Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CISA known exploited database update #700

Merged
merged 1 commit into from
Jul 16, 2023
Merged

CISA known exploited database update #700

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 8 additions & 1 deletion config/known_exploited_vulnerabilities.csv
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -886,7 +886,7 @@
"CVE-2022-41223","Mitel","MiVoice Connect","Mitel MiVoice Connect Code Injection Vulnerability","2023-02-21","The Director component in Mitel MiVoice Connect allows an authenticated attacker with internal network access to execute code within the context of the application.","Apply updates per vendor instructions.","2023-03-14","https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0008"
"CVE-2022-40765","Mitel","MiVoice Connect","Mitel MiVoice Connect Command Injection Vulnerability","2023-02-21","The Mitel Edge Gateway component of MiVoice Connect allows an authenticated attacker with internal network access to execute commands within the context of the system.","Apply updates per vendor instructions.","2023-03-14","https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0007"
"CVE-2022-36537","ZK Framework","AuUploader","ZK Framework AuUploader Unspecified Vulnerability","2023-02-27","ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not limited to ConnectWise R1Soft Server Backup Manager.","Apply updates per vendor instructions.","2023-03-20","https://tracker.zkoss.org/browse/ZK-5150"
"CVE-2022-28810","Zoho","ManageEngine","Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability","2023-03-07","Multiple Zoho ManageEngine ADSelfService Plus contains an unspecified vulnerability allowing for remote code execution when performing a password change or reset.","Apply updates per vendor instructions.","2023-03-28","https://www.manageengine.com/products/self-service-password/advisory/CVE-2022-28810.html"
"CVE-2022-28810","Zoho","ManageEngine","Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability","2023-03-07","Zoho ManageEngine ADSelfService Plus contains an unspecified vulnerability allowing for remote code execution when performing a password change or reset.","Apply updates per vendor instructions.","2023-03-28","https://www.manageengine.com/products/self-service-password/advisory/CVE-2022-28810.html"
"CVE-2022-33891","Apache","Spark","Apache Spark Command Injection Vulnerability","2023-03-07","Apache Spark contains a command injection vulnerability via Spark User Interface (UI) when Access Control Lists (ACLs) are enabled.","Apply updates per vendor instructions.","2023-03-28","https://lists.apache.org/thread/p847l3kopoo5bjtmxrcwk21xp6tjxqlc"
"CVE-2022-35914","Teclib","GLPI","Teclib GLPI Remote Code Execution Vulnerability","2023-03-07","Teclib GLPI contains a remote code execution vulnerability in the third-party library, htmlawed.","Apply updates per vendor instructions.","2023-03-28","https://glpi-project.org/fr/glpi-10-0-3-disponible/, http://www.bioinformatics.org/phplabware/sourceer/sourceer.php?&Sfs=htmLawedTest.php&Sl=.%2Finternal_utilities%2FhtmLawed."
"CVE-2021-39144","XStream","XStream","XStream Remote Code Execution Vulnerability","2023-03-10","XStream contains a remote code execution vulnerability that allows an attacker to manipulate the processed input stream and replace or inject objects that result in the execution of a local command on the server. This vulnerability can affect multiple products, including but not limited to VMware Cloud Foundation.","Apply updates per vendor instructions.","2023-03-31","https://www.vmware.com/security/advisories/VMSA-2022-0027.html, https://x-stream.github.io/CVE-2021-39144.html"
Expand Down Expand Up @@ -965,3 +965,10 @@
"CVE-2021-25371","Samsung","Mobile Devices","Samsung Mobile Devices Unspecified Vulnerability","2023-06-29","Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF libraries inside DSP.","Apply updates per vendor instructions or discontinue use of the product if updates are unavailable","2023-07-20","https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=3"
"CVE-2021-25372","Samsung","Mobile Devices","Samsung Mobile Devices Improper Boundary Check Vulnerability","2023-06-29","Samsung mobile devices contain an improper boundary check vulnerability within DSP driver that allows for out-of-bounds memory access.","Apply updates per vendor instructions or discontinue use of the product if updates are unavailable","2023-07-20","https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=3"
"CVE-2021-29256","Arm","Mali Graphics Processing Unit (GPU)","Arm Mali GPU Kernel Driver Use-After-Free Vulnerability","2023-07-07","Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information.","Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.","2023-07-28","https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
"CVE-2023-32046","Microsoft","Windows","Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability","2023-07-11","Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for privilege escalation.","Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.","2023-08-01","https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-32046"
"CVE-2023-32049","Microsoft","Windows","Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability","2023-07-11","Microsoft Windows Defender SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Open File - Security Warning prompt.","Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.","2023-08-01","https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-32049"
"CVE-2023-35311","Microsoft","Outlook","Microsoft Outlook Security Feature Bypass Vulnerability","2023-07-11","Microsoft Outlook contains a security feature bypass vulnerability that allows an attacker to bypass the Microsoft Outlook Security Notice prompt.","Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.","2023-08-01","https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-35311"
"CVE-2023-36874","Microsoft","Windows","Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability","2023-07-11","Microsoft Windows Error Reporting Service contains an unspecified vulnerability that allows for privilege escalation.","Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.","2023-08-01","https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36874"
"CVE-2022-31199","Netwrix","Auditor","Netwrix Auditor Insecure Object Deserialization Vulnerability","2023-07-11","Netwrix Auditor User Activity Video Recording component contains an insecure objection deserialization vulnerability that allows an unauthenticated, remote attacker to execute code as the NT AUTHORITY\SYSTEM user. Successful exploitation requires that the attacker is able to reach port 9004/TCP, which is commonly blocked by standard enterprise firewalling.","Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.","2023-08-01","Patch application requires login to customer portal: https://security.netwrix.com/Account/SignIn?ReturnUrl=%2FAdvisories%2FADV-2022-003"
"CVE-2022-29303","SolarView","Compact","SolarView Compact Command Injection Vulnerability","2023-07-13","SolarView Compact contains a command injection vulnerability due to improper validation of input values on the send test mail console of the product's web server.","Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.","2023-08-03","https://jvn.jp/en/vu/JVNVU92327282/"
"CVE-2023-37450","Apple","Multiple Products","Apple Multiple Products WebKit Code Execution Vulnerability","2023-07-13","Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that can allow an attacker to execute code when processing web content.","Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.","2023-08-03","https://support.apple.com/en-us/HT213823"