From 33072298d461ff948787b567c713f277b8e1cfd4 Mon Sep 17 00:00:00 2001 From: m-1-k-3 Date: Sun, 19 Mar 2023 00:25:24 +0000 Subject: [PATCH] Update CISA known exploited vulnerability database --- config/known_exploited_vulnerabilities.csv | 1790 ++++++++++---------- 1 file changed, 897 insertions(+), 893 deletions(-) diff --git a/config/known_exploited_vulnerabilities.csv b/config/known_exploited_vulnerabilities.csv index 6b9c33b0f..757621e8b 100644 --- a/config/known_exploited_vulnerabilities.csv +++ b/config/known_exploited_vulnerabilities.csv @@ -1,893 +1,897 @@ -cveID,vendorProject,product,vulnerabilityName,dateAdded,shortDescription,requiredAction,dueDate,notes -CVE-2021-27104,Accellion,FTA,Accellion FTA OS Command Injection Vulnerability,11/3/2021,Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-27102,Accellion,FTA,Accellion FTA OS Command Injection Vulnerability,11/3/2021,Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-27101,Accellion,FTA,Accellion FTA SQL Injection Vulnerability,11/3/2021,Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-27103,Accellion,FTA,Accellion FTA SSRF Vulnerability,11/3/2021,Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-21017,Adobe,Acrobat and Reader,Adobe Acrobat and Reader Heap-based Buffer Overflow Vulnerability,11/3/2021,"Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Apply updates per vendor instructions.,11/17/2021, -CVE-2021-28550,Adobe,Acrobat and Reader,Adobe Acrobat and Reader Use-After-Free Vulnerability,11/3/2021,"Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Apply updates per vendor instructions.,11/17/2021, -CVE-2018-4939,Adobe,ColdFusion,Adobe ColdFusion Deserialization of Untrusted Data vulnerability,11/3/2021,"Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability. Successful exploitation could lead to arbitrary code execution.",Apply updates per vendor instructions.,5/3/2022, -CVE-2018-15961,Adobe,ColdFusion,Adobe ColdFusion Remote Code Execution,11/3/2021,"Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.",Apply updates per vendor instructions.,5/3/2022, -CVE-2018-4878,Adobe,Flash Player,Adobe Flash Player Use-After-Free Vulnerability,11/3/2021,A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.,The impacted product is end-of-life and should be disconnected if still in use.,5/3/2022, -CVE-2020-5735,Amcrest,Cameras and Network Video Recorder (NVR),Amcrest Camera and NVR Buffer Overflow Vulnerability,11/3/2021,Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.,Apply updates per vendor instructions.,5/3/2022, -CVE-2019-2215,Android,Android OS,"Android ""AbstractEmu"" Root Access Vulnerabilities",11/3/2021,,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-0041,Android,Android OS,"Android ""AbstractEmu"" Root Access Vulnerabilities",11/3/2021,,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-0069,Android,Android OS,"Android ""AbstractEmu"" Root Access Vulnerabilities",11/3/2021,,Apply updates per vendor instructions.,5/3/2022, -CVE-2017-9805,Apache,Struts,Apache Struts Multiple Versions Remote Code Execution Vulnerability,11/3/2021,The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 contains a vulnerability which can lead to Remote Code Execution.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-42013,Apache,HTTP Server,Apache HTTP Server 2.4.49 and 2.4.50 Path Traversal,11/3/2021,Apache HTTP server vulnerabilities allow an attacker to use a path traversal attack to map URLs to files outside the expected document root and perform Remote Code Execution.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-41773,Apache,HTTP Server,Apache HTTP Server Path Traversal Vulnerability,11/3/2021,"A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration ""require all denied"", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.",Apply updates per vendor instructions.,11/17/2021, -CVE-2019-0211,Apache,HTTP Server,Apache HTTP Server scoreboard vulnerability,11/3/2021,"In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.",Apply updates per vendor instructions.,5/3/2022, -CVE-2016-4437,Apache,Shiro,Apache Shiro 1.2.4 Cookie RememberME Deserial Remote Code Execution Vulnerability,11/3/2021,"Apache Shiro before 1.2.5, when a cipher key has not been configured for the ""remember me"" feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter.",Apply updates per vendor instructions.,5/3/2022, -CVE-2019-17558,Apache,Solr,Apache Solr 5.0.0-8.3.1 Remote Code Execution Vulnerability,11/3/2021,"Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/` directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled` by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user).",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-17530,Apache,Struts,Apache Struts Forced OGNL Double Evaluation Remote Code Execution,11/3/2021,"Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.",Apply updates per vendor instructions.,5/3/2022, -CVE-2017-5638,Apache,Struts,Apache Struts Jakarta Multipart parser exception handling vulnerability,11/3/2021,"The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.",Apply updates per vendor instructions.,5/3/2022, -CVE-2018-11776,Apache,Struts,Apache Struts 2.3 to 2.3.34 and 2.5 to 2.5.16 Remote Code Execution Vulnerability,11/3/2021,Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 contain a vulnerability which can allow for remote code execution.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-30858,Apple,iOS and iPadOS,Apple Apple iOS and iPadOS Use-After-Free Vulnerability,11/3/2021,Apple iOS and iPadOS Arbitrary Code Execution,Apply updates per vendor instructions.,11/17/2021, -CVE-2019-6223,Apple,FaceTime,Apple FaceTime Vulnerability,11/3/2021,"A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. The initiator of a Group FaceTime call may be able to cause the recipient to answer.",Apply updates per vendor instructions.,5/3/2022, -CVE-2021-30860,Apple,iOS,"Apple iOS ""FORCEDENTRY"" Remote Code Execution Vulnerability",11/3/2021,An integer overflow was addressed with improved input validation vulnerability affecting iOS devices that allows for remote code execution.,Apply updates per vendor instructions.,11/17/2021, -CVE-2020-27930,Apple,iOS and macOS,Apple iOS and macOS FontParser Remote Code Execution Vulnerability,11/3/2021,A memory corruption issue was addressed with improved input validation. Processing a maliciously crafted font may lead to arbitrary code execution.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-30807,Apple,iOS and macOS,Apple iOS and macOS Memory Corruption Vulnerability,11/3/2021,,Apply updates per vendor instructions.,11/17/2021, -CVE-2020-27950,Apple,iOS and macOS,Apple iOS and macOS Kernel Memory Initialization Vulnerability,11/3/2021,A malicious application may be able to disclose kernel memory.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-27932,Apple,iOS and macOS,Apple iOS and macOS Kernel Type Confusion Vulnerability,11/3/2021,A malicious application may be able to execute arbitrary code with kernel privileges.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-9818,Apple,iOS Mail,Apple iOS Mail OOB Vulnerability,11/3/2021,Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-9819,Apple,iOS Mail,Apple iOS Mail Heap Overflow Vulnerability,11/3/2021,Processing a maliciously crafted mail message may lead to heap corruption.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-30762,Apple,iOS,Apple WebKit Browser Engine Use-After-Free Vulnerability,11/3/2021,Use after free issue. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-1782,Apple,iOS,Apple iOS Privilege Escalation and Code Execution Chain,11/3/2021,A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-1870,Apple,iOS,Apple iOS Privilege Escalation and Code Execution Chain,11/3/2021,A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-1871,Apple,iOS,Apple iOS Privilege Escalation and Code Execution Chain,11/3/2021,A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-1879,Apple,iOS,Apple iOS Webkit Browser Engine XSS,11/3/2021,Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been actively exploited.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-30661,Apple,iOS,Apple iOS Webkit Storage Use-After-Free Remote Code Execution Vulnerability,11/3/2021,Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-30666,Apple,iOS,Apple iOS12.x Buffer Overflow,11/3/2021,Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-30713,Apple,macOS,Apple macOS Input Validation Error,11/3/2021,A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-30657,Apple,macOS,Apple macOS Policy Subsystem Gatekeeper Bypass,11/3/2021,A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-30665,Apple,Safari,Apple Safari Webkit Browser Engine Buffer Overflow Vulnerability,11/3/2021,Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-30663,Apple,Safari,Apple Safari Webkit Browser Engine Integer Overflow Vulnerability,11/3/2021,Integer overflow. Processing maliciously crafted web content may lead to arbitrary code execution.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-30761,Apple,iOS,Apple WebKit Browser Engine Memory Corruption Vulnerability,11/3/2021,Memory corruption issue. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-30869,Apple,"iOS, macOS, and iPadOS",Apple XNU Kernel Type Confusion,11/3/2021,Apple XNU kernel contains a type confusion vulnerability which allows a malicious application to execute arbitrary code with kernel privileges.,Apply updates per vendor instructions.,11/17/2021, -CVE-2020-9859,Apple,iOS and iPadOS,Apple 11-13.5 XNU Kernel Vulnerability,11/3/2021,A memory consumption issue was addressed with improved memory handling. An application may be able to execute arbitrary code with kernel privileges.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-20090,Arcadyan,Buffalo WSR-2533DHPL2 and WSR-2533DHP3 firmware,Arcadyan Buffalo Firmware Multiple Versions Path Traversal,11/3/2021,A path traversal vulnerability in Arcadyan firmware could allow unauthenticated remote attackers to bypass authentication. It impacts many routers.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-27562,Arm,Arm Trusted Firmware,Arm Trusted Firmware M through 1.2 Denial-of-Service,11/3/2021,"In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode. This vulnerability has known active exploitation against Yealink Device Management servers. It is assessed this product utilizes the affected Arm firmware.",Apply updates per vendor instructions.,11/17/2021, -CVE-2021-28664,Arm,Mali Graphics Processing Unit (GPU),Arm Mali GPU Kernel Boundary Error Vulnerability,11/3/2021,"The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r8p0 through r30p0.",Apply updates per vendor instructions.,11/17/2021, -CVE-2021-28663,Arm,Mali Graphics Processing Unit (GPU),Arm Mali GPU Kernel Use-After-Free Vulnerability,11/3/2021,"The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0.",Apply updates per vendor instructions.,11/17/2021, -CVE-2019-3398,Atlassian,Confluence,Atlassian Confluence Path Traversal Vulnerability,11/3/2021,"Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability.",Apply updates per vendor instructions.,5/3/2022, -CVE-2021-26084,Atlassian,Confluence Server,"Atlassian Confluence Server < 6.13.23, 6.14.0 - 7.12.5 Arbitrary Code Execution",11/3/2021,"Atlassian Confluence Server The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5 contains an OGNL injection vulnerability which allows an attacker to execute arbitrary code.",Apply updates per vendor instructions.,11/17/2021, -CVE-2019-11580,Atlassian,Crowd and Crowd Data Center,Atlassian Crowd and Crowd Data Center Remote Code Execution Vulnerability,11/3/2021,"Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code execution on systems running a vulnerable version of Crowd or Crowd Data Center. All versions of Crowd from version 2.1.0 before 3.0.5, from version 3.1.0 before 3.1.6, from version 3.2.0 before 3.2.8, from version 3.3.0 before 3.3.5, and from version 3.4.0 before 3.4.4 are affected by this vulnerability.",Apply updates per vendor instructions.,5/3/2022, -CVE-2019-3396,Atlassian,Atlassian Confluence Server,Remote code execution via Widget Connector macro Vulnerability,11/3/2021,Allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-42258,BQE,BillQuick Web Suite,BQE BillQuick Web Suite Versions Prior to 22.0.9.1 (from 2018 through 2021) Remote Code Execution Vulnerability,11/3/2021,"BQE BillQuick Web Suite 2018 through 2021 prior to 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in the wild in October 2021 for ransomware installation.",Apply updates per vendor instructions.,11/17/2021, -CVE-2020-3452,Cisco,Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD),Cisco Adaptive Security Appliance and Cisco Fire Power Threat Defense directory traversal sensitive file read,11/3/2021,"A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-3580,Cisco,Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD),Cisco ASA and FTD XSS Vulnerabilities,11/3/2021,"Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations.",Apply updates per vendor instructions.,5/3/2022, -CVE-2021-1497,Cisco,HyperFlex HX,Cisco HyperFlex HX Command Injection Vulnerabilities,11/3/2021,"Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.",Apply updates per vendor instructions.,11/17/2021, -CVE-2021-1498,Cisco,HyperFlex HX,Cisco HyperFlex HX Command Injection Vulnerabilities,11/3/2021,"Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.",Apply updates per vendor instructions.,11/17/2021, -CVE-2018-0171,Cisco,IOS and IOS XE,Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability,11/3/2021,"A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-3118,Cisco,IOS XR,Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability,11/3/2021,"A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-3566,Cisco,IOS XR,Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability,11/3/2021,"A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-3569,Cisco,IOS XR,Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability,11/3/2021,"Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-3161,Cisco,IP Phones,Cisco IP Phones Web Server DoS and Remote Code Execution Vulnerability,11/3/2021,"A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition.",Apply updates per vendor instructions.,5/3/2022, -CVE-2019-1653,Cisco,RV320 and RV325 Routers,Cisco RV320 and RV325 Routers Improper Access Control Vulnerability (COVID-19-CTI list),11/3/2021,"A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information.",Apply updates per vendor instructions.,5/3/2022, -CVE-2018-0296,Cisco,Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD),Cisco Adaptive Security Appliance Firepower Threat Defense Denial-of-Service/Directory Traversal vulnerability,11/3/2021,"A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.",Apply updates per vendor instructions.,5/3/2022, -CVE-2019-13608,Citrix,StoreFront Server,Citrix StoreFront Server Multiple Versions XML External Entity (XXE),11/3/2021,Citrix StoreFront Server contains a XXE processing vulnerability that could allow an unauthenticated attacker to retrieve potentially sensitive information.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-8193,Citrix,"Application Delivery Controller (ADC), Gateway, and SDWAN WANOP","Citrix ADC, Citrix Gateway, Citrix SDWAN WANOP Unauthenticated Authorization Bypass",11/3/2021,"Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-8195,Citrix,"Application Delivery Controller (ADC), Gateway, and SDWAN WANOP","Citrix ADC, Citrix Gateway, Citrix SDWAN WANOP Unauthenticated Authorization Bypass",11/3/2021,"Application Delivery Controller (ADC), Gateway, and SDWAN WANOP",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-8196,Citrix,"Application Delivery Controller (ADC), Gateway, and SDWAN WANOP","Citrix ADC, Citrix Gateway, Citrix SDWAN WANOP Unauthenticated Authorization Bypass",11/3/2021,"Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.",Apply updates per vendor instructions.,5/3/2022, -CVE-2019-19781,Citrix,Application Delivery Controller (ADC) and Gateway,Citrix Application Delivery Controller and Citrix Gateway Vulnerability,11/3/2021,"Issue in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 allowing Directory Traversal.",Apply updates per vendor instructions.,5/3/2022, -CVE-2019-11634,Citrix,Workspace (for Windows),Citrix Workspace (for Windows) Prior to 1904 Improper Access Control,11/3/2021,Citrix Workspace app and Receiver for Windows prior to version 1904 contains an incorrect access control vulnerability which allows for code execution.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-29557,D-Link,DIR-825 R1,D-Link DIR-825 R1 Through 3.0.1 Before 11/2020 Buffer Overflow,11/3/2021,D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20 contain a vulnerability in the web interface allowing for remote code execution.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-25506,D-Link,DNS-320,D-Link DNS-320 Command Injection Remote Code Execution Vulnerability,11/3/2021,"D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code execution.",Apply updates per vendor instructions.,5/3/2022, -CVE-2018-15811,DNN,DotNetNuke (DNN),DotNetNuke 9.2-9.2.2 Encryption Algorithm Vulnerability,11/3/2021,DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.,Apply updates per vendor instructions.,5/3/2022, -CVE-2018-18325,DNN,DotNetNuke (DNN),DotNetNuke 9.2-9.2.2 Encryption Algorithm Vulnerability,11/3/2021,DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811.,Apply updates per vendor instructions.,5/3/2022, -CVE-2017-9822,DNN,DotNetNuke (DNN),DotNetNuke before 9.1.1 Remote Code Execution Vulnerability,11/3/2021,"DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka ""2017-08 (Critical) Possible remote code execution on DNN sites.""",Apply updates per vendor instructions.,5/3/2022, -CVE-2019-15752,Docker,Desktop Community Edition,Docker Desktop Community Edition Privilege Escalation Vulnerability,11/3/2021,"Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restart Docker, or run 'docker login' to force the command.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-8515,DrayTek,Vigor Router(s),DrayTek Vigor Router Vulnerability,11/3/2021,"DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI.",Apply updates per vendor instructions.,5/3/2022, -CVE-2018-7600,Drupal,Drupal,Drupal module configuration vulnerability,11/3/2021,"Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.",Apply updates per vendor instructions.,5/3/2022, -CVE-2021-22205,ExifTool,ExifTool,GitLab Community and Enterprise Editions From 11.9 Remote Code Execution Vulnerability,11/3/2021,Anyone with the ability to upload an image that goes through the GitLab Workhorse could achieve Remote Code Execution via a specially crafted file.,Apply updates per vendor instructions.,11/17/2021, -CVE-2018-6789,Exim,Exim,Exim Buffer Overflow Vulnerability,11/3/2021,"Issue in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-8657,EyesOfNetwork,EyesOfNetwork,EyesOfNetwork 5.3 Insufficient Credential Protection,11/3/2021,"Issue in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded as EONAPI_KEY in include/api_functions.php for API version 2.4.2) by default for all installations, hence allowing an attacker to calculate/guess the admin access token.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-8655,EyesOfNetwork,EyesOfNetwork,EyesOfNetwork 5.3 Privilege Escalation Vulnerability,11/3/2021,"Issue in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user to run arbitrary commands as root via a crafted NSE script for nmap 7.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-5902,F5,BIG-IP,F5 BIG-IP Traffic Management User Interface Remote Code Execution Vulnerability,11/3/2021,"In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.",Apply updates per vendor instructions.,5/3/2022, -CVE-2021-22986,F5,BIG-IP,F5 iControl REST unauthenticated Remote Code Execution Vulnerability,11/3/2021,The iControl REST interface has an unauthenticated remote command execution vulnerability.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-35464,ForgeRock,Access Management server,ForgeRock Access Management Remote Code Execution Vulnerability,11/3/2021,"ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/* request to the server.",Apply updates per vendor instructions.,11/17/2021, -CVE-2019-5591,Fortinet,FortiOS,Fortinet FortiOS Default Configuration Vulnerability,11/3/2021,A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-12812,Fortinet,FortiOS,Fortinet FortiOS SSL VPN 2FA Authentication Vulnerability,11/3/2021,"An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.",Apply updates per vendor instructions.,5/3/2022, -CVE-2018-13379,Fortinet,FortiOS,Fortinet FortiOS SSL VPN credential exposure vulnerability,11/3/2021,"An Improper Limitation of a Pathname to a Restricted Directory (""Path Traversal"") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-16010,Google,Chrome for Android,Google Chrome for Android Heap Overflow Vulnerability,11/3/2021,Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-15999,Google,Chrome,Google Chrome FreeType Memory Corruption,11/3/2021,Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-21166,Google,Chrome,Google Chrome Heap Buffer Overflow in WebAudio Vulnerability,11/3/2021,Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,Apply updates per vendor instructions.,11/17/2021, -CVE-2020-16017,Google,Chrome,Google Chrome Site Isolation Component Use-After-Free Remote Code Execution vulnerability,11/3/2021,Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-37976,Google,Chrome,Google Chrome Information Leakage,11/3/2021,Information disclosure in Google Chrome that exists due to excessive data output in core.,Apply updates per vendor instructions.,11/17/2021, -CVE-2020-16009,Google,Chromium V8 Engine,Chromium V8 Implementation Vulnerability,11/3/2021,Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-30632,Google,Chrome,Google Chrome Out-of-bounds write,11/3/2021,Google Chrome out-of-bounds write that allows to execute arbitrary code on the target system.,Apply updates per vendor instructions.,11/17/2021, -CVE-2020-16013,Google,Chromium V8 Engine,Chromium V8 Incorrect Implementation Vulnerabililty,11/3/2021,Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-30633,Google,Chrome,Google Chrome Use-After-Free Vulnerability,11/3/2021,Google Chrome Use-After-Free vulnerability,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-21148,Google,Chromium V8 Engine,Chromium V8 JavaScript Rendering Engine Heap Buffer Overflow Vulnerability,11/3/2021,Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-37973,Google,Chrome,Google Chrome Use-After-Free Vulnerability,11/3/2021,"Use-after-free weakness in Portals, Google's new web page navigation system for Chrome. Successful exploitation can let attackers to execute code.",Apply updates per vendor instructions.,11/17/2021, -CVE-2021-30551,Google,Chromium V8 Engine,Chromium V8 Type Confusion Vulnerability,11/3/2021,Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-37975,Google,Chrome,Google Chrome Use-After-Free Vulnerability,11/3/2021,Google Chrome use-after-free error within the V8 browser engine.,Apply updates per vendor instructions.,11/17/2021, -CVE-2020-6418,Google,Chromium V8 Engine,Chromium V8 Type Confusion Vulnerability,11/3/2021,Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-30554,Google,Chrome,Google Chrome WebGL Use-After-Free Vulnerability,11/3/2021,Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-21206,Google,Chromium Blink,Chromium Blink Use-After-Free Vulnerability,11/3/2021,Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-38000,Google,Chromium V8 Engine,Google Chromium V8 Insufficient Input Validation Vulnerability,11/3/2021,,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-38003,Google,Chromium V8 Engine,Google Chromium V8 Incorrect Implementation Vulnerability,11/3/2021,,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-21224,Google,Chromium V8 Engine,Chromium V8 JavaScript Engine Remote Code Execution Vulnerability,11/3/2021,Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-21193,Google,Chromium V8 Engine,Chromium V8 Use-After-Free Vulnerability,11/3/2021,Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-21220,Google,Chromium V8 Engine,Chromium V8 Input Validation Vulnerability,11/3/2021,Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-30563,Google,Chrome,Google Chrome Browser V8 Arbitrary Code Execution,11/3/2021,Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,Apply updates per vendor instructions.,11/17/2021, -CVE-2020-4430,IBM,IBM Data Risk Manager,IBM Data Risk Manager Arbritary File Download,11/3/2021,"IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to download arbitrary files from the system. IBM X-Force ID: 180535.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-4427,IBM,IBM Data Risk Manager,IBM Data Risk Manager Authentication Bypass,11/3/2021,"IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system. IBM X-Force ID: 180532.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-4428,IBM,IBM Data Risk Manager,IBM Data Risk Manager Command Injection,11/3/2021,"IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system. IBM X-Force ID: 180533.",Apply updates per vendor instructions.,5/3/2022, -CVE-2019-4716,IBM,IBM Planning Analytics,IBM Planning Analytics configuration overwrite vulnerability,11/3/2021,"IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as ""admin"", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.",Apply updates per vendor instructions.,5/3/2022, -CVE-2016-3715,ImageMagick,ImageMagick,ImageMagick Ephemeral Coder Arbitrary File Deletion Vulnerability,11/3/2021,The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.,Apply updates per vendor instructions.,5/3/2022, -CVE-2016-3718,ImageMagick,ImageMagick,ImageMagick SSRF Vulnerability,11/3/2021,The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-15505,Ivanti,MobileIron Core & Connector,"MobileIron Core, Connector, Sentry, and RDM Remote Code Execution Vulnerability",11/3/2021,A remote code execution vulnerability that allows remote attackers to execute arbitrary code via unspecified vectors.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-30116,Kaseya,Kaseya VSA,Kaseya VSA Remote Code Execution Vulnerability,11/3/2021,"Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021.",Apply updates per vendor instructions.,11/17/2021, -CVE-2020-7961,LifeRay,Liferay Portal,Liferay Portal prior to 7.2.1 CE GA2 Remote Code Execution Vulnerability,11/3/2021,Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS).,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-23874,McAfee,McAfee Total Protection (MTP),McAfee Total Protection MTP Arbitrary Process Execution,11/3/2021,Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and execute arbitrary code bypassing MTP self-defense.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-22506,Micro Focus,Micro Focus Access Manager,Micro Focus Access Manager Earlier Than 5.0 Information Leakage,11/3/2021,Micro Focus Access Manager versions prior to 5.0 contain a vulnerability which allows for information leakage.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-22502,Micro Focus,Micro Focus Operation Bridge Reporter (OBR),Micro Focus Operation Bridge Report (OBR) Server Remote Code Execution Vulnerability,11/3/2021,"Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The vulnerability could be exploited to allow Remote Code Execution on the OBR server.",Apply updates per vendor instructions.,11/17/2021, -CVE-2014-1812,Microsoft,Windows,Microsoft Windows Group Policy Privilege Escalation,11/3/2021,"Allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share, as exploited in the wild in May 2014, aka ""Group Policy Preferences Password Elevation of Privilege Vulnerability.""",Apply updates per vendor instructions.,5/3/2022, -CVE-2021-38647,Microsoft,Microsoft Azure Open Management Infrastructure (OMI),Microsoft Azure Open Management Infrastructure (OMI) Remote Code Execution Vulnerability,11/3/2021,Azure Open Management Infrastructure Remote Code Execution Vulnerability,Apply updates per vendor instructions.,11/17/2021, -CVE-2016-0167,Microsoft,Windows,Microsoft Windows Kernel 'Win32k.sys' Local Privilege Escalation Vulnerability,11/3/2021,"The kernel-mode driver allows local users to gain privileges via a crafted application, aka ""Win32k Elevation of Privilege Vulnerability,"" a different vulnerability than CVE-2016-0143 and CVE-2016-0165.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-0878,Microsoft,"Microsoft Edge, Internet Explorer",Microsoft Browser Memory Corruption Vulnerability,11/3/2021,A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-31955,Microsoft,Windows,Microsoft Windows Kernel Information Disclosure Vulnerability,11/3/2021,Windows Kernel Information Disclosure Vulnerability,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-1647,Microsoft,Microsoft Defender,Microsoft Defender Remote Code Execution Vulnerability,11/3/2021,Microsoft Defender Remote Code Execution Vulnerability,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-33739,Microsoft,Microsoft Desktop Window Manager (DWM),Microsoft DWM Core Library Privilege Escalation Vulnerability,11/3/2021,Microsoft Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability,Apply updates per vendor instructions.,11/17/2021, -CVE-2016-0185,Microsoft,Windows,Microsoft Windows Media Center Remote Code Execution vulnerability,11/3/2021,"Media Center allows remote attackers to execute arbitrary code via a crafted Media Center link (aka .mcl) file, aka ""Windows Media Center Remote Code Execution Vulnerability.""",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-0683,Microsoft,Windows,Microsoft Windows Installer Privilege Escalation Vulnerability,11/3/2021,"A privilege escalation vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-17087,Microsoft,Windows,Microsoft Windows Kernel Cryptography Driver Privilege Escalation Vulnerability,11/3/2021,Windows Kernel Local Privilege Escalation Vulnerability,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-33742,Microsoft,Microsoft MSHTML,Microsoft MSHTML Platform Remote Code Execution Vulnerability,11/3/2021,Microsoft MSHTML Remote Code Execution Vulnerability,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-31199,Microsoft,Microsoft Enhanced Cryptographic Provider,Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerabilities,11/3/2021,Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability. This CVE ID is unique from CVE-2021-31201.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-33771,Microsoft,Windows,Microsoft Windows Kernel Privilege Escalation Vulnerability,11/3/2021,"Windows Kernel Privilege Escalation Vulnerability. This CVE ID is unique from CVE-2021-31979, CVE-2021-34514.",Apply updates per vendor instructions.,11/17/2021, -CVE-2021-31956,Microsoft,Windows,Microsoft Windows NTFS Privilege Escalation Vulnerability,11/3/2021,Windows NTFS Privilege Escalation Vulnerability,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-31201,Microsoft,Microsoft Enhanced Cryptographic Provider,Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerabilities,11/3/2021,Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability. This CVE ID is unique from CVE-2021-31199.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-31979,Microsoft,Windows,Microsoft Windows Kernel Privilege Escalation Vulnerability,11/3/2021,"Windows Kernel Privilege Escalation Vulnerability. This CVE ID is unique from CVE-2021-33771, CVE-2021-34514.",Apply updates per vendor instructions.,11/17/2021, -CVE-2020-0938,Microsoft,"Windows, Windows Adobe Type Manager Library",Microsoft Windows Type 1 Font Parsing Remote Code Execution Vulnerability,11/3/2021,A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. This CVE ID is unique from CVE-2020-1020.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-17144,Microsoft,Microsoft Exchange Server,Microsoft Exchange Remote Code Execution Vulnerability,11/3/2021,"Microsoft Exchange Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17142.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-0986,Microsoft,Windows,Microsoft Windows Kernel Privilege Escalation Vulnerability,11/3/2021,"A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-1020,Microsoft,"Windows, Windows Adobe Type Manager Library",Microsoft Windows Type 1 Font Parsing Remote Code Execution Vulnerability,11/3/2021,A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. This CVE ID is unique from CVE-2020-0938.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-38645,Microsoft,Microsoft Azure Open Management Infrastructure (OMI),Microsoft Azure Open Management Infrastructure (OMI) Privilege Escalation Vulnerability,11/3/2021,Open Management Infrastructure Privilege Escalation Vulnerability,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-34523,Microsoft,Microsoft Exchange Server,Microsoft Exchange Server Privilege Escalation Vulnerability,11/3/2021,"Microsoft Exchange Server Privilege Escalation Vulnerability. This CVE ID is unique from CVE-2021-33768, CVE-2021-34470.",Apply updates per vendor instructions.,11/17/2021, -CVE-2017-7269,Microsoft,Internet Information Services (IIS),Microsft Windows Server 2003 R2 IIS WEBDAV buffer overflow Remote Code Execution vulnerability (COVID-19-CTI list),11/3/2021,"Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with ""If: administrator<*1*>123456 request.",Apply updates per vendor instructions.,5/3/2022, -CVE-2017-6327,Symantec,Symantec Messaging Gateway,Symantec Messaging Gateway Remote Code Execution Vulnerability,11/3/2021,The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution.,Apply updates per vendor instructions.,5/3/2022, -CVE-2019-18988,TeamViewer,TeamViewer Desktop,TeamViewer Desktop Bypass Remote Login,11/3/2021,Allows a bypass of remote-login access control because the same key is used for different customers' installations.,Apply updates per vendor instructions.,5/3/2022, -CVE-2017-9248,Telerik,ASP.NET AJAX and Sitefinity,Telerik UI for ASP.NET AJAX and Progress Sitefinity Cryptographic Weakness Vuln,11/3/2021,Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-31755,Tenda,Tenda AC11 devices,Tenda AC11 Up to 02.03.01.104_CN Stack Buffer Overflow,11/3/2021,Tenda AC11 devices with firmware through 02.03.01.104_CN contain a stack buffer overflow vulnerability in /goform/setmac which allows for arbitrary execution.,Apply updates per vendor instructions.,11/17/2021, -CVE-2020-10987,Tenda,Tenda AC15 AC1900,Tenda Router Code Execution,11/3/2021,The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.,Apply updates per vendor instructions.,5/3/2022, -CVE-2018-14558,Tenda,"Tenda AC7, AC9, and AC10 devices",Tenda Router Command Injection Vulnerability,11/3/2021,"Issue on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the ""formsetUsbUnload"" function executes a dosystemCmd function with untrusted input.",Apply updates per vendor instructions.,5/3/2022, -CVE-2018-20062,ThinkPHP,NoneCms,ThinkPHP Remote Code Execution Vulnerability,11/3/2021,"Issue in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted use of the filter parameter, as demonstrated by the s=index/\think\Request/input&filter=phpinfo&data=1 query string.",Apply updates per vendor instructions.,5/3/2022, -CVE-2019-9082,ThinkPHP,ThinkPHP,ThinkPHP Remote Code Execution Vulnerability,11/3/2021,"ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command.",Apply updates per vendor instructions.,5/3/2022, -CVE-2019-18187,Trend Micro,Trend Micro OfficeScan,Trend Micro Antivirus 0day Traversal Vulnerability,11/3/2021,"Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE).",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-8467,Trend Micro,Trend Micro Apex One and OfficeScan XG,Trend Micro Apex One (2019) and OfficeScan XG migration tool remote code execution vulnerability,11/3/2021,A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE).,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-8468,Trend Micro,"Trend Micro Apex One, OfficeScan XG and Worry-Free Business Security","Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agent content validation escape vulnerability",11/3/2021,Agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-24557,Trend Micro,Trend Micro Apex One and Worry-Free Business Security,Trend Micro Apex One and OfficeScan XG Improper Access Control Privilege Escalation Vulnerability,11/3/2021,"A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-8599,Trend Micro,Trend Micro Apex One and OfficeScan XG server,Trend Micro Apex One and OfficeScan XG Vulnerability,11/3/2021,Server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-36742,Trend Micro,Trend Micro Multiple Products,Trend Micro Systems Multiple Products Improper Input Validation Vulnerability,11/3/2021,"An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security allows a local attacker to escalate privileges.",Apply updates per vendor instructions.,11/17/2021,"https://success.trendmicro.com/dcx/s/solution/000287819?language=en_US, https://success.trendmicro.com/dcx/s/solution/000287820?language=en_US" -CVE-2021-36741,Trend Micro,Trend Micro Multiple Products,Trend Micro Systems Multiple Products Improper Input Validation Vulnerability,11/3/2021,"An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security allows for upload of arbitrary files.",Apply updates per vendor instructions.,11/17/2021,"https://success.trendmicro.com/dcx/s/solution/000287819?language=en_US, https://success.trendmicro.com/dcx/s/solution/000287820?language=en_US" -CVE-2019-20085,TVT,NVMS-1000,TVT NVMS-1000 Directory Traversal,11/3/2021,TVT NVMS-1000 devices allow GET /.. Directory Traversal,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-5849,Unraid,Unraid,Unraid 6.8.0 Authentication Bypass,11/3/2021,Unraid 6.8.0 allows authentication bypass.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-5847,Unraid,Unraid,Unraid 6.8.0 Remote Code Execution Vulnerability,11/3/2021,Unraid through 6.8.0 allows Remote Code Execution.,Apply updates per vendor instructions.,5/3/2022, -CVE-2019-16759,vBulletin,vBulletin,vBulletin PHP Module Remote Code Execution Vulnerability,11/3/2021,vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-17496,vBulletin,vBulletin,vBulletin PHP Module Remote Code Execution Vulnerability,11/3/2021,vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759.,Apply updates per vendor instructions.,5/3/2022, -CVE-2019-5544,VMware,"ESXi, Horizon DaaS Appliances",VMware ESXi/Horizon DaaS Appliances Heap-Overwrite Vulnerability,11/3/2021,OpenSLP as used in ESXi and the Horizon DaaS appliances have a heap overwrite issue. A malicious actor with network access to port 427 on an ESXi host or on any Horizon DaaS management appliance may be able to overwrite the heap of the OpenSLP service resulting in remote code execution.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-3992,VMware,ESXi,OpenSLP as used in VMware ESXi,11/3/2021,"OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-3950,VMware,"VMware Fusion, VMware Remote Console for Mac, and Horizon Client for Mac",VMware Privilege escalation vulnerability,11/3/2021,Privilege escalation vulnerability due to improper use of setuid binaries.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-22005,VMware,vCenter Server,VMware vCenter Server File Upload,11/3/2021,VMware vCenter Server file upload vulnerability in the VMware-analytics service that allows to execute code on vCenter Server.,Apply updates per vendor instructions.,11/17/2021, -CVE-2020-3952,VMware,vCenter Server,VMware vCenter Server Info Disclosure Vulnerability,11/3/2021,"Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls.",Apply updates per vendor instructions.,5/3/2022, -CVE-2021-21972,VMware,vCenter Server,VMware vCenter Server Remote Code Execution Vulnerability,11/3/2021,The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.,Apply updates per vendor instructions.,11/17/2021, -CVE-2021-21985,VMware,vCenter Server,VMware vCenter Server Remote Code Execution Vulnerability,11/3/2021,The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.,Apply updates per vendor instructions.,11/17/2021, -CVE-2020-4006,VMware,"VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector","VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector Command Injection vulnerability",11/3/2021,"VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.",Apply updates per vendor instructions.,5/3/2022, -CVE-2020-25213,WordPress,File Manager,WordPress File Manager Remote Code Execution Vulnerability,11/3/2021,The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-11738,WordPress,Snap Creek Duplicator,WordPress Snap Creek Duplicator and Duplicator Pro plugins Directory Traversal,11/3/2021,The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.,Apply updates per vendor instructions.,5/3/2022, -CVE-2019-9978,WordPress,Social-Warfare,WordPress Social-Warfare plugin XSS,11/3/2021,"The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.",Apply updates per vendor instructions.,5/3/2022, -CVE-2021-27561,Yealink,Device Management Platform,Yealink Device Management Server Pre-Authorization SSRF,11/3/2021,"Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication",Apply updates per vendor instructions.,11/17/2021, -CVE-2021-40539,Zoho,ManageEngine ADSelfServicePlus,Zoho Corp. ManageEngine ADSelfService Plus Version 6113 and Earlier Authentication Bypass,11/3/2021,Zoho ManageEngine ADSelfService Plus versions 6113 and earlier contain an authentication bypass vulnerability which allows for Remote Code Execution.,Apply updates per vendor instructions.,11/17/2021, -CVE-2020-10189,Zoho,ManageEngine Desktop Central,Zoho ManageEngine Desktop Central Remote Code Execution Vulnerability,11/3/2021,Zoho ManageEngine Desktop Central before 10.0.474 allows remote code execution because of deserialization of untrusted data in getChartImage in the FileStorage class. This is related to the CewolfServlet and MDMLogUploaderServlet servlets.,Apply updates per vendor instructions.,5/3/2022, -CVE-2019-8394,Zoho,ManageEngine ServiceDesk Plus (SDP),Zoho ManageEngine ServiceDesk Plus Arbitrary File Upload Vulnerability,11/3/2021,Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customization.,Apply updates per vendor instructions.,5/3/2022, -CVE-2020-29583,Zyxel,Unified Security Gateway (USG),Zyxel Unified Security Gateway Undocumented Administrator Account with Default Credentials,11/3/2021,Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password.,Apply updates per vendor instructions.,5/3/2022, -CVE-2021-22204,Perl,Exiftool,ExifTool Remote Code Execution Vulnerability,11/17/2021,Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image,Apply updates per vendor instructions.,12/1/2021, -CVE-2021-40449,Microsoft,Windows,Microsoft Windows Win32k Privilege Escalation Vulnerability,11/17/2021,Unspecified vulnerability allows for an authenticated user to escalate privileges.,Apply updates per vendor instructions.,12/1/2021, -CVE-2021-42321,Microsoft,Exchange,Microsoft Exchange Server Remote Code Execution Vulnerability,11/17/2021,An authenticated attacker could leverage improper validation in cmdlet arguments within Microsoft Exchange and perform remote code execution.,Apply updates per vendor instructions.,12/1/2021, -CVE-2021-42292,Microsoft,Office,Microsoft Excel Security Feature Bypass,11/17/2021,A security feature bypass vulnerability in Microsoft Excel would allow a local user to perform arbitrary code execution.,Apply updates per vendor instructions.,12/1/2021, -CVE-2020-11261,Qualcomm,"Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables",Qualcomm Multiple Chipsets Improper Input Validation Vulnerability,12/1/2021,"Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables",Apply updates per vendor instructions.,6/1/2022, -CVE-2018-14847,MikroTik,RouterOS,MikroTik Router OS Directory Traversal Vulnerability,12/1/2021,MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.,Apply updates per vendor instructions.,6/1/2022, -CVE-2021-37415,Zoho,ManageEngine ServiceDesk Plus (SDP),Zoho ManageEngine ServiceDesk Authentication Bypass Vulnerability,12/1/2021,Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication,Apply updates per vendor instructions.,12/15/2021, -CVE-2021-40438,Apache,Apache,Apache HTTP Server-Side Request Forgery (SSRF),12/1/2021,A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.,Apply updates per vendor instructions.,12/15/2021, -CVE-2021-44077,Zoho,ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus,Zoho ManageEngine ServiceDesk Plus Remote Code Execution Vulnerability,12/1/2021,"Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution",Apply updates per vendor instructions.,12/15/2021, -CVE-2021-44515,Zoho,Desktop Central,Zoho Desktop Central Authentication Bypass Vulnerability,12/10/2021,Zoho Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server.,Apply updates per vendor instructions.,12/24/2021, -CVE-2019-13272,Linux,Kernel,Linux Kernel Improper Privilege Management Vulnerability,12/10/2021,Kernel/ptrace.c in Linux kernel mishandles contains an improper privilege management vulnerability which allows local users to obtain root access.,Apply updates per vendor instructions.,6/10/2022, -CVE-2021-35394,Realtek,Jungle Software Development Kit (SDK),Realtek Jungle SDK Remote Code Execution Vulnerability,12/10/2021,RealTek Jungle SDK contains multiple memory corruption vulnerabilities which can allow an attacker to perform remote code execution.,Apply updates per vendor instructions.,12/24/2021, -CVE-2019-7238,Sonatype,Nexus Repository Manager,Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability,12/10/2021,Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for remote code execution.,Apply updates per vendor instructions.,6/10/2022, -CVE-2019-0193,Apache,Solr,Apache Solr DataImportHandler Code Injection Vulnerability,12/10/2021,The optional Apache Solr module DataImportHandler contains a code injection vulnerability.,Apply updates per vendor instructions.,6/10/2022, -CVE-2021-44168,Fortinet,FortiOS,Fortinet FortiOS Arbitrary File Download,12/10/2021,"Fortinet FortiOS ""execute restore src-vis"" downloads code without integrity checking, allowing an attacker to arbitrarily download files.",Apply updates per vendor instructions.,12/24/2021, -CVE-2017-17562,Embedthis,GoAhead,Embedthis GoAhead Remote Code Execution Vulnerability,12/10/2021,Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked.,Apply updates per vendor instructions.,6/10/2022, -CVE-2017-12149,Red Hat,JBoss Application Server,Red Hat JBoss Application Server Remote Code Execution Vulnerability,12/10/2021,"The JBoss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute arbitrary code via crafted serialized data.",Apply updates per vendor instructions.,6/10/2022, -CVE-2010-1871,Red Hat,JBoss Seam 2,Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability,12/10/2021,"JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can only be exploited when the Java Security Manager is not properly configured.",Apply updates per vendor instructions.,6/10/2022, -CVE-2020-17463,Fuel CMS,,Fuel CMS SQL Injection Vulnerability,12/10/2021,"FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.",Apply updates per vendor instructions.,6/10/2022, -CVE-2020-8816,Pi-hole,AdminLTE,Pi-Hole AdminLTE Remote Code Execution Vulnerability,12/10/2021,Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.,Apply updates per vendor instructions.,6/10/2022, -CVE-2019-10758,MongoDB,mongo-express,MongoDB mongo-express Remote Code Execution Vulnerability,12/10/2021,mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method.,Apply updates per vendor instructions.,6/10/2022, -CVE-2021-44228,Apache,Log4j2,Apache Log4j2 Remote Code Execution Vulnerability,12/10/2021,"Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.","For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.",12/24/2021, -CVE-2021-43890,Microsoft,Windows,Microsoft Windows AppX Installer Spoofing Vulnerability,12/15/2021,"Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability.",Apply updates per vendor instructions.,12/29/2021, -CVE-2021-4102,Google,Chromium V8 Engine,Google Chromium V8 Use-After-Free Vulnerability,12/15/2021,Google Chromium V8 Engine contains a use-after-free vulnerability which can allow a remote attacker to execute arbitrary code on the target system.,Apply updates per vendor instructions.,12/29/2021, -CVE-2021-22017,VMware,vCenter Server,VMware vCenter Server Improper Access Control,1/10/2022,Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.,Apply updates per vendor instructions.,1/24/2022, -CVE-2021-36260,Hikvision,Security cameras web server,Hikvision Improper Input Validation,1/10/2022,A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.,Apply updates per vendor instructions.,1/24/2022, -CVE-2020-6572,Google,Chrome,Google Chrome Prior to 81.0.4044.92 Use-After-Free Vulnerability,1/10/2022,Use-after-free vulnerability in Media in Google Chrome prior to 81.0.4044.92 allowed a Remote attacker to execute arbitrary code via a crafted HTML page.,Apply updates per vendor instructions.,7/10/2022, -CVE-2019-1458,Microsoft,Win32k,Microsoft Win32k Privilege Escalation Vulnerability,1/10/2022,"A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP.",Apply updates per vendor instructions.,7/10/2022, -CVE-2013-3900,Microsoft,WinVerifyTrust function,Microsoft WinVerifyTrust function Remote Code Execution,1/10/2022,A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files.,Apply updates per vendor instructions.,7/10/2022, -CVE-2019-2725,Oracle,WebLogic Server,"Oracle WebLogic Server, Injection",1/10/2022,Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).,Apply updates per vendor instructions.,7/10/2022, -CVE-2019-9670,Synacor,Zimbra Collaboration (ZCS),Synacor Zimbra Collaboration (ZCS) Improper Restriction of XML External Entity Reference,1/10/2022,Improper Restriction of XML External Entity Reference vulnerability affecting Synacor Zimbra Collaboration (ZCS).,Apply updates per vendor instructions.,7/10/2022, -CVE-2018-13382,Fortinet,FortiOS and FortiProxy,Fortinet FortiOS and FortiProxy Improper Authorization,1/10/2022,An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.,Apply updates per vendor instructions.,7/10/2022, -CVE-2018-13383,Fortinet,FortiOS and FortiProxy,Fortinet FortiOS and FortiProxy Out-of-bounds Write,1/10/2022,A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users.,Apply updates per vendor instructions.,7/10/2022, -CVE-2019-1579,Palo Alto Networks,PAN-OS,Palo Alto Networks PAN-OS Remote Code Execution Vulnerability,1/10/2022,Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled.,Apply updates per vendor instructions.,7/10/2022, -CVE-2019-10149,Exim,Mail Transfer Agent (MTA),Exim Mail Transfer Agent (MTA) Improper Input Validation,1/10/2022,Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.,Apply updates per vendor instructions.,7/10/2022, -CVE-2015-7450,IBM,WebSphere Application Server and Server Hypervisor Edition,IBM WebSphere Application Server and Server Hypervisor Edition Code Injection.,1/10/2022,"Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands",Apply updates per vendor instructions.,7/10/2022, -CVE-2017-1000486,Primetek,Primefaces Application,Primetek Primefaces Remote Code Execution Vulnerability,1/10/2022,Primetek Primefaces is vulnerable to a weak encryption flaw resulting in remote code execution,Apply updates per vendor instructions.,7/10/2022, -CVE-2019-7609,Elastic,Kibana,Kibana Arbitrary Code Execution,1/10/2022,Kibana contain an arbitrary code execution flaw in the Timelion visualizer.,Apply updates per vendor instructions.,7/10/2022, -CVE-2021-27860,FatPipe,"WARP, IPVPN, and MPVPN software","FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit",1/10/2022,"A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesystem.",Apply updates per vendor instructions.,1/24/2022, -CVE-2021-32648,October CMS,October CMS,October CMS Improper Authentication,1/18/2022,In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request.,Apply updates per vendor instructions.,2/1/2022, -CVE-2021-25296,Nagios,Nagios XI,Nagios XI OS Command Injection,1/18/2022,Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.,Apply updates per vendor instructions.,2/1/2022, -CVE-2021-25297,Nagios,Nagios XI,Nagios XI OS Command Injection,1/18/2022,Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.,Apply updates per vendor instructions.,2/1/2022, -CVE-2021-25298,Nagios,Nagios XI,Nagios XI OS Command Injection,1/18/2022,Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.,Apply updates per vendor instructions.,2/1/2022, -CVE-2021-40870,Aviatrix,Aviatrix Controller,Aviatrix Controller Unrestricted Upload of File,1/18/2022,"Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.",Apply updates per vendor instructions.,2/1/2022, -CVE-2021-33766,Microsoft,Exchange Server,Microsoft Exchange Server Information Disclosure,1/18/2022,Microsoft Exchange Server contains an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target.,Apply updates per vendor instructions.,2/1/2022, -CVE-2021-21975,VMware,vRealize Operations Manager API,VMware Server Side Request Forgery in vRealize Operations Manager API,1/18/2022,Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perform a SSRF attack to steal administrative credentials.,Apply updates per vendor instructions.,2/1/2022, -CVE-2021-21315,Npm package,System Information Library for Node.JS,System Information Library for Node.JS Command Injection,1/18/2022,"In this vulnerability, an attacker can send a malicious payload that will exploit the name parameter. After successful exploitation, attackers can execute remote.",Apply updates per vendor instructions.,2/1/2022, -CVE-2021-22991,F5,BIG-IP Traffic Management Microkernel,F5 BIG-IP Traffic Management Microkernel Buffer Overflow,1/18/2022,"The Traffic Management Microkernel of BIG-IP ASM Risk Engine has a buffer overflow vulnerability, leading to a bypassing of URL-based access controls.",Apply updates per vendor instructions.,2/1/2022, -CVE-2020-14864,Oracle,Intelligence Enterprise Edition,Oracle Business Intelligence Enterprise Edition Path Transversal,1/18/2022,"Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.",Apply updates per vendor instructions.,7/18/2022, -CVE-2020-13671,Drupal,Drupal core,Drupal core Un-restricted Upload of File,1/18/2022,Improper sanitization in the extension file names is present in Drupal core.,Apply updates per vendor instructions.,7/18/2022, -CVE-2020-11978,Apache,Airflow,Apache Airflow Command Injection,1/18/2022,A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow.,Apply updates per vendor instructions.,7/18/2022, -CVE-2020-13927,Apache,Airflow's Experimental API,Apache Airflow's Experimental API Authentication Bypass,1/18/2022,The previous default setting for Airflow's Experimental API was to allow all API requests without authentication.,Apply updates per vendor instructions.,7/18/2022, -CVE-2006-1547,Apache,Struts 1,Apache Struts 1 ActionForm Denial-of-Service Vulnerability,1/21/2022,ActionForm in Apache Struts versions before 1.2.9 with BeanUtils 1.7 contains a vulnerability which allows for denial-of-service.,Apply updates per vendor instructions.,7/21/2022, -CVE-2012-0391,Apache,Struts 2,Apache Struts 2 Improper Input Validation Vulnerability,1/21/2022,The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability which allows for remote code execution.,Apply updates per vendor instructions.,7/21/2022, -CVE-2018-8453,Microsoft,Win32k,Microsoft Win32k Privilege Escalation Vulnerability,1/21/2022,Microsoft Windows Win32k contains a vulnerability which allows an attacker to escalate privileges.,Apply updates per vendor instructions.,7/21/2022, -CVE-2021-35247,SolarWinds,Serv-U,SolarWinds Serv-U Improper Input Validation Vulnerability,1/21/2022,SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability which allows attackers to build and send queries without sanitization.,Apply updates per vendor instructions.,2/4/2022, -CVE-2022-22587,Apple,iOS and macOS,Apple Memory Corruption Vulnerability,1/28/2022,Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute arbitrary code with kernel privileges.,Apply updates per vendor instructions.,2/11/2022, -CVE-2021-20038,SonicWall,SMA 100 Appliances,SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability,1/28/2022,SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.,Apply updates per vendor instructions.,2/11/2022, -CVE-2020-5722,Grandstream,UCM6200,Grandstream Networks UCM6200 Series SQL Injection Vulnerability,1/28/2022,Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root.,Apply updates per vendor instructions.,7/28/2022, -CVE-2020-0787,Microsoft,Windows,Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability,1/28/2022,Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrary code with system-level privileges.,Apply updates per vendor instructions.,7/28/2022, -CVE-2017-5689,Intel,"Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability","Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability",1/28/2022,Intel products contain a vulnerability which can allow attackers to perform privilege escalation.,Apply updates per vendor instructions.,7/28/2022, -CVE-2014-1776,Microsoft,Internet Explorer,Microsoft Internet Explorer Use-After-Free Vulnerability,1/28/2022,Microsoft Internet Explorer 6 - 11 contains a use-after-free vulnerability which can allow for arbitrary code execution or denial of service.,Apply updates per vendor instructions.,7/28/2022, -CVE-2014-6271,GNU,Bourne-Again Shell (Bash),GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability,1/28/2022,"GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.",Apply updates per vendor instructions.,7/28/2022, -CVE-2014-7169,GNU,Bourne-Again Shell (Bash),GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability,1/28/2022,"GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271.",Apply updates per vendor instructions.,7/28/2022, -CVE-2022-21882,Microsoft,Win32k,Microsoft Win32k Privilege Escalation Vulnerability,2/4/2022,Microsoft Win32k contains an unspecified vulnerability which allows for privilege escalation.,Apply updates per vendor instructions.,2/18/2022, -CVE-2021-36934,Microsoft,Windows,Microsoft Windows SAM Local Privilege Escalation Vulnerability,2/10/2022,"If a Volume Shadow Copy (VSS) shadow copy of the system drive is available, users can read the SAM file which would allow any user to escalate privileges to SYSTEM level.",Apply updates per vendor instructions.,2/24/2022, -CVE-2020-0796,Microsoft,SMBv3,Microsoft SMBv3 Remote Code Execution Vulnerability,2/10/2022,A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.,Apply updates per vendor instructions.,8/10/2022, -CVE-2018-1000861,Jenkins,Jenkins Stapler Web Framework,Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability,2/10/2022,A code execution vulnerability exists in the Stapler web framework used by Jenkins,Apply updates per vendor instructions.,8/10/2022, -CVE-2017-9791,Apache,Struts 1,Apache Struts 1 Improper Input Validation Vulnerability,2/10/2022,The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.,Apply updates per vendor instructions.,8/10/2022, -CVE-2017-8464,Microsoft,Windows,Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability,2/10/2022,Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary code via a crafted .LNK file,Apply updates per vendor instructions.,8/10/2022, -CVE-2017-10271,Oracle,WebLogic Server,Oracle Corporation WebLogic Server Remote Code Execution Vulnerability,2/10/2022,Oracle Corporation WebLogic Server contains a vulnerability that allows for remote code execution.,Apply updates per vendor instructions.,8/10/2022, -CVE-2017-0263,Microsoft,Win32k,Microsoft Win32k Privilege Escalation Vulnerability,2/10/2022,Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory.,Apply updates per vendor instructions.,8/10/2022, -CVE-2017-0262,Microsoft,Office,Microsoft Office Remote Code Execution Vulnerability,2/10/2022,A remote code execution vulnerability exists in Microsoft Office.,Apply updates per vendor instructions.,8/10/2022, -CVE-2017-0145,Microsoft,SMBv1,Microsoft SMBv1 Remote Code Execution Vulnerability,2/10/2022,The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.,Apply updates per vendor instructions.,8/10/2022, -CVE-2017-0144,Microsoft,SMBv1,Microsoft SMBv1 Remote Code Execution Vulnerability,2/10/2022,The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.,Apply updates per vendor instructions.,8/10/2022, -CVE-2016-3088,Apache,ActiveMQ,Apache ActiveMQ Improper Input Validation Vulnerability,2/10/2022,The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request,Apply updates per vendor instructions.,8/10/2022, -CVE-2015-2051,D-Link,DIR-645 Router,D-Link DIR-645 Router Remote Code Execution Vulnerability,2/10/2022,D-Link DIR-645 Wired/Wireless Router allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.,The impacted product is end-of-life and should be disconnected if still in use.,8/10/2022, -CVE-2015-1635,Microsoft,HTTP.sys,Microsoft HTTP.sys Remote Code Execution Vulnerability,2/10/2022,Microsoft HTTP protocol stack (HTTP.sys) contains a vulnerability which allows for remote code execution.,Apply updates per vendor instructions.,8/10/2022, -CVE-2015-1130,Apple,OS X,Apple OS X Authentication Bypass Vulnerability,2/10/2022,The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges.,Apply updates per vendor instructions.,8/10/2022, -CVE-2014-4404,Apple,OS X,Apple OS X Heap-Based Buffer Overflow Vulnerability,2/10/2022,"Heap-based buffer overflow in IOHIDFamily in Apple OS X, which affects, iOS before 8 and Apple TV before 7, allows attackers to execute arbitrary code in a privileged context.",Apply updates per vendor instructions.,8/10/2022, -CVE-2022-22620,Apple,Webkit,Apple Webkit Remote Code Execution Vulnerability,2/11/2022,"Apple Webkit, which impacts iOS, iPadOS, and macOS, contains a vulnerability which allows for remote code execution.",Apply updates per vendor instructions.,2/25/2022, -CVE-2022-24086,Adobe,Commerce and Magento Open Source,Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability,2/15/2022,Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution.,Apply updates per vendor instructions.,3/1/2022, -CVE-2022-0609,Google,Chrome,Google Chrome Use-After-Free Vulnerability,2/15/2022,The vulnerability exists due to a use-after-free error within the Animation component in Google Chrome.,Apply updates per vendor instructions.,3/1/2022, -CVE-2019-0752,Microsoft,Internet Explorer,Microsoft Internet Explorer Type Confusion Vulnerability,2/15/2022,A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer,Apply updates per vendor instructions.,8/15/2022, -CVE-2018-8174,Microsoft,Windows,Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability,2/15/2022,"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka ""Windows VBScript Engine Remote Code Execution""",Apply updates per vendor instructions.,8/15/2022, -CVE-2018-20250,RARLAB,WinRAR,WinRAR Absolute Path Traversal Vulnerability,2/15/2022,WinRAR Absolute Path Traversal vulnerability leads to Remote Code Execution,Apply updates per vendor instructions.,8/15/2022, -CVE-2018-15982,Adobe,Flash Player,Adobe Flash Player Use-After-Free Vulnerability,2/15/2022,Adobe Flash Player com.adobe.tvsdk.mediacore.metadata Use After Free Vulnerability,The impacted product is end-of-life and should be disconnected if still in use.,8/15/2022, -CVE-2017-9841,PHPUnit,PHPUnit,PHPUnit Command Injection Vulnerability,2/15/2022,"PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a ""administrator<*1*>123456 request.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2017-6327","Symantec","Symantec Messaging Gateway","Symantec Messaging Gateway Remote Code Execution Vulnerability","2021-11-03","The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2019-18988","TeamViewer","TeamViewer Desktop","TeamViewer Desktop Bypass Remote Login","2021-11-03","Allows a bypass of remote-login access control because the same key is used for different customers' installations.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2017-9248","Telerik","ASP.NET AJAX and Sitefinity","Telerik UI for ASP.NET AJAX and Progress Sitefinity Cryptographic Weakness Vuln","2021-11-03","Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2021-31755","Tenda","Tenda AC11 devices","Tenda AC11 Up to 02.03.01.104_CN Stack Buffer Overflow","2021-11-03","Tenda AC11 devices with firmware through 02.03.01.104_CN contain a stack buffer overflow vulnerability in /goform/setmac which allows for arbitrary execution.","Apply updates per vendor instructions.","2021-11-17","" +"CVE-2020-10987","Tenda","Tenda AC15 AC1900","Tenda Router Code Execution","2021-11-03","The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2018-14558","Tenda","Tenda AC7, AC9, and AC10 devices","Tenda Router Command Injection Vulnerability","2021-11-03","Issue on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the ""formsetUsbUnload"" function executes a dosystemCmd function with untrusted input.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2018-20062","ThinkPHP","NoneCms","ThinkPHP Remote Code Execution Vulnerability","2021-11-03","Issue in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted use of the filter parameter, as demonstrated by the s=index/\think\Request/input&filter=phpinfo&data=1 query string.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2019-9082","ThinkPHP","ThinkPHP","ThinkPHP Remote Code Execution Vulnerability","2021-11-03","ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2019-18187","Trend Micro","Trend Micro OfficeScan","Trend Micro Antivirus 0day Traversal Vulnerability","2021-11-03","Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE).","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2020-8467","Trend Micro","Trend Micro Apex One and OfficeScan XG","Trend Micro Apex One (2019) and OfficeScan XG migration tool remote code execution vulnerability","2021-11-03","A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE).","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2020-8468","Trend Micro","Trend Micro Apex One, OfficeScan XG and Worry-Free Business Security","Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agent content validation escape vulnerability","2021-11-03","Agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2020-24557","Trend Micro","Trend Micro Apex One and Worry-Free Business Security","Trend Micro Apex One and OfficeScan XG Improper Access Control Privilege Escalation Vulnerability","2021-11-03","A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2020-8599","Trend Micro","Trend Micro Apex One and OfficeScan XG server","Trend Micro Apex One and OfficeScan XG Vulnerability","2021-11-03","Server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2021-36742","Trend Micro","Trend Micro Multiple Products","Trend Micro Systems Multiple Products Improper Input Validation Vulnerability","2021-11-03","An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security allows a local attacker to escalate privileges.","Apply updates per vendor instructions.","2021-11-17","https://success.trendmicro.com/dcx/s/solution/000287819?language=en_US, https://success.trendmicro.com/dcx/s/solution/000287820?language=en_US" +"CVE-2021-36741","Trend Micro","Trend Micro Multiple Products","Trend Micro Systems Multiple Products Improper Input Validation Vulnerability","2021-11-03","An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security allows for upload of arbitrary files.","Apply updates per vendor instructions.","2021-11-17","https://success.trendmicro.com/dcx/s/solution/000287819?language=en_US, https://success.trendmicro.com/dcx/s/solution/000287820?language=en_US" +"CVE-2019-20085","TVT","NVMS-1000","TVT NVMS-1000 Directory Traversal","2021-11-03","TVT NVMS-1000 devices allow GET /.. Directory Traversal","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2020-5849","Unraid","Unraid","Unraid 6.8.0 Authentication Bypass","2021-11-03","Unraid 6.8.0 allows authentication bypass.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2020-5847","Unraid","Unraid","Unraid 6.8.0 Remote Code Execution Vulnerability","2021-11-03","Unraid through 6.8.0 allows Remote Code Execution.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2019-16759","vBulletin","vBulletin","vBulletin PHP Module Remote Code Execution Vulnerability","2021-11-03","vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2020-17496","vBulletin","vBulletin","vBulletin PHP Module Remote Code Execution Vulnerability","2021-11-03","vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2019-5544","VMware","ESXi, Horizon DaaS Appliances","VMware ESXi/Horizon DaaS Appliances Heap-Overwrite Vulnerability","2021-11-03","OpenSLP as used in ESXi and the Horizon DaaS appliances have a heap overwrite issue. A malicious actor with network access to port 427 on an ESXi host or on any Horizon DaaS management appliance may be able to overwrite the heap of the OpenSLP service resulting in remote code execution.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2020-3992","VMware","ESXi","OpenSLP as used in VMware ESXi","2021-11-03","OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2020-3950","VMware","VMware Fusion, VMware Remote Console for Mac, and Horizon Client for Mac","VMware Privilege escalation vulnerability","2021-11-03","Privilege escalation vulnerability due to improper use of setuid binaries.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2021-22005","VMware","vCenter Server","VMware vCenter Server File Upload","2021-11-03","VMware vCenter Server file upload vulnerability in the VMware-analytics service that allows to execute code on vCenter Server.","Apply updates per vendor instructions.","2021-11-17","" +"CVE-2020-3952","VMware","vCenter Server","VMware vCenter Server Info Disclosure Vulnerability","2021-11-03","Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2021-21972","VMware","vCenter Server","VMware vCenter Server Remote Code Execution Vulnerability","2021-11-03","The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.","Apply updates per vendor instructions.","2021-11-17","" +"CVE-2021-21985","VMware","vCenter Server","VMware vCenter Server Remote Code Execution Vulnerability","2021-11-03","The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.","Apply updates per vendor instructions.","2021-11-17","" +"CVE-2020-4006","VMware","VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector","VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector Command Injection vulnerability","2021-11-03","VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2020-25213","WordPress","File Manager","WordPress File Manager Remote Code Execution Vulnerability","2021-11-03","The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2020-11738","WordPress","Snap Creek Duplicator","WordPress Snap Creek Duplicator and Duplicator Pro plugins Directory Traversal","2021-11-03","The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2019-9978","WordPress","Social-Warfare","WordPress Social-Warfare plugin XSS","2021-11-03","The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2021-27561","Yealink","Device Management Platform","Yealink Device Management Server Pre-Authorization SSRF","2021-11-03","Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication","Apply updates per vendor instructions.","2021-11-17","" +"CVE-2021-40539","Zoho","ManageEngine ADSelfServicePlus","Zoho Corp. ManageEngine ADSelfService Plus Version 6113 and Earlier Authentication Bypass","2021-11-03","Zoho ManageEngine ADSelfService Plus versions 6113 and earlier contain an authentication bypass vulnerability which allows for Remote Code Execution.","Apply updates per vendor instructions.","2021-11-17","" +"CVE-2020-10189","Zoho","ManageEngine Desktop Central","Zoho ManageEngine Desktop Central Remote Code Execution Vulnerability","2021-11-03","Zoho ManageEngine Desktop Central before 10.0.474 allows remote code execution because of deserialization of untrusted data in getChartImage in the FileStorage class. This is related to the CewolfServlet and MDMLogUploaderServlet servlets.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2019-8394","Zoho","ManageEngine ServiceDesk Plus (SDP)","Zoho ManageEngine ServiceDesk Plus Arbitrary File Upload Vulnerability","2021-11-03","Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customization.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2020-29583","Zyxel","Unified Security Gateway (USG)","Zyxel Unified Security Gateway Undocumented Administrator Account with Default Credentials","2021-11-03","Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password.","Apply updates per vendor instructions.","2022-05-03","" +"CVE-2021-22204","Perl","Exiftool","ExifTool Remote Code Execution Vulnerability","2021-11-17","Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image","Apply updates per vendor instructions.","2021-12-01","" +"CVE-2021-40449","Microsoft","Windows","Microsoft Windows Win32k Privilege Escalation Vulnerability","2021-11-17","Unspecified vulnerability allows for an authenticated user to escalate privileges.","Apply updates per vendor instructions.","2021-12-01","" +"CVE-2021-42321","Microsoft","Exchange","Microsoft Exchange Server Remote Code Execution Vulnerability","2021-11-17","An authenticated attacker could leverage improper validation in cmdlet arguments within Microsoft Exchange and perform remote code execution.","Apply updates per vendor instructions.","2021-12-01","" +"CVE-2021-42292","Microsoft","Office","Microsoft Excel Security Feature Bypass","2021-11-17","A security feature bypass vulnerability in Microsoft Excel would allow a local user to perform arbitrary code execution.","Apply updates per vendor instructions.","2021-12-01","" +"CVE-2020-11261","Qualcomm","Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables","Qualcomm Multiple Chipsets Improper Input Validation Vulnerability","2021-12-01","Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables","Apply updates per vendor instructions.","2022-06-01","" +"CVE-2018-14847","MikroTik","RouterOS","MikroTik Router OS Directory Traversal Vulnerability","2021-12-01","MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.","Apply updates per vendor instructions.","2022-06-01","" +"CVE-2021-37415","Zoho","ManageEngine ServiceDesk Plus (SDP)","Zoho ManageEngine ServiceDesk Authentication Bypass Vulnerability","2021-12-01","Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication","Apply updates per vendor instructions.","2021-12-15","" +"CVE-2021-40438","Apache","Apache","Apache HTTP Server-Side Request Forgery (SSRF)","2021-12-01","A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.","Apply updates per vendor instructions.","2021-12-15","" +"CVE-2021-44077","Zoho","ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus","Zoho ManageEngine ServiceDesk Plus Remote Code Execution Vulnerability","2021-12-01","Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution","Apply updates per vendor instructions.","2021-12-15","" +"CVE-2021-44515","Zoho","Desktop Central","Zoho Desktop Central Authentication Bypass Vulnerability","2021-12-10","Zoho Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server.","Apply updates per vendor instructions.","2021-12-24","" +"CVE-2019-13272","Linux","Kernel","Linux Kernel Improper Privilege Management Vulnerability","2021-12-10","Kernel/ptrace.c in Linux kernel mishandles contains an improper privilege management vulnerability which allows local users to obtain root access.","Apply updates per vendor instructions.","2022-06-10","" +"CVE-2021-35394","Realtek","Jungle Software Development Kit (SDK)","Realtek Jungle SDK Remote Code Execution Vulnerability","2021-12-10","RealTek Jungle SDK contains multiple memory corruption vulnerabilities which can allow an attacker to perform remote code execution.","Apply updates per vendor instructions.","2021-12-24","" +"CVE-2019-7238","Sonatype","Nexus Repository Manager","Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability","2021-12-10","Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for remote code execution.","Apply updates per vendor instructions.","2022-06-10","" +"CVE-2019-0193","Apache","Solr","Apache Solr DataImportHandler Code Injection Vulnerability","2021-12-10","The optional Apache Solr module DataImportHandler contains a code injection vulnerability.","Apply updates per vendor instructions.","2022-06-10","" +"CVE-2021-44168","Fortinet","FortiOS","Fortinet FortiOS Arbitrary File Download","2021-12-10","Fortinet FortiOS ""execute restore src-vis"" downloads code without integrity checking, allowing an attacker to arbitrarily download files.","Apply updates per vendor instructions.","2021-12-24","" +"CVE-2017-17562","Embedthis","GoAhead","Embedthis GoAhead Remote Code Execution Vulnerability","2021-12-10","Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked.","Apply updates per vendor instructions.","2022-06-10","" +"CVE-2017-12149","Red Hat","JBoss Application Server","Red Hat JBoss Application Server Remote Code Execution Vulnerability","2021-12-10","The JBoss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute arbitrary code via crafted serialized data.","Apply updates per vendor instructions.","2022-06-10","" +"CVE-2010-1871","Red Hat","JBoss Seam 2","Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability","2021-12-10","JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can only be exploited when the Java Security Manager is not properly configured.","Apply updates per vendor instructions.","2022-06-10","" +"CVE-2020-17463","Fuel CMS","","Fuel CMS SQL Injection Vulnerability","2021-12-10","FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.","Apply updates per vendor instructions.","2022-06-10","" +"CVE-2020-8816","Pi-hole","AdminLTE","Pi-Hole AdminLTE Remote Code Execution Vulnerability","2021-12-10","Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.","Apply updates per vendor instructions.","2022-06-10","" +"CVE-2019-10758","MongoDB","mongo-express","MongoDB mongo-express Remote Code Execution Vulnerability","2021-12-10","mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method.","Apply updates per vendor instructions.","2022-06-10","" +"CVE-2021-44228","Apache","Log4j2","Apache Log4j2 Remote Code Execution Vulnerability","2021-12-10","Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.","For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.","2021-12-24","" +"CVE-2021-43890","Microsoft","Windows","Microsoft Windows AppX Installer Spoofing Vulnerability","2021-12-15","Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability.","Apply updates per vendor instructions.","2021-12-29","" +"CVE-2021-4102","Google","Chromium V8 Engine","Google Chromium V8 Use-After-Free Vulnerability","2021-12-15","Google Chromium V8 Engine contains a use-after-free vulnerability which can allow a remote attacker to execute arbitrary code on the target system.","Apply updates per vendor instructions.","2021-12-29","" +"CVE-2021-22017","VMware","vCenter Server","VMware vCenter Server Improper Access Control","2022-01-10","Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.","Apply updates per vendor instructions.","2022-01-24","" +"CVE-2021-36260","Hikvision","Security cameras web server","Hikvision Improper Input Validation","2022-01-10","A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.","Apply updates per vendor instructions.","2022-01-24","" +"CVE-2020-6572","Google","Chrome","Google Chrome Prior to 81.0.4044.92 Use-After-Free Vulnerability","2022-01-10","Use-after-free vulnerability in Media in Google Chrome prior to 81.0.4044.92 allowed a Remote attacker to execute arbitrary code via a crafted HTML page.","Apply updates per vendor instructions.","2022-07-10","" +"CVE-2019-1458","Microsoft","Win32k","Microsoft Win32k Privilege Escalation Vulnerability","2022-01-10","A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP.","Apply updates per vendor instructions.","2022-07-10","" +"CVE-2013-3900","Microsoft","WinVerifyTrust function","Microsoft WinVerifyTrust function Remote Code Execution","2022-01-10","A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files.","Apply updates per vendor instructions.","2022-07-10","" +"CVE-2019-2725","Oracle","WebLogic Server","Oracle WebLogic Server, Injection","2022-01-10","Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).","Apply updates per vendor instructions.","2022-07-10","" +"CVE-2019-9670","Synacor","Zimbra Collaboration (ZCS)","Synacor Zimbra Collaboration (ZCS) Improper Restriction of XML External Entity Reference","2022-01-10","Improper Restriction of XML External Entity Reference vulnerability affecting Synacor Zimbra Collaboration (ZCS).","Apply updates per vendor instructions.","2022-07-10","" +"CVE-2018-13382","Fortinet","FortiOS and FortiProxy","Fortinet FortiOS and FortiProxy Improper Authorization","2022-01-10","An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.","Apply updates per vendor instructions.","2022-07-10","" +"CVE-2018-13383","Fortinet","FortiOS and FortiProxy","Fortinet FortiOS and FortiProxy Out-of-bounds Write","2022-01-10","A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users.","Apply updates per vendor instructions.","2022-07-10","" +"CVE-2019-1579","Palo Alto Networks","PAN-OS","Palo Alto Networks PAN-OS Remote Code Execution Vulnerability","2022-01-10","Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled.","Apply updates per vendor instructions.","2022-07-10","" +"CVE-2019-10149","Exim","Mail Transfer Agent (MTA)","Exim Mail Transfer Agent (MTA) Improper Input Validation","2022-01-10","Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.","Apply updates per vendor instructions.","2022-07-10","" +"CVE-2015-7450","IBM","WebSphere Application Server and Server Hypervisor Edition","IBM WebSphere Application Server and Server Hypervisor Edition Code Injection.","2022-01-10","Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands","Apply updates per vendor instructions.","2022-07-10","" +"CVE-2017-1000486","Primetek","Primefaces Application","Primetek Primefaces Remote Code Execution Vulnerability","2022-01-10","Primetek Primefaces is vulnerable to a weak encryption flaw resulting in remote code execution","Apply updates per vendor instructions.","2022-07-10","" +"CVE-2019-7609","Elastic","Kibana","Kibana Arbitrary Code Execution","2022-01-10","Kibana contain an arbitrary code execution flaw in the Timelion visualizer.","Apply updates per vendor instructions.","2022-07-10","" +"CVE-2021-27860","FatPipe","WARP, IPVPN, and MPVPN software","FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit","2022-01-10","A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesystem.","Apply updates per vendor instructions.","2022-01-24","" +"CVE-2021-32648","October CMS","October CMS","October CMS Improper Authentication","2022-01-18","In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request.","Apply updates per vendor instructions.","2022-02-01","" +"CVE-2021-25296","Nagios","Nagios XI","Nagios XI OS Command Injection","2022-01-18","Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.","Apply updates per vendor instructions.","2022-02-01","" +"CVE-2021-25297","Nagios","Nagios XI","Nagios XI OS Command Injection","2022-01-18","Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.","Apply updates per vendor instructions.","2022-02-01","" +"CVE-2021-25298","Nagios","Nagios XI","Nagios XI OS Command Injection","2022-01-18","Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.","Apply updates per vendor instructions.","2022-02-01","" +"CVE-2021-40870","Aviatrix","Aviatrix Controller","Aviatrix Controller Unrestricted Upload of File","2022-01-18","Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.","Apply updates per vendor instructions.","2022-02-01","" +"CVE-2021-33766","Microsoft","Exchange Server","Microsoft Exchange Server Information Disclosure","2022-01-18","Microsoft Exchange Server contains an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target.","Apply updates per vendor instructions.","2022-02-01","" +"CVE-2021-21975","VMware","vRealize Operations Manager API","VMware Server Side Request Forgery in vRealize Operations Manager API","2022-01-18","Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perform a SSRF attack to steal administrative credentials.","Apply updates per vendor instructions.","2022-02-01","" +"CVE-2021-21315","Npm package","System Information Library for Node.JS","System Information Library for Node.JS Command Injection","2022-01-18","In this vulnerability, an attacker can send a malicious payload that will exploit the name parameter. After successful exploitation, attackers can execute remote.","Apply updates per vendor instructions.","2022-02-01","" +"CVE-2021-22991","F5","BIG-IP Traffic Management Microkernel","F5 BIG-IP Traffic Management Microkernel Buffer Overflow","2022-01-18","The Traffic Management Microkernel of BIG-IP ASM Risk Engine has a buffer overflow vulnerability, leading to a bypassing of URL-based access controls.","Apply updates per vendor instructions.","2022-02-01","" +"CVE-2020-14864","Oracle","Intelligence Enterprise Edition","Oracle Business Intelligence Enterprise Edition Path Transversal","2022-01-18","Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.","Apply updates per vendor instructions.","2022-07-18","" +"CVE-2020-13671","Drupal","Drupal core","Drupal core Un-restricted Upload of File","2022-01-18","Improper sanitization in the extension file names is present in Drupal core.","Apply updates per vendor instructions.","2022-07-18","" +"CVE-2020-11978","Apache","Airflow","Apache Airflow Command Injection","2022-01-18","A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow.","Apply updates per vendor instructions.","2022-07-18","" +"CVE-2020-13927","Apache","Airflow's Experimental API","Apache Airflow's Experimental API Authentication Bypass","2022-01-18","The previous default setting for Airflow's Experimental API was to allow all API requests without authentication.","Apply updates per vendor instructions.","2022-07-18","" +"CVE-2006-1547","Apache","Struts 1","Apache Struts 1 ActionForm Denial-of-Service Vulnerability","2022-01-21","ActionForm in Apache Struts versions before 1.2.9 with BeanUtils 1.7 contains a vulnerability which allows for denial-of-service.","Apply updates per vendor instructions.","2022-07-21","" +"CVE-2012-0391","Apache","Struts 2","Apache Struts 2 Improper Input Validation Vulnerability","2022-01-21","The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability which allows for remote code execution.","Apply updates per vendor instructions.","2022-07-21","" +"CVE-2018-8453","Microsoft","Win32k","Microsoft Win32k Privilege Escalation Vulnerability","2022-01-21","Microsoft Windows Win32k contains a vulnerability which allows an attacker to escalate privileges.","Apply updates per vendor instructions.","2022-07-21","" +"CVE-2021-35247","SolarWinds","Serv-U","SolarWinds Serv-U Improper Input Validation Vulnerability","2022-01-21","SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability which allows attackers to build and send queries without sanitization.","Apply updates per vendor instructions.","2022-02-04","" +"CVE-2022-22587","Apple","iOS and macOS","Apple Memory Corruption Vulnerability","2022-01-28","Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute arbitrary code with kernel privileges.","Apply updates per vendor instructions.","2022-02-11","" +"CVE-2021-20038","SonicWall","SMA 100 Appliances","SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability","2022-01-28","SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.","Apply updates per vendor instructions.","2022-02-11","" +"CVE-2020-5722","Grandstream","UCM6200","Grandstream Networks UCM6200 Series SQL Injection Vulnerability","2022-01-28","Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root.","Apply updates per vendor instructions.","2022-07-28","" +"CVE-2020-0787","Microsoft","Windows","Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability","2022-01-28","Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrary code with system-level privileges.","Apply updates per vendor instructions.","2022-07-28","" +"CVE-2017-5689","Intel","Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability","Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability","2022-01-28","Intel products contain a vulnerability which can allow attackers to perform privilege escalation.","Apply updates per vendor instructions.","2022-07-28","" +"CVE-2014-1776","Microsoft","Internet Explorer","Microsoft Internet Explorer Use-After-Free Vulnerability","2022-01-28","Microsoft Internet Explorer 6 - 11 contains a use-after-free vulnerability which can allow for arbitrary code execution or denial of service.","Apply updates per vendor instructions.","2022-07-28","" +"CVE-2014-6271","GNU","Bourne-Again Shell (Bash)","GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability","2022-01-28","GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.","Apply updates per vendor instructions.","2022-07-28","" +"CVE-2014-7169","GNU","Bourne-Again Shell (Bash)","GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability","2022-01-28","GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271.","Apply updates per vendor instructions.","2022-07-28","" +"CVE-2022-21882","Microsoft","Win32k","Microsoft Win32k Privilege Escalation Vulnerability","2022-02-04","Microsoft Win32k contains an unspecified vulnerability which allows for privilege escalation.","Apply updates per vendor instructions.","2022-02-18","" +"CVE-2021-36934","Microsoft","Windows","Microsoft Windows SAM Local Privilege Escalation Vulnerability","2022-02-10","If a Volume Shadow Copy (VSS) shadow copy of the system drive is available, users can read the SAM file which would allow any user to escalate privileges to SYSTEM level.","Apply updates per vendor instructions.","2022-02-24","" +"CVE-2020-0796","Microsoft","SMBv3","Microsoft SMBv3 Remote Code Execution Vulnerability","2022-02-10","A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.","Apply updates per vendor instructions.","2022-08-10","" +"CVE-2018-1000861","Jenkins","Jenkins Stapler Web Framework","Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability","2022-02-10","A code execution vulnerability exists in the Stapler web framework used by Jenkins","Apply updates per vendor instructions.","2022-08-10","" +"CVE-2017-9791","Apache","Struts 1","Apache Struts 1 Improper Input Validation Vulnerability","2022-02-10","The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.","Apply updates per vendor instructions.","2022-08-10","" +"CVE-2017-8464","Microsoft","Windows","Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability","2022-02-10","Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary code via a crafted .LNK file","Apply updates per vendor instructions.","2022-08-10","" +"CVE-2017-10271","Oracle","WebLogic Server","Oracle Corporation WebLogic Server Remote Code Execution Vulnerability","2022-02-10","Oracle Corporation WebLogic Server contains a vulnerability that allows for remote code execution.","Apply updates per vendor instructions.","2022-08-10","" +"CVE-2017-0263","Microsoft","Win32k","Microsoft Win32k Privilege Escalation Vulnerability","2022-02-10","Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory.","Apply updates per vendor instructions.","2022-08-10","" +"CVE-2017-0262","Microsoft","Office","Microsoft Office Remote Code Execution Vulnerability","2022-02-10","A remote code execution vulnerability exists in Microsoft Office.","Apply updates per vendor instructions.","2022-08-10","" +"CVE-2017-0145","Microsoft","SMBv1","Microsoft SMBv1 Remote Code Execution Vulnerability","2022-02-10","The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.","Apply updates per vendor instructions.","2022-08-10","" +"CVE-2017-0144","Microsoft","SMBv1","Microsoft SMBv1 Remote Code Execution Vulnerability","2022-02-10","The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.","Apply updates per vendor instructions.","2022-08-10","" +"CVE-2016-3088","Apache","ActiveMQ","Apache ActiveMQ Improper Input Validation Vulnerability","2022-02-10","The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request","Apply updates per vendor instructions.","2022-08-10","" +"CVE-2015-2051","D-Link","DIR-645 Router","D-Link DIR-645 Router Remote Code Execution Vulnerability","2022-02-10","D-Link DIR-645 Wired/Wireless Router allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.","The impacted product is end-of-life and should be disconnected if still in use.","2022-08-10","" +"CVE-2015-1635","Microsoft","HTTP.sys","Microsoft HTTP.sys Remote Code Execution Vulnerability","2022-02-10","Microsoft HTTP protocol stack (HTTP.sys) contains a vulnerability which allows for remote code execution.","Apply updates per vendor instructions.","2022-08-10","" +"CVE-2015-1130","Apple","OS X","Apple OS X Authentication Bypass Vulnerability","2022-02-10","The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges.","Apply updates per vendor instructions.","2022-08-10","" +"CVE-2014-4404","Apple","OS X","Apple OS X Heap-Based Buffer Overflow Vulnerability","2022-02-10","Heap-based buffer overflow in IOHIDFamily in Apple OS X, which affects, iOS before 8 and Apple TV before 7, allows attackers to execute arbitrary code in a privileged context.","Apply updates per vendor instructions.","2022-08-10","" +"CVE-2022-22620","Apple","Webkit","Apple Webkit Remote Code Execution Vulnerability","2022-02-11","Apple Webkit, which impacts iOS, iPadOS, and macOS, contains a vulnerability which allows for remote code execution.","Apply updates per vendor instructions.","2022-02-25","" +"CVE-2022-24086","Adobe","Commerce and Magento Open Source","Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability","2022-02-15","Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution.","Apply updates per vendor instructions.","2022-03-01","" +"CVE-2022-0609","Google","Chrome","Google Chrome Use-After-Free Vulnerability","2022-02-15","The vulnerability exists due to a use-after-free error within the Animation component in Google Chrome.","Apply updates per vendor instructions.","2022-03-01","" +"CVE-2019-0752","Microsoft","Internet Explorer","Microsoft Internet Explorer Type Confusion Vulnerability","2022-02-15","A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer","Apply updates per vendor instructions.","2022-08-15","" +"CVE-2018-8174","Microsoft","Windows","Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability","2022-02-15","A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka ""Windows VBScript Engine Remote Code Execution""","Apply updates per vendor instructions.","2022-08-15","" +"CVE-2018-20250","RARLAB","WinRAR","WinRAR Absolute Path Traversal Vulnerability","2022-02-15","WinRAR Absolute Path Traversal vulnerability leads to Remote Code Execution","Apply updates per vendor instructions.","2022-08-15","" +"CVE-2018-15982","Adobe","Flash Player","Adobe Flash Player Use-After-Free Vulnerability","2022-02-15","Adobe Flash Player com.adobe.tvsdk.mediacore.metadata Use After Free Vulnerability","The impacted product is end-of-life and should be disconnected if still in use.","2022-08-15","" +"CVE-2017-9841","PHPUnit","PHPUnit","PHPUnit Command Injection Vulnerability","2022-02-15","PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a ""