logic error in the code that could lead to local escalation of privilege.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-39793", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2021-27852", "vendorProject": "Checkbox", "product": "Checkbox Survey", "vulnerabilityName": "Checkbox Survey Deserialization of Untrusted Data Vulnerability", "dateAdded": "2022-04-11", "shortDescription": "Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code.", "requiredAction": "Versions 6 and earlier for this product are end-of-life and must be removed from agency networks. Versions 7 and later are not considered vulnerable.", "dueDate": "2022-05-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-27852", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2021-22600", "vendorProject": "Linux", "product": "Kernel", "vulnerabilityName": "Linux Kernel Privilege Escalation Vulnerability", "dateAdded": "2022-04-11", "shortDescription": "Linux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service (DoS) or possibly for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-22600", "cwes": [ "CWE-415" ] }, { "cveID": "CVE-2020-2509", "vendorProject": "QNAP", "product": "QNAP Network-Attached Storage (NAS)", "vulnerabilityName": "QNAP Network-Attached Storage (NAS) Command Injection Vulnerability", "dateAdded": "2022-04-11", "shortDescription": "QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-2509", "cwes": [ "CWE-77", "CWE-78" ] }, { "cveID": "CVE-2017-11317", "vendorProject": "Telerik", "product": "User Interface (UI) for ASP.NET AJAX", "vulnerabilityName": "Telerik UI for ASP.NET AJAX Unrestricted File Upload Vulnerability", "dateAdded": "2022-04-11", "shortDescription": "Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-05-02", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-11317", "cwes": [ "CWE-326" ] }, { "cveID": "CVE-2021-3156", "vendorProject": "Sudo", "product": "Sudo", "vulnerabilityName": "Sudo Heap-Based Buffer Overflow Vulnerability", "dateAdded": "2022-04-06", "shortDescription": "Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-27", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-3156", "cwes": [ "CWE-122", "CWE-193" ] }, { "cveID": "CVE-2021-31166", "vendorProject": "Microsoft", "product": "HTTP Protocol Stack", "vulnerabilityName": "Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability", "dateAdded": "2022-04-06", "shortDescription": "Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-27", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-31166", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2017-0148", "vendorProject": "Microsoft", "product": "SMBv1 server", "vulnerabilityName": "Microsoft SMBv1 Server Remote Code Execution Vulnerability", "dateAdded": "2022-04-06", "shortDescription": "The SMBv1 server in Microsoft allows remote attackers to execute arbitrary code via crafted packets.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-27", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-0148", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2022-22965", "vendorProject": "VMware", "product": "Spring Framework", "vulnerabilityName": "Spring Framework JDK 9+ Remote Code Execution Vulnerability", "dateAdded": "2022-04-04", "shortDescription": "Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22965", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2022-22675", "vendorProject": "Apple", "product": "macOS", "vulnerabilityName": "Apple macOS Out-of-Bounds Write Vulnerability", "dateAdded": "2022-04-04", "shortDescription": "macOS Monterey contains an out-of-bounds write vulnerability that could allow an application to execute arbitrary code with kernel privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22675", "cwes": [ "CWE-20", "CWE-125" ] }, { "cveID": "CVE-2022-22674", "vendorProject": "Apple", "product": "macOS", "vulnerabilityName": "Apple macOS Out-of-Bounds Read Vulnerability", "dateAdded": "2022-04-04", "shortDescription": "macOS Monterey contains an out-of-bounds read vulnerability that could allow an application to read kernel memory.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22674", "cwes": [ "CWE-20", "CWE-125" ] }, { "cveID": "CVE-2021-45382", "vendorProject": "D-Link", "product": "Multiple Routers", "vulnerabilityName": "D-Link Multiple Routers Remote Code Execution Vulnerability", "dateAdded": "2022-04-04", "shortDescription": "A remote code execution vulnerability exists in all series H\/W revisions routers via the DDNS function in ncc2 binary file.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-04-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-45382", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2022-26871", "vendorProject": "Trend Micro", "product": "Apex Central", "vulnerabilityName": "Trend Micro Apex Central Arbitrary File Upload Vulnerability", "dateAdded": "2022-03-31", "shortDescription": "An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-26871", "cwes": [ "CWE-184" ] }, { "cveID": "CVE-2022-1040", "vendorProject": "Sophos", "product": "Firewall", "vulnerabilityName": "Sophos Firewall Authentication Bypass Vulnerability", "dateAdded": "2022-03-31", "shortDescription": "An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-1040", "cwes": [ "CWE-158" ] }, { "cveID": "CVE-2021-34484", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows User Profile Service Privilege Escalation Vulnerability", "dateAdded": "2022-03-31", "shortDescription": "Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-34484", "cwes": [ "CWE-269" ] }, { "cveID": "CVE-2021-28799", "vendorProject": "QNAP", "product": "Network Attached Storage (NAS)", "vulnerabilityName": "QNAP NAS Improper Authorization Vulnerability", "dateAdded": "2022-03-31", "shortDescription": "QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-21", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-28799", "cwes": [ "CWE-285" ] }, { "cveID": "CVE-2021-21551", "vendorProject": "Dell", "product": "dbutil Driver", "vulnerabilityName": "Dell dbutil Driver Insufficient Access Control Vulnerability", "dateAdded": "2022-03-31", "shortDescription": "Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service (DoS), or information disclosure.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-21551", "cwes": [ "CWE-782" ] }, { "cveID": "CVE-2018-10562", "vendorProject": "Dasan", "product": "Gigabit Passive Optical Network (GPON) Routers", "vulnerabilityName": "Dasan GPON Routers Command Injection Vulnerability", "dateAdded": "2022-03-31", "shortDescription": "Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10561, exploitation can allow an attacker to perform remote code execution.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-04-21", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-10562", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2018-10561", "vendorProject": "Dasan", "product": "Gigabit Passive Optical Network (GPON) Routers", "vulnerabilityName": "Dasan GPON Routers Authentication Bypass Vulnerability", "dateAdded": "2022-03-31", "shortDescription": "Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10562, exploitation can allow an attacker to perform remote code execution.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-04-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-10561", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2022-1096", "vendorProject": "Google", "product": "Chromium V8", "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-1096", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2022-0543", "vendorProject": "Redis", "product": "Debian-specific Redis Servers", "vulnerabilityName": "Debian-specific Redis Server Lua Sandbox Escape Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Redis is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-0543", "cwes": [ "CWE-862" ] }, { "cveID": "CVE-2021-38646", "vendorProject": "Microsoft", "product": "Office", "vulnerabilityName": "Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Microsoft Office Access Connectivity Engine contains an unspecified vulnerability which can allow for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-38646", "cwes": [] }, { "cveID": "CVE-2021-34486", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Event Tracing Privilege Escalation Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Microsoft Windows Event Tracing contains an unspecified vulnerability which can allow for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-34486", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2021-26085", "vendorProject": "Atlassian", "product": "Confluence Server", "vulnerabilityName": "Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a pre-authorization arbitrary file read vulnerability in the \/s\/ endpoint.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-26085", "cwes": [ "CWE-425" ] }, { "cveID": "CVE-2021-20028", "vendorProject": "SonicWall", "product": "Secure Remote Access (SRA)", "vulnerabilityName": "SonicWall Secure Remote Access (SRA) SQL Injection Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "SonicWall Secure Remote Access (SRA) products contain an improper neutralization of a SQL Command leading to SQL injection.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-20028", "cwes": [ "CWE-89" ] }, { "cveID": "CVE-2019-7483", "vendorProject": "SonicWall", "product": "SMA100", "vulnerabilityName": "SonicWall SMA100 Directory Traversal Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-7483", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2018-8440", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-8440", "cwes": [] }, { "cveID": "CVE-2018-8406", "vendorProject": "Microsoft", "product": "DirectX Graphics Kernel (DXGKRNL)", "vulnerabilityName": "Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-8406", "cwes": [ "CWE-404" ] }, { "cveID": "CVE-2018-8405", "vendorProject": "Microsoft", "product": "DirectX Graphics Kernel (DXGKRNL)", "vulnerabilityName": "Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-8405", "cwes": [ "CWE-404" ] }, { "cveID": "CVE-2017-0213", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Microsoft Windows COM Aggregate Marshaler allows for privilege escalation when an attacker runs a specially crafted application.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-0213", "cwes": [] }, { "cveID": "CVE-2017-0059", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Information Disclosure Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Microsoft Internet Explorer allow remote attackers to obtain sensitive information from process memory via a crafted web site.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-0059", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2017-0037", "vendorProject": "Microsoft", "product": "Edge and Internet Explorer", "vulnerabilityName": "Microsoft Edge and Internet Explorer Type Confusion Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Microsoft Edge and Internet Explorer have a type confusion vulnerability in mshtml.dll, which allows remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-0037", "cwes": [ "CWE-704" ] }, { "cveID": "CVE-2016-7201", "vendorProject": "Microsoft", "product": "Edge", "vulnerabilityName": "Microsoft Edge Memory Corruption Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-7201", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2016-7200", "vendorProject": "Microsoft", "product": "Edge", "vulnerabilityName": "Microsoft Edge Memory Corruption Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-7200", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2016-0189", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Memory Corruption Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "The Microsoft JScript nd VBScript engines, as used in Internet Explorer and other products, allow attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-0189", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2016-0151", "vendorProject": "Microsoft", "product": "Client-Server Run-time Subsystem (CSRSS)", "vulnerabilityName": "Microsoft Windows CSRSS Security Feature Bypass Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "The Client-Server Run-time Subsystem (CSRSS) in Microsoft mismanages process tokens, which allows local users to gain privileges via a crafted application.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-0151", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2016-0040", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "The kernel in Microsoft Windows allows local users to gain privileges via a crafted application.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-0040", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2015-2426", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Adobe Type Manager Library Remote Code Execution Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-2426", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2015-2419", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Memory Corruption Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "JScript in Microsoft Internet Explorer allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-2419", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2015-1770", "vendorProject": "Microsoft", "product": "Office", "vulnerabilityName": "Microsoft Office Uninitialized Memory Use Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Microsoft Office allows remote attackers to execute arbitrary code via a crafted Office document.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-1770", "cwes": [ "CWE-19" ] }, { "cveID": "CVE-2013-3660", "vendorProject": "Microsoft", "product": "Win32k", "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-3660", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2013-2729", "vendorProject": "Adobe", "product": "Reader and Acrobat", "vulnerabilityName": "Adobe Reader and Acrobat Arbitrary Integer Overflow Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Integer overflow vulnerability in Adobe Reader and Acrobat allows attackers to execute remote code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-2729", "cwes": [ "CWE-189" ] }, { "cveID": "CVE-2013-2551", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Use-After-Free Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute remote code via a crafted web site that triggers access to a deleted object.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-2551", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2013-2465", "vendorProject": "Oracle", "product": "Java SE", "vulnerabilityName": "Oracle Java SE Unspecified Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to 2D", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-2465", "cwes": [] }, { "cveID": "CVE-2013-1690", "vendorProject": "Mozilla", "product": "Firefox and Thunderbird", "vulnerabilityName": "Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Mozilla Firefox and Thunderbird do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial-of-service (DoS) or possibly execute malicious code via a crafted web site.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-1690", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2012-5076", "vendorProject": "Oracle", "product": "Java SE", "vulnerabilityName": "Oracle Java SE Sandbox Bypass Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-5076", "cwes": [] }, { "cveID": "CVE-2012-2539", "vendorProject": "Microsoft", "product": "Word", "vulnerabilityName": "Microsoft Word Remote Code Execution Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Microsoft Word allows attackers to execute remote code or cause a denial-of-service (DoS) via crafted RTF data.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-2539", "cwes": [ "CWE-399" ] }, { "cveID": "CVE-2012-2034", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Memory Corruption Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Adobe Flash Player contains a memory corruption vulnerability that allows for remote code execution or denial-of-service (DoS).", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-2034", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2012-0518", "vendorProject": "Oracle", "product": "Fusion Middleware", "vulnerabilityName": "Oracle Fusion Middleware Unspecified Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via Unknown vectors", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-0518", "cwes": [ "CWE-601" ] }, { "cveID": "CVE-2011-2005", "vendorProject": "Microsoft", "product": "Ancillary Function Driver (afd.sys)", "vulnerabilityName": "Microsoft Ancillary Function Driver (afd.sys) Improper Input Validation Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "afd.sys in the Ancillary Function Driver in Microsoft Windows does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2011-2005", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2010-4398", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Kernel Stack-Based Buffer Overflow Vulnerability", "dateAdded": "2022-03-28", "shortDescription": "Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-4398", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2022-26318", "vendorProject": "WatchGuard", "product": "Firebox and XTM Appliances", "vulnerabilityName": "WatchGuard Firebox and XTM Appliances Arbitrary Code Execution", "dateAdded": "2022-03-25", "shortDescription": "On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-26318", "cwes": [ "CWE-122" ] }, { "cveID": "CVE-2022-26143", "vendorProject": "Mitel", "product": "MiCollab, MiVoice Business Express", "vulnerabilityName": "MiCollab, MiVoice Business Express Access Control Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "A vulnerability has been identified in MiCollab and MiVoice Business Express that may allow a malicious actor to gain unauthorized access to sensitive information and services, cause performance degradations or a denial of service condition on the affected system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-26143", "cwes": [ "CWE-306", "CWE-406" ] }, { "cveID": "CVE-2022-21999", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Print Spooler Privilege Escalation Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Microsoft Windows Print Spooler contains an unspecified vulnerability which can allow for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-21999", "cwes": [ "CWE-40", "CWE-1386" ] }, { "cveID": "CVE-2021-42237", "vendorProject": "Sitecore", "product": "XP", "vulnerabilityName": "Sitecore XP Remote Command Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Sitcore XP contains an insecure deserialization vulnerability which can allow for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-42237", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2021-22941", "vendorProject": "Citrix", "product": "ShareFile", "vulnerabilityName": "Citrix ShareFile Improper Access Control Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Improper Access Control in Citrix ShareFile storage zones controller may allow an unauthenticated attacker to remotely compromise the storage zones controller.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-22941", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2020-9377", "vendorProject": "D-Link", "product": "DIR-610 Devices", "vulnerabilityName": "D-Link DIR-610 Devices Remote Command Execution", "dateAdded": "2022-03-25", "shortDescription": "D-Link DIR-610 devices allow remote code execution via the cmd parameter to command.php.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-9377", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2020-9054", "vendorProject": "Zyxel", "product": "Multiple Network-Attached Storage (NAS) Devices", "vulnerabilityName": "Zyxel Multiple NAS Devices OS Command Injection Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-9054", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2020-7247", "vendorProject": "OpenBSD", "product": "OpenSMTPD", "vulnerabilityName": "OpenSMTPD Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "smtp_mailaddr in smtp_session.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-7247", "cwes": [ "CWE-755", "CWE-78" ] }, { "cveID": "CVE-2020-5410", "vendorProject": "VMware Tanzu", "product": "Spring Cloud Configuration (Config) Server", "vulnerabilityName": "VMware Tanzu Spring Cloud Config Directory Traversal Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Spring, by VMware Tanzu, Cloud Config contains a path traversal vulnerability that allows applications to serve arbitrary configuration files.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-5410", "cwes": [ "CWE-23" ] }, { "cveID": "CVE-2020-25223", "vendorProject": "Sophos", "product": "SG UTM", "vulnerabilityName": "Sophos SG UTM Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-25223", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2020-2506", "vendorProject": "QNAP Systems", "product": "Helpdesk", "vulnerabilityName": "QNAP Helpdesk Improper Access Control Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "QNAP Helpdesk contains an improper access control vulnerability which could allow an attacker to gain privileges or to read sensitive information.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-2506", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2020-2021", "vendorProject": "Palo Alto Networks", "product": "PAN-OS", "vulnerabilityName": "Palo Alto Networks PAN-OS Authentication Bypass Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Palo Alto Networks PAN-OS contains a vulnerability in SAML which allows an attacker to bypass authentication.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-2021", "cwes": [ "CWE-347" ] }, { "cveID": "CVE-2020-1956", "vendorProject": "Apache", "product": "Kylin", "vulnerabilityName": "Apache Kylin OS Command Injection Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Apache Kylin contains an OS command injection vulnerability which could permit an attacker to perform remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-1956", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2020-1631", "vendorProject": "Juniper", "product": "Junos OS", "vulnerabilityName": "Juniper Junos OS Path Traversal Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "A path traversal vulnerability in the HTTP\/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-1631", "cwes": [ "CWE-22", "CWE-73" ] }, { "cveID": "CVE-2019-6340", "vendorProject": "Drupal", "product": "Core", "vulnerabilityName": "Drupal Core Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "In Drupal Core, some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-6340", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2019-2616", "vendorProject": "Oracle", "product": "BI Publisher (Formerly XML Publisher)", "vulnerabilityName": "Oracle BI Publisher Unauthorized Access Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Oracle BI Publisher, formerly XML Publisher, contains an unspecified vulnerability that allows for various unauthorized actions. Open-source reporting attributes this vulnerability to allowing for authentication bypass.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-2616", "cwes": [] }, { "cveID": "CVE-2019-16920", "vendorProject": "D-Link", "product": "Multiple Routers", "vulnerabilityName": "D-Link Multiple Routers Command Injection Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Multiple D-Link routers contain a command injection vulnerability which can allow attackers to achieve full system compromise.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-16920", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2019-15107", "vendorProject": "Webmin", "product": "Webmin", "vulnerabilityName": "Webmin Command Injection Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "An issue was discovered in Webmin. The parameter old in password_change.cgi contains a command injection vulnerability.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-15107", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2019-12991", "vendorProject": "Citrix", "product": "SD-WAN and NetScaler", "vulnerabilityName": "Citrix SD-WAN and NetScaler Command Injection Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Authenticated Command Injection in Citrix SD-WAN Appliance and NetScaler SD-WAN Appliance.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-12991", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2019-12989", "vendorProject": "Citrix", "product": "SD-WAN and NetScaler", "vulnerabilityName": "Citrix SD-WAN and NetScaler SQL Injection Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Citrix SD-WAN and NetScaler SD-WAN allow SQL Injection.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-12989", "cwes": [ "CWE-89" ] }, { "cveID": "CVE-2019-11043", "vendorProject": "PHP", "product": "FastCGI Process Manager (FPM)", "vulnerabilityName": "PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-11043", "cwes": [ "CWE-120" ] }, { "cveID": "CVE-2019-10068", "vendorProject": "Kentico", "product": "Xperience", "vulnerabilityName": "Kentico Xperience Deserialization of Untrusted Data Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Kentico contains a failure to validate security headers. This deserialization can led to unauthenticated remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-10068", "cwes": [ "CWE-502" ] }, { "cveID": "CVE-2019-1003030", "vendorProject": "Jenkins", "product": "Matrix Project Plugin", "vulnerabilityName": "Jenkins Matrix Project Plugin Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Jenkins Matrix Project plugin contains a vulnerability which can allow users to escape the sandbox, opening opportunity to perform remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-1003030", "cwes": [] }, { "cveID": "CVE-2019-0903", "vendorProject": "Microsoft", "product": "Graphics Device Interface (GDI)", "vulnerabilityName": "Microsoft GDI Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-0903", "cwes": [] }, { "cveID": "CVE-2018-8414", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Shell Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-8414", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2018-8373", "vendorProject": "Microsoft", "product": "Internet Explorer Scripting Engine", "vulnerabilityName": "Microsoft Scripting Engine Memory Corruption Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-8373", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2018-6961", "vendorProject": "VMware", "product": "SD-WAN Edge", "vulnerabilityName": "VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "VMware SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. Successful exploitation of this issue could result in remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-6961", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2018-14839", "vendorProject": "LG", "product": "N1A1 NAS", "vulnerabilityName": "LG N1A1 NAS Remote Command Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "LG N1A1 NAS 3718.510 is affected by a remote code execution vulnerability.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-14839", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2018-1273", "vendorProject": "VMware Tanzu", "product": "Spring Data Commons", "vulnerabilityName": "VMware Tanzu Spring Data Commons Property Binder Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Spring Data Commons contains a property binder vulnerability which can allow an attacker to perform remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-1273", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2018-11138", "vendorProject": "Quest", "product": "KACE System Management Appliance", "vulnerabilityName": "Quest KACE System Management Appliance Remote Command Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "The '\/common\/download_agent_installer.php' script in the Quest KACE System Management Appliance is accessible by anonymous users and can be abused to perform remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-11138", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2018-0147", "vendorProject": "Cisco", "product": "Secure Access Control System (ACS)", "vulnerabilityName": "Cisco Secure Access Control System Java Deserialization Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0147", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2018-0125", "vendorProject": "Cisco", "product": "VPN Routers", "vulnerabilityName": "Cisco VPN Routers Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "A vulnerability in the web interface of the Cisco VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as root and gain full control of an affected system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0125", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2017-6334", "vendorProject": "NETGEAR", "product": "DGN2200 Devices", "vulnerabilityName": "NETGEAR DGN2200 Devices OS Command Injection Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6334", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2017-6316", "vendorProject": "Citrix", "product": "NetScaler SD-WAN Enterprise, CloudBridge Virtual WAN, and XenMobile Server", "vulnerabilityName": "Citrix Multiple Products Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could result in an unauthenticated, remote attacker being able to execute arbitrary code as a root user. This vulnerability also affects XenMobile Server.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6316", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2017-3881", "vendorProject": "Cisco", "product": "IOS and IOS XE", "vulnerabilityName": "Cisco IOS and IOS XE Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-3881", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2017-12617", "vendorProject": "Apache", "product": "Tomcat", "vulnerabilityName": "Apache Tomcat Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "When running Apache Tomcat, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-12617", "cwes": [ "CWE-434" ] }, { "cveID": "CVE-2017-12615", "vendorProject": "Apache", "product": "Tomcat", "vulnerabilityName": "Apache Tomcat on Windows Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "When running Apache Tomcat on Windows with HTTP PUTs enabled, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-12615", "cwes": [ "CWE-434" ] }, { "cveID": "CVE-2017-0146", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows SMB Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-0146", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2016-7892", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Adobe Flash Player has an exploitable use-after-free vulnerability in the TextField class.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-7892", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2016-4171", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Unspecified vulnerability in Adobe Flash Player allows for remote code execution.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-4171", "cwes": [] }, { "cveID": "CVE-2016-1555", "vendorProject": "NETGEAR", "product": "Wireless Access Point (WAP) Devices", "vulnerabilityName": "NETGEAR Multiple WAP Devices Command Injection Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Multiple NETGEAR Wireless Access Point devices allows unauthenticated web pages to pass form input directly to the command-line interface. Exploitation allows for arbitrary code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-1555", "cwes": [ "CWE-77" ] }, { "cveID": "CVE-2016-11021", "vendorProject": "D-Link", "product": "DCS-930L Devices", "vulnerabilityName": "D-Link DCS-930L Devices OS Command Injection Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "setSystemCommand on D-Link DCS-930L devices allows a remote attacker to execute code via an OS command.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-11021", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2016-10174", "vendorProject": "NETGEAR", "product": "WNR2000v5 Router", "vulnerabilityName": "NETGEAR WNR2000v5 Router Buffer Overflow Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "The NETGEAR WNR2000v5 router contains a buffer overflow which can be exploited to achieve remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-10174", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2016-0752", "vendorProject": "Rails", "product": "Ruby on Rails", "vulnerabilityName": "Ruby on Rails Directory Traversal Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-0752", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2015-4068", "vendorProject": "Arcserve", "product": "Unified Data Protection (UDP)", "vulnerabilityName": "Arcserve Unified Data Protection (UDP) Directory Traversal Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Directory traversal vulnerability in Arcserve UDP allows remote attackers to obtain sensitive information or cause a denial of service.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-4068", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2015-3035", "vendorProject": "TP-Link", "product": "Multiple Archer Devices", "vulnerabilityName": "TP-Link Multiple Archer Devices Directory Traversal Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login\/.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-3035", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2015-1427", "vendorProject": "Elastic", "product": "Elasticsearch", "vulnerabilityName": "Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-1427", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2015-1187", "vendorProject": "D-Link and TRENDnet", "product": "Multiple Devices", "vulnerabilityName": "D-Link and TRENDnet Multiple Devices Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-1187", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2015-0666", "vendorProject": "Cisco", "product": "Prime Data Center Network Manager (DCNM)", "vulnerabilityName": "Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-0666", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2014-6332", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Object Linking & Embedding (OLE) Automation Array Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-6332", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2014-6324", "vendorProject": "Microsoft", "product": "Kerberos Key Distribution Center (KDC)", "vulnerabilityName": "Microsoft Kerberos Key Distribution Center (KDC) Privilege Escalation Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain administrator privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-6324", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2014-6287", "vendorProject": "Rejetto", "product": "HTTP File Server (HFS)", "vulnerabilityName": "Rejetto HTTP File Server (HFS) Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (HFS or HttpFileServer) allows remote attackers to execute arbitrary programs.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-6287", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2014-3120", "vendorProject": "Elastic", "product": "Elasticsearch", "vulnerabilityName": "Elasticsearch Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-3120", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2014-0130", "vendorProject": "Rails", "product": "Ruby on Rails", "vulnerabilityName": "Ruby on Rails Directory Traversal Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Directory traversal vulnerability in actionpack\/lib\/abstract_controller\/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-0130", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2013-5223", "vendorProject": "D-Link", "product": "DSL-2760U", "vulnerabilityName": "D-Link DSL-2760U Gateway Cross-Site Scripting Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "A cross-site scripting (XSS) vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users to inject arbitrary web script or HTML.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-5223", "cwes": [ "CWE-79" ] }, { "cveID": "CVE-2013-4810", "vendorProject": "Hewlett Packard (HP)", "product": "ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management", "vulnerabilityName": "HP Multiple Products Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-4810", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2013-2251", "vendorProject": "Apache", "product": "Struts", "vulnerabilityName": "Apache Struts Improper Input Validation Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Apache Struts allows remote attackers to execute arbitrary Object-Graph Navigation Language (OGNL) expressions.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-2251", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2012-1823", "vendorProject": "PHP", "product": "PHP", "vulnerabilityName": "PHP-CGI Query String Parameter Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "sapi\/cgi\/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-1823", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2010-4345", "vendorProject": "Exim", "product": "Exim", "vulnerabilityName": "Exim Privilege Escalation Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-4345", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2010-4344", "vendorProject": "Exim", "product": "Exim", "vulnerabilityName": "Exim Heap-Based Buffer Overflow Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-4344", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2010-3035", "vendorProject": "Cisco", "product": "IOS XR", "vulnerabilityName": "Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-3035", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2010-2861", "vendorProject": "Adobe", "product": "ColdFusion", "vulnerabilityName": "Adobe ColdFusion Directory Traversal Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "A directory traversal vulnerability exists in the administrator console in Adobe ColdFusion which allows remote attackers to read arbitrary files.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-2861", "cwes": [ "CWE-22" ] }, { "cveID": "CVE-2009-2055", "vendorProject": "Cisco", "product": "IOS XR", "vulnerabilityName": "Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2009-2055", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2009-1151", "vendorProject": "phpMyAdmin", "product": "phpMyAdmin", "vulnerabilityName": "phpMyAdmin Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2009-1151", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2009-0927", "vendorProject": "Adobe", "product": "Reader and Acrobat", "vulnerabilityName": "Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2009-0927", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2005-2773", "vendorProject": "Hewlett Packard (HP)", "product": "OpenView Network Node Manager", "vulnerabilityName": "HP OpenView Network Node Manager Remote Code Execution Vulnerability", "dateAdded": "2022-03-25", "shortDescription": "HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2005-2773", "cwes": [] }, { "cveID": "CVE-2020-5135", "vendorProject": "SonicWall", "product": "SonicOS", "vulnerabilityName": "SonicWall SonicOS Buffer Overflow Vulnerability", "dateAdded": "2022-03-15", "shortDescription": "A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-5135", "cwes": [ "CWE-120" ] }, { "cveID": "CVE-2019-1405", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability", "dateAdded": "2022-03-15", "shortDescription": "A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-05", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-1405", "cwes": [] }, { "cveID": "CVE-2019-1322", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", "dateAdded": "2022-03-15", "shortDescription": "A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-05", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-1322", "cwes": [] }, { "cveID": "CVE-2019-1315", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability", "dateAdded": "2022-03-15", "shortDescription": "A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-05", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-1315", "cwes": [ "CWE-59" ] }, { "cveID": "CVE-2019-1253", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability", "dateAdded": "2022-03-15", "shortDescription": "A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-05", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-1253", "cwes": [ "CWE-59" ] }, { "cveID": "CVE-2019-1132", "vendorProject": "Microsoft", "product": "Win32k", "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", "dateAdded": "2022-03-15", "shortDescription": "A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-05", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-1132", "cwes": [] }, { "cveID": "CVE-2019-1129", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability", "dateAdded": "2022-03-15", "shortDescription": "A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-05", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-1129", "cwes": [ "CWE-59" ] }, { "cveID": "CVE-2019-1069", "vendorProject": "Microsoft", "product": "Task Scheduler", "vulnerabilityName": "Microsoft Task Scheduler Privilege Escalation Vulnerability", "dateAdded": "2022-03-15", "shortDescription": "A privilege escalation vulnerability exists in the way the Task Scheduler Service validates certain file operations.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-05", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-1069", "cwes": [ "CWE-59" ] }, { "cveID": "CVE-2019-1064", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability", "dateAdded": "2022-03-15", "shortDescription": "A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-05", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-1064", "cwes": [ "CWE-59" ] }, { "cveID": "CVE-2019-0841", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability", "dateAdded": "2022-03-15", "shortDescription": "A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-05", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-0841", "cwes": [ "CWE-59" ] }, { "cveID": "CVE-2019-0543", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", "dateAdded": "2022-03-15", "shortDescription": "A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-05", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-0543", "cwes": [ "CWE-287" ] }, { "cveID": "CVE-2018-8120", "vendorProject": "Microsoft", "product": "Win32k", "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", "dateAdded": "2022-03-15", "shortDescription": "A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-05", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-8120", "cwes": [ "CWE-404" ] }, { "cveID": "CVE-2017-0101", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Transaction Manager Privilege Escalation Vulnerability", "dateAdded": "2022-03-15", "shortDescription": "A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-05", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-0101", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2016-3309", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", "dateAdded": "2022-03-15", "shortDescription": "A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-05", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-3309", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2015-2546", "vendorProject": "Microsoft", "product": "Win32k", "vulnerabilityName": "Microsoft Win32k Memory Corruption Vulnerability", "dateAdded": "2022-03-15", "shortDescription": "The kernel-mode driver in Microsoft Windows OS and Server allows local users to gain privileges via a crafted application.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-04-05", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-2546", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2022-26486", "vendorProject": "Mozilla", "product": "Firefox", "vulnerabilityName": "Mozilla Firefox Use-After-Free Vulnerability", "dateAdded": "2022-03-07", "shortDescription": "Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-26486", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2022-26485", "vendorProject": "Mozilla", "product": "Firefox", "vulnerabilityName": "Mozilla Firefox Use-After-Free Vulnerability", "dateAdded": "2022-03-07", "shortDescription": "Mozilla Firefox contains a use-after-free vulnerability in XSLT parameter processing which can be exploited to perform arbitrary code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-26485", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2021-21973", "vendorProject": "VMware", "product": "vCenter Server and Cloud Foundation", "vulnerabilityName": "VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability", "dateAdded": "2022-03-07", "shortDescription": "VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-21", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-21973", "cwes": [ "CWE-20", "CWE-918" ] }, { "cveID": "CVE-2020-8218", "vendorProject": "Pulse Secure", "product": "Pulse Connect Secure", "vulnerabilityName": "Pulse Connect Secure Code Injection Vulnerability", "dateAdded": "2022-03-07", "shortDescription": "A code injection vulnerability exists in Pulse Connect Secure that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-8218", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2019-11581", "vendorProject": "Atlassian", "product": "Jira Server and Data Center", "vulnerabilityName": "Atlassian Jira Server and Data Center Server-Side Template Injection Vulnerability", "dateAdded": "2022-03-07", "shortDescription": "Atlassian Jira Server and Data Center contain a server-side template injection vulnerability which can allow for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-11581", "cwes": [ "CWE-74" ] }, { "cveID": "CVE-2017-6077", "vendorProject": "NETGEAR", "product": "Wireless Router DGN2200", "vulnerabilityName": "NETGEAR DGN2200 Remote Code Execution Vulnerability", "dateAdded": "2022-03-07", "shortDescription": "NETGEAR DGN2200 wireless routers contain a vulnerability that allows for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6077", "cwes": [ "CWE-78" ] }, { "cveID": "CVE-2016-6277", "vendorProject": "NETGEAR", "product": "Multiple Routers", "vulnerabilityName": "NETGEAR Multiple Routers Remote Code Execution Vulnerability", "dateAdded": "2022-03-07", "shortDescription": "NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-6277", "cwes": [ "CWE-352" ] }, { "cveID": "CVE-2013-0631", "vendorProject": "Adobe", "product": "ColdFusion", "vulnerabilityName": "Adobe ColdFusion Information Disclosure Vulnerability", "dateAdded": "2022-03-07", "shortDescription": "Adobe Coldfusion contains an unspecified vulnerability, which could result in information disclosure from a compromised server.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-0631", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2013-0629", "vendorProject": "Adobe", "product": "ColdFusion", "vulnerabilityName": "Adobe ColdFusion Directory Traversal Vulnerability", "dateAdded": "2022-03-07", "shortDescription": "Adobe Coldfusion contains a directory traversal vulnerability, which could permit an unauthorized user access to restricted directories.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-0629", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2013-0625", "vendorProject": "Adobe", "product": "ColdFusion", "vulnerabilityName": "Adobe ColdFusion Authentication Bypass Vulnerability", "dateAdded": "2022-03-07", "shortDescription": "Adobe Coldfusion contains an authentication bypass vulnerability, which could result in an unauthorized user gaining administrative access.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-0625", "cwes": [ "CWE-255" ] }, { "cveID": "CVE-2009-3960", "vendorProject": "Adobe", "product": "BlazeDS", "vulnerabilityName": "Adobe BlazeDS Information Disclosure Vulnerability", "dateAdded": "2022-03-07", "shortDescription": "Adobe BlazeDS, which is utilized in LifeCycle and Coldfusion, contains a vulnerability that allows for information disclosure.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-09-07", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2009-3960", "cwes": [] }, { "cveID": "CVE-2022-20708", "vendorProject": "Cisco", "product": "Small Business RV160, RV260, RV340, and RV345 Series Routers", "vulnerabilityName": "Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-20708", "cwes": [ "CWE-121" ] }, { "cveID": "CVE-2022-20703", "vendorProject": "Cisco", "product": "Small Business RV160, RV260, RV340, and RV345 Series Routers", "vulnerabilityName": "Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-20703", "cwes": [ "CWE-347" ] }, { "cveID": "CVE-2022-20701", "vendorProject": "Cisco", "product": "Small Business RV160, RV260, RV340, and RV345 Series Routers", "vulnerabilityName": "Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-20701", "cwes": [ "CWE-121" ] }, { "cveID": "CVE-2022-20700", "vendorProject": "Cisco", "product": "Small Business RV160, RV260, RV340, and RV345 Series Routers", "vulnerabilityName": "Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-20700", "cwes": [ "CWE-121" ] }, { "cveID": "CVE-2022-20699", "vendorProject": "Cisco", "product": "Small Business RV160, RV260, RV340, and RV345 Series Routers", "vulnerabilityName": "Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-20699", "cwes": [ "CWE-785" ] }, { "cveID": "CVE-2021-41379", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Installer Privilege Escalation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-41379", "cwes": [ "CWE-1386" ] }, { "cveID": "CVE-2020-1938", "vendorProject": "Apache", "product": "Tomcat", "vulnerabilityName": "Apache Tomcat Improper Privilege Management Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-1938", "cwes": [] }, { "cveID": "CVE-2020-11899", "vendorProject": "Treck TCP\/IP stack", "product": "IPv6", "vulnerabilityName": "Treck TCP\/IP stack Out-of-Bounds Read Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The Treck TCP\/IP stack contains an IPv6 out-of-bounds read vulnerability.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-11899", "cwes": [ "CWE-125" ] }, { "cveID": "CVE-2019-16928", "vendorProject": "Exim", "product": "Exim Internet Mailer", "vulnerabilityName": "Exim Out-of-bounds Write Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-16928", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2019-1652", "vendorProject": "Cisco", "product": "Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers", "vulnerabilityName": "Cisco Small Business Routers Improper Input Validation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-1652", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2019-1297", "vendorProject": "Microsoft", "product": "Excel", "vulnerabilityName": "Microsoft Excel Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-1297", "cwes": [] }, { "cveID": "CVE-2018-8581", "vendorProject": "Microsoft", "product": "Exchange Server", "vulnerabilityName": "Microsoft Exchange Server Privilege Escalation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-8581", "cwes": [] }, { "cveID": "CVE-2018-8298", "vendorProject": "ChakraCore", "product": "ChakraCore scripting engine", "vulnerabilityName": "ChakraCore Scripting Engine Type Confusion Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The ChakraCore scripting engine contains a type confusion vulnerability which can allow for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-8298", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2018-0180", "vendorProject": "Cisco", "product": "IOS Software", "vulnerabilityName": "Cisco IOS Software Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0180", "cwes": [ "CWE-399" ] }, { "cveID": "CVE-2018-0179", "vendorProject": "Cisco", "product": "IOS Software", "vulnerabilityName": "Cisco IOS Software Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0179", "cwes": [ "CWE-399" ] }, { "cveID": "CVE-2018-0175", "vendorProject": "Cisco", "product": "IOS, XR, and XE Software", "vulnerabilityName": "Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Format string vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0175", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2018-0174", "vendorProject": "Cisco", "product": "IOS XE Software", "vulnerabilityName": "Cisco IOS Software and Cisco IOS XE Software Improper Input Validation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0174", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2018-0173", "vendorProject": "Cisco", "product": "IOS and IOS XE Software", "vulnerabilityName": "Cisco IOS and IOS XE Software Improper Input Validation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets can allow for denial-of-service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0173", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2018-0172", "vendorProject": "Cisco", "product": "IOS and IOS XE Software", "vulnerabilityName": "Cisco IOS and IOS XE Software Improper Input Validation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0172", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2018-0167", "vendorProject": "Cisco", "product": "IOS, XR, and XE Software", "vulnerabilityName": "Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "There is a buffer overflow vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0167", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2018-0161", "vendorProject": "Cisco", "product": "IOS Software", "vulnerabilityName": "Cisco IOS Software Resource Management Errors Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial-of-service (DoS) condition.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0161", "cwes": [ "CWE-399" ] }, { "cveID": "CVE-2018-0159", "vendorProject": "Cisco", "product": "IOS Software and Cisco IOS XE Software", "vulnerabilityName": "Cisco IOS and XE Software Internet Key Exchange Version 1 Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0159", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2018-0158", "vendorProject": "Cisco", "product": "IOS Software and Cisco IOS XE Software", "vulnerabilityName": "Cisco IOS and XE Software Internet Key Exchange Memory Leak Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0158", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2018-0156", "vendorProject": "Cisco", "product": "IOS Software and Cisco IOS XE Software", "vulnerabilityName": "Cisco IOS Software and Cisco IOS XE Software Smart Install Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial-of-service (DoS) condition.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0156", "cwes": [ "CWE-399" ] }, { "cveID": "CVE-2018-0155", "vendorProject": "Cisco", "product": "Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches", "vulnerabilityName": "Cisco Catalyst Bidirectional Forwarding Detection Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial-of-service (DoS) condition.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0155", "cwes": [ "CWE-388" ] }, { "cveID": "CVE-2018-0154", "vendorProject": "Cisco", "product": "IOS Software", "vulnerabilityName": "Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0154", "cwes": [ "CWE-399" ] }, { "cveID": "CVE-2018-0151", "vendorProject": "Cisco", "product": "IOS and IOS XE Software", "vulnerabilityName": "Cisco IOS Software and Cisco IOS XE Software Quality of Service Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-17", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0151", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2017-8540", "vendorProject": "Microsoft", "product": "Malware Protection Engine", "vulnerabilityName": "Microsoft Malware Protection Engine Improper Restriction of Operations Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka \"Microsoft Malware Protection Engine Remote Code Execution Vulnerability\".", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-8540", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2017-6744", "vendorProject": "Cisco", "product": "IOS software", "vulnerabilityName": "Cisco IOS Software SNMP Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6744", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2017-6743", "vendorProject": "Cisco", "product": "IOS and IOS XE Software", "vulnerabilityName": "Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6743", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2017-6740", "vendorProject": "Cisco", "product": "IOS and IOS XE Software", "vulnerabilityName": "Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6740", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2017-6739", "vendorProject": "Cisco", "product": "IOS and IOS XE Software", "vulnerabilityName": "Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6739", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2017-6738", "vendorProject": "Cisco", "product": "IOS and IOS XE Software", "vulnerabilityName": "Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6738", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2017-6737", "vendorProject": "Cisco", "product": "IOS and IOS XE Software", "vulnerabilityName": "Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6737", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2017-6736", "vendorProject": "Cisco", "product": "IOS and IOS XE Software", "vulnerabilityName": "Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6736", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2017-6663", "vendorProject": "Cisco", "product": "IOS and IOS XE Software", "vulnerabilityName": "Cisco IOS Software and Cisco IOS XE Software Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in denial-of-service (DoS).", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6663", "cwes": [] }, { "cveID": "CVE-2017-6627", "vendorProject": "Cisco", "product": "IOS and IOS XE Software", "vulnerabilityName": "Cisco IOS Software and Cisco IOS XE Software UDP Packet Processing Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the UDP processing code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and denial of service.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6627", "cwes": [ "CWE-399" ] }, { "cveID": "CVE-2017-12319", "vendorProject": "Cisco", "product": "IOS XE Software", "vulnerabilityName": "Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-12319", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2017-12240", "vendorProject": "Cisco", "product": "IOS and IOS XE Software", "vulnerabilityName": "Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The Dynamic Host Configuration Protocol (DHCP) relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-12240", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2017-12238", "vendorProject": "Cisco", "product": "Catalyst 6800 Series Switches", "vulnerabilityName": "Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-12238", "cwes": [ "CWE-399" ] }, { "cveID": "CVE-2017-12237", "vendorProject": "Cisco", "product": "IOS and IOS XE Software", "vulnerabilityName": "Cisco IOS and IOS XE Software Internet Key Exchange Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-12237", "cwes": [ "CWE-399" ] }, { "cveID": "CVE-2017-12235", "vendorProject": "Cisco", "product": "IOS software", "vulnerabilityName": "Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-12235", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2017-12234", "vendorProject": "Cisco", "product": "IOS software", "vulnerabilityName": "Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-12234", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2017-12233", "vendorProject": "Cisco", "product": "IOS software", "vulnerabilityName": "Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-12233", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2017-12232", "vendorProject": "Cisco", "product": "IOS software", "vulnerabilityName": "Cisco IOS Software for Cisco Integrated Services Routers Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-12232", "cwes": [ "CWE-399" ] }, { "cveID": "CVE-2017-12231", "vendorProject": "Cisco", "product": "IOS software", "vulnerabilityName": "Cisco IOS Software Network Address Translation Denial-of-Service Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-12231", "cwes": [ "CWE-399" ] }, { "cveID": "CVE-2017-11826", "vendorProject": "Microsoft", "product": "Office", "vulnerabilityName": "Microsoft Office Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-11826", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2017-11292", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Type Confusion Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Adobe Flash Player contains a type confusion vulnerability which can allow for remote code execution.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-11292", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2017-0261", "vendorProject": "Microsoft", "product": "Office", "vulnerabilityName": "Microsoft Office Use-After-Free Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Microsoft Office contains a use-after-free vulnerability which can allow for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-0261", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2017-0001", "vendorProject": "Microsoft", "product": "Graphics Device Interface (GDI)", "vulnerabilityName": "Microsoft Graphics Device Interface (GDI) Privilege Escalation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-0001", "cwes": [] }, { "cveID": "CVE-2016-8562", "vendorProject": "Siemens", "product": "SIMATIC CP", "vulnerabilityName": "Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor (CP) that allows a privileged attacker to remotely cause a denial of service.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-8562", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2016-7855", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Use-after-free vulnerability in Adobe Flash Player Windows and OS and Linux allows remote attackers to execute arbitrary code.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-7855", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2016-7262", "vendorProject": "Microsoft", "product": "Excel", "vulnerabilityName": "Microsoft Office Security Feature Bypass Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-7262", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2016-7193", "vendorProject": "Microsoft", "product": "Office", "vulnerabilityName": "Microsoft Office Memory Corruption Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Microsoft Office contains a memory corruption vulnerability which can allow for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-7193", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2016-5195", "vendorProject": "Linux", "product": "Kernel", "vulnerabilityName": "Linux Kernel Race Condition Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Race condition in mm\/gup.c in the Linux kernel allows local users to escalate privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-5195", "cwes": [ "CWE-362" ] }, { "cveID": "CVE-2016-4117", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Arbitrary Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "An access of resource using incompatible type vulnerability exists within Adobe Flash Player that allows an attacker to perform remote code execution.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-4117", "cwes": [] }, { "cveID": "CVE-2016-1019", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Arbitrary Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Adobe Flash Player allows remote attackers to cause a denial of service or possibly execute arbitrary code.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-1019", "cwes": [] }, { "cveID": "CVE-2016-0099", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-0099", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2015-7645", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Arbitrary Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Adobe Flash Player allows remote attackers to execute arbitrary code via a crafted SWF file.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-7645", "cwes": [] }, { "cveID": "CVE-2015-5119", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A use-after-free vulnerability exists within the ActionScript 3 ByteArray class in Adobe Flash Player that allows an attacker to perform remote code execution.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-5119", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2015-4902", "vendorProject": "Oracle", "product": "Java SE", "vulnerabilityName": "Oracle Java SE Integrity Check Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Unspecified vulnerability in Oracle Java SE allows remote attackers to affect integrity via Unknown vectors related to deployment.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-4902", "cwes": [] }, { "cveID": "CVE-2015-3043", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Memory Corruption Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A memory corruption vulnerability exists in Adobe Flash Player that allows an attacker to perform remote code execution.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-3043", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2015-2590", "vendorProject": "Oracle", "product": "Java SE", "vulnerabilityName": "Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-2590", "cwes": [] }, { "cveID": "CVE-2015-2545", "vendorProject": "Microsoft", "product": "Office", "vulnerabilityName": "Microsoft Office Malformed EPS File Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Microsoft Office allows remote attackers to execute arbitrary code via a crafted EPS image.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-2545", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2015-2424", "vendorProject": "Microsoft", "product": "PowerPoint", "vulnerabilityName": "Microsoft PowerPoint Memory Corruption Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Microsoft PowerPoint allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-2424", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2015-2387", "vendorProject": "Microsoft", "product": "ATM Font Driver", "vulnerabilityName": "Microsoft ATM Font Driver Privilege Escalation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server allows local users to gain privileges via a crafted application.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-2387", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2015-1701", "vendorProject": "Microsoft", "product": "Win32k", "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code with elevated privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-1701", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2015-1642", "vendorProject": "Microsoft", "product": "Office", "vulnerabilityName": "Microsoft Office Memory Corruption Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Microsoft Office contains a memory corruption vulnerability that allows remote attackers to execute arbitrary code via a crafted document.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-1642", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2014-4114", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Object Linking & Embedding (OLE) Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A vulnerability exists in Windows Object Linking & Embedding (OLE) that could allow remote code execution if a user opens a file that contains a specially crafted OLE object.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-4114", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2014-0496", "vendorProject": "Adobe", "product": "Reader and Acrobat", "vulnerabilityName": "Adobe Reader and Acrobat Use-After-Free Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Adobe Reader and Acrobat contain a use-after-free vulnerability which can allow for code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-0496", "cwes": [ "CWE-399" ] }, { "cveID": "CVE-2013-5065", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Microsoft Windows NDProxy.sys in the kernel contains an improper input validation vulnerability which can allow a local attacker to escalate privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-5065", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2013-3897", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Use-After-Free Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A use-after-free vulnerability exists within CDisplayPointer in Microsoft Internet Explorer that allows an attacker to remotely execute arbitrary code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-3897", "cwes": [ "CWE-399" ] }, { "cveID": "CVE-2013-3346", "vendorProject": "Adobe", "product": "Reader and Acrobat", "vulnerabilityName": "Adobe Reader and Acrobat Memory Corruption Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Adobe Reader and Acrobat contain a memory corruption vulnerability which can allow attackers to execute arbitrary code or cause a denial of service.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-3346", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2013-1675", "vendorProject": "Mozilla", "product": "Firefox", "vulnerabilityName": "Mozilla Firefox Information Disclosure Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Mozilla Firefox does not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-1675", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2013-1347", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "This vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-1347", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2013-0641", "vendorProject": "Adobe", "product": "Reader", "vulnerabilityName": "Adobe Reader Buffer Overflow Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A buffer overflow vulnerability exists in Adobe Reader which allows an attacker to perform remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-0641", "cwes": [ "CWE-120" ] }, { "cveID": "CVE-2013-0640", "vendorProject": "Adobe", "product": "Reader and Acrobat", "vulnerabilityName": "Adobe Reader and Acrobat Memory Corruption Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "An memory corruption vulnerability exists in the acroform.dll in Adobe Reader that allows an attacker to perform remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-0640", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2013-0632", "vendorProject": "Adobe", "product": "ColdFusion", "vulnerabilityName": "Adobe ColdFusion Authentication Bypass Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "An authentication bypass vulnerability exists in Adobe ColdFusion which could result in an unauthorized user gaining administrative access.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-0632", "cwes": [ "CWE-200" ] }, { "cveID": "CVE-2012-4681", "vendorProject": "Oracle", "product": "Java SE", "vulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The Java Runtime Environment (JRE) component in Oracle Java SE allow for remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-4681", "cwes": [] }, { "cveID": "CVE-2012-1856", "vendorProject": "Microsoft", "product": "Office", "vulnerabilityName": "Microsoft Office MSCOMCTL.OCX Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-1856", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2012-1723", "vendorProject": "Oracle", "product": "Java SE", "vulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Hotspot.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-1723", "cwes": [] }, { "cveID": "CVE-2012-1535", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Arbitrary Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code or cause a denial of service via crafted SWF content.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-1535", "cwes": [] }, { "cveID": "CVE-2012-0507", "vendorProject": "Oracle", "product": "Java SE", "vulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "An incorrect type vulnerability exists in the Concurrency component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-0507", "cwes": [] }, { "cveID": "CVE-2011-3544", "vendorProject": "Oracle", "product": "Java SE JDK and JRE", "vulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2011-3544", "cwes": [] }, { "cveID": "CVE-2011-1889", "vendorProject": "Microsoft", "product": "Forefront Threat Management Gateway (TMG)", "vulnerabilityName": "Microsoft Forefront TMG Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A remote code execution vulnerability exists in the Forefront Threat Management Gateway (TMG) Firewall Client Winsock provider that could allow code execution in the security context of the client application.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2011-1889", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2011-0611", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Remote Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Adobe Flash Player contains a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content.", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2011-0611", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2010-3333", "vendorProject": "Microsoft", "product": "Office", "vulnerabilityName": "Microsoft Office Stack-based Buffer Overflow Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A stack-based buffer overflow vulnerability exists in the parsing of RTF data in Microsoft Office and earlier allows an attacker to perform remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-3333", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2010-0232", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Kernel Exception Handler Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The kernel in Microsoft Windows, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-0232", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2010-0188", "vendorProject": "Adobe", "product": "Reader and Acrobat", "vulnerabilityName": "Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Unspecified vulnerability in Adobe Reader and Acrobat allows attackers to cause a denial of service or possibly execute arbitrary code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-0188", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2009-3129", "vendorProject": "Microsoft", "product": "Excel", "vulnerabilityName": "Microsoft Excel Featheader Record Memory Corruption Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2009-3129", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2009-1123", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Improper Input Validation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "The kernel in Microsoft Windows does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2009-1123", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2008-3431", "vendorProject": "Oracle", "product": "VirtualBox", "vulnerabilityName": "Oracle VirtualBox Insufficient Input Validation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2008-3431", "cwes": [ "CWE-264" ] }, { "cveID": "CVE-2008-2992", "vendorProject": "Adobe", "product": "Acrobat and Reader", "vulnerabilityName": "Adobe Reader and Acrobat Input Validation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "Adobe Acrobat and Reader contain an input validation issue in a JavaScript method that could potentially lead to remote code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2008-2992", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2004-0210", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2004-0210", "cwes": [ "CWE-120" ] }, { "cveID": "CVE-2002-0367", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", "dateAdded": "2022-03-03", "shortDescription": "smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2002-0367", "cwes": [] }, { "cveID": "CVE-2022-24682", "vendorProject": "Zimbra", "product": "Webmail", "vulnerabilityName": "Zimbra Webmail Cross-Site Scripting Vulnerability", "dateAdded": "2022-02-25", "shortDescription": "Zimbra webmail clients running versions 8.8.15 P29 & P30 contain a XSS vulnerability that would allow attackers to steal session cookie files.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-11", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-24682", "cwes": [ "CWE-79", "CWE-116" ] }, { "cveID": "CVE-2017-8570", "vendorProject": "Microsoft", "product": "Office", "vulnerabilityName": "Microsoft Office Remote Code Execution Vulnerability", "dateAdded": "2022-02-25", "shortDescription": "A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-08-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-8570", "cwes": [] }, { "cveID": "CVE-2017-0222", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Remote Code Execution Vulnerability", "dateAdded": "2022-02-25", "shortDescription": "A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-08-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-0222", "cwes": [ "CWE-119" ] }, { "cveID": "CVE-2014-6352", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows Code Injection Vulnerability", "dateAdded": "2022-02-25", "shortDescription": "Microsoft Windows allow remote attackers to execute arbitrary code via a crafted OLE object.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-08-25", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-6352", "cwes": [ "CWE-94" ] }, { "cveID": "CVE-2022-23131", "vendorProject": "Zabbix", "product": "Frontend", "vulnerabilityName": "Zabbix Frontend Authentication Bypass Vulnerability", "dateAdded": "2022-02-22", "shortDescription": "Unsafe client-side session storage leading to authentication bypass\/instance takeover via Zabbix Frontend with configured SAML.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-23131", "cwes": [ "CWE-290" ] }, { "cveID": "CVE-2022-23134", "vendorProject": "Zabbix", "product": "Frontend", "vulnerabilityName": "Zabbix Frontend Improper Access Control Vulnerability", "dateAdded": "2022-02-22", "shortDescription": "Malicious actors can pass step checks and potentially change the configuration of Zabbix Frontend.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-08", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-23134", "cwes": [ "CWE-284" ] }, { "cveID": "CVE-2022-24086", "vendorProject": "Adobe", "product": "Commerce and Magento Open Source", "vulnerabilityName": "Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability", "dateAdded": "2022-02-15", "shortDescription": "Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-24086", "cwes": [ "CWE-20" ] }, { "cveID": "CVE-2022-0609", "vendorProject": "Google", "product": "Chromium Animation", "vulnerabilityName": "Google Chromium Animation Use-After-Free Vulnerability", "dateAdded": "2022-02-15", "shortDescription": "Google Chromium Animation contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-03-01", "knownRansomwareCampaignUse": "Unknown", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-0609", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2019-0752", "vendorProject": "Microsoft", "product": "Internet Explorer", "vulnerabilityName": "Microsoft Internet Explorer Type Confusion Vulnerability", "dateAdded": "2022-02-15", "shortDescription": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-08-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-0752", "cwes": [ "CWE-843" ] }, { "cveID": "CVE-2018-8174", "vendorProject": "Microsoft", "product": "Windows", "vulnerabilityName": "Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability", "dateAdded": "2022-02-15", "shortDescription": "A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka \"Windows VBScript Engine Remote Code Execution\"", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-08-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-8174", "cwes": [ "CWE-787" ] }, { "cveID": "CVE-2018-20250", "vendorProject": "RARLAB", "product": "WinRAR", "vulnerabilityName": "WinRAR Absolute Path Traversal Vulnerability", "dateAdded": "2022-02-15", "shortDescription": "WinRAR Absolute Path Traversal vulnerability leads to Remote Code Execution", "requiredAction": "Apply updates per vendor instructions.", "dueDate": "2022-08-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-20250", "cwes": [ "CWE-36" ] }, { "cveID": "CVE-2018-15982", "vendorProject": "Adobe", "product": "Flash Player", "vulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", "dateAdded": "2022-02-15", "shortDescription": "Adobe Flash Player com.adobe.tvsdk.mediacore.metadata Use After Free Vulnerability", "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "dueDate": "2022-08-15", "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-15982", "cwes": [ "CWE-416" ] }, { "cveID": "CVE-2017-9841", "vendorProject": "PHPUnit", "product": "PHPUnit", "vulnerabilityName": "PHPUnit Command Injection Vulnerability", "dateAdded": "2022-02-15", "shortDescription": "PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a \"