ABCDEFGHIJKLMNOPQRSTUVWXYZAAABACADAEAF
1
https://noncombatant.org/2022/04/22/itw-taxonomy/TypeCount% of all% of classifiedAutomated CWE analysis:TypeCount% of all% of classified
2
memory17428.2540.3756.03memory15625.3230.41
3
eval10016.2323.2eval13521.9226.32
4
logic12119.6428.07logic20433.1239.77
5
configuration284.556.5configuration30.490.58
6
cryptography71.141.62cryptography142.272.73
7
ux10.160.23ux10.160.19
8
18229.5510316.72
9
languagetypeadditionalDetailcwe-inferred-typecveIDvendorProjectproductvulnerabilityNamecwecwe2dateAddedshortDescriptionrequiredActiondueDate
10
PHPevalhttps://www.kiteworks.com/sites/default/files/trust-center/accellion-fta-attack-mandiant-report-full.pdfevalCVE-2021-27104AccellionFTAAccellion FTA OS Command Injection VulnerabilityCWE-782021-11-03Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints.Apply updates per vendor instructions.2021-11-17
11
PHPevalevalCVE-2021-27102AccellionFTAAccellion FTA OS Command Injection VulnerabilityCWE-782021-11-03Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call.Apply updates per vendor instructions.2021-11-17
12
PHPevalevalCVE-2021-27101AccellionFTAAccellion FTA SQL Injection VulnerabilityCWE-892021-11-03Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html.Apply updates per vendor instructions.2021-11-17
13
PHPevalCVE-2021-27103AccellionFTAAccellion FTA SSRF VulnerabilityCWE-9182021-11-03Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html.Apply updates per vendor instructions.2021-11-17
14
C/C++memorymemoryCVE-2021-21017AdobeAcrobat and ReaderAdobe Acrobat and Reader Heap-based Buffer Overflow VulnerabilityCWE-7872021-11-03Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Apply updates per vendor instructions.2021-11-17
15
C/C++memorymemoryCVE-2021-28550AdobeAcrobat and ReaderAdobe Acrobat and Reader Use-After-Free VulnerabilityCWE-4162021-11-03Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Apply updates per vendor instructions.2021-11-17
16
Javaevalhttps://nickbloor.co.uk/2018/06/18/another-coldfusion-rce-cve-2018-4939/evalCVE-2018-4939AdobeColdFusionAdobe ColdFusion Deserialization of Untrusted Data vulnerabilityCWE-5022021-11-03Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability. Successful exploitation could lead to arbitrary code execution.Apply updates per vendor instructions.2022-05-03
17
JavaUnclear: configuration, logic, or injection?evalCVE-2018-15961AdobeColdFusionAdobe ColdFusion Remote Code ExecutionCWE-4342021-11-03Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.Apply updates per vendor instructions.2022-05-03
18
C/C++memorymemoryCVE-2018-4878AdobeFlash PlayerAdobe Flash Player Use-After-Free vulnerabilityCWE-4162021-11-03A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.Apply updates per vendor instructions.2022-05-03
19
C/C++memorymemoryCVE-2020-5735AmcrestCameras and Network Video Recorder (NVR)Amcrest Camera and NVR Buffer Overflow VulnerabilityCWE-7872021-11-03Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.Apply updates per vendor instructions.2022-05-03
20
C/C++memoryhttps://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.htmlmemoryCVE-2019-2215AndroidAndroid OSAndroid "AbstractEmu" Root Access VulnerabilitiesCWE-4162021-11-03Apply updates per vendor instructions.2022-05-03
21
C/C++https://labs.bluefrostsecurity.de/blog/2020/03/31/cve-2020-0041-part-1-sandbox-escape/ Logical error that may have been made unexploitable by bounds checking? TODOmemoryCVE-2020-0041AndroidAndroid OSAndroid "AbstractEmu" Root Access VulnerabilitiesCWE-7872021-11-03Apply updates per vendor instructions.2022-05-03
22
C/C++configurationhttps://blog.quarkslab.com/cve-2020-0069-autopsy-of-the-most-stable-mediatek-rootkit.html Arguable: Calling it configuration since it shouldn't be exposed to low-priv attackers.memoryCVE-2020-0069AndroidAndroid OSAndroid "AbstractEmu" Root Access VulnerabilitiesCWE-7872021-11-03Apply updates per vendor instructions.2022-05-03
23
Javaevalhttps://securitylab.github.com/research/apache-struts-vulnerability-cve-2017-9805/evalCVE-2017-9805ApacheStrutsApache Struts Multiple Versions Remote Code Execution VulnerabilityCWE-5022021-11-03The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 contains a vulnerability which can lead to Remote Code Execution.Apply updates per vendor instructions.2022-05-03
24
C/C++logichttps://blog.qualys.com/vulnerabilities-threat-research/2021/10/27/apache-http-server-path-traversal-remote-code-execution-cve-2021-41773-cve-2021-42013 Arguable: logic that leads to injectionlogicCVE-2021-42013ApacheHTTP ServerApache HTTP Server 2.4.49 and 2.4.50 Path TraversalCWE-222021-11-03Apache HTTP server vulnerabilities allow an attacker to use a path traversal attack to map URLs to files outside the expected document root and perform Remote Code Execution.Apply updates per vendor instructions.2021-11-17
25
C/C++logiclogicCVE-2021-41773ApacheHTTP ServerApache HTTP Server Path Traversal VulnerabilityCWE-222021-11-03A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.Apply updates per vendor instructions.2021-11-17
26
C/C++memoryhttps://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.htmlmemoryCVE-2019-0211ApacheHTTP ServerApache HTTP Server scoreboard vulnerabilityCWE-4162021-11-03In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.Apply updates per vendor instructions.2022-05-03
27
JavaevallogicCVE-2016-4437ApacheShiroApache Shiro 1.2.4 Cookie RememberME Deserial Remote Code Execution VulnerabilityCWE-2842021-11-03Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter.Apply updates per vendor instructions.2022-05-03
28
Javaevalhttps://github.com/jas502n/solr_rceevalCVE-2019-17558ApacheSolrApache Solr 5.0.0-8.3.1 Remote Code Execution VulnerabilityCWE-742021-11-03Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/` directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled` by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user).Apply updates per vendor instructions.2022-05-03
29
Javaevalhttps://blog.qualys.com/vulnerabilities-threat-research/2021/09/21/apache-struts-2-double-ognl-evaluation-vulnerability-cve-2020-17530evalCVE-2020-17530ApacheStrutsApache Struts Forced OGNL Double Evaluation Remote Code ExecutionCWE-9172021-11-03Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.Apply updates per vendor instructions.2022-05-03
30
JavaevallogicCVE-2017-5638ApacheStrutsApache Struts Jakarta Multipart parser exception handling vulnerabilityCWE-202021-11-03The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.Apply updates per vendor instructions.2022-05-03
31
Javaevalhttps://www.recordedfuture.com/apache-struts-vulnerability-github/logicCVE-2018-11776ApacheStrutsApache Struts 2.3 to 2.3.34 and 2.5 to 2.5.16 Remote Code Execution VulnerabilityCWE-202021-11-03Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 contain a vulnerability which can allow for remote code execution.Apply updates per vendor instructions.2022-05-03
32
C/C++memorymemoryCVE-2021-30858AppleiOS and iPadOSApple Apple iOS and iPadOS Use-After-Free VulnerabilityCWE-4162021-11-03Apple iOS and iPadOS Arbitrary Code ExecutionApply updates per vendor instructions.2021-11-17
33
C/C++logicCVE-2019-6223AppleFaceTimeApple FaceTime VulnerabilityNVD-CWE-noinfo2021-11-03A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. The initiator of a Group FaceTime call may be able to cause the recipient to answer.Apply updates per vendor instructions.2022-05-03
34
C/C++memorymemoryCVE-2021-30860AppleiOSApple iOS "FORCEDENTRY" Remote Code Execution VulnerabilityCWE-1902021-11-03An integer overflow was addressed with improved input validation vulnerability affecting iOS devices that allows for remote code execution.Apply updates per vendor instructions.2021-11-17
35
C/C++memorymemoryCVE-2020-27930AppleiOS and macOSApple iOS and macOS FontParser Remote Code Execution VulnerabilityCWE-7872021-11-03A memory corruption issue was addressed with improved input validation. Processing a maliciously crafted font may lead to arbitrary code execution.Apply updates per vendor instructions.2022-05-03
36
C/C++memoryCVE-2021-30807AppleiOS and macOSApple iOS and macOS Memory Corruption VulnerabilityNVD-CWE-noinfo2021-11-03Apply updates per vendor instructions.2021-11-17
37
C/C++memorymemoryCVE-2020-27950AppleiOS and macOSApple iOS and macOS Kernel Memory Initialization VulnerabilityCWE-6652021-11-03A malicious application may be able to disclose kernel memory.Apply updates per vendor instructions.2022-05-03
38
C/C++logichttps://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2020/CVE-2020-27932.htmlmemoryCVE-2020-27932AppleiOS and macOSApple iOS and macOS Kernel Type Confusion VulnerabilityCWE-8432021-11-03A malicious application may be able to execute arbitrary code with kernel privileges.Apply updates per vendor instructions.2022-05-03
39
C/C++memorymemoryCVE-2020-9818AppleiOS MailApple iOS Mail OOB VulnerabilityCWE-7872021-11-03Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination.Apply updates per vendor instructions.2022-05-03
40
C/C++memorymemoryCVE-2020-9819AppleiOS MailApple iOS Mail Heap Overflow VulnerabilityCWE-1192021-11-03Processing a maliciously crafted mail message may lead to heap corruption.Apply updates per vendor instructions.2022-05-03
41
C/C++memorymemoryCVE-2021-30762AppleiOSApple WebKit Browser Engine Use-After-Free VulnerabilityCWE-4162021-11-03Use after free issue. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.Apply updates per vendor instructions.2021-11-17
42
C/C++logichttps://www.synacktiv.com/en/publications/analysis-and-exploitation-of-the-ios-kernel-vulnerability-cve-2021-1782.html Arguable: UAF, due to logic (no locking)logicCVE-2021-1782AppleiOSApple iOS Privilege Escalation and Code Execution ChainCWE-269CWE-3622021-11-03A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited.Apply updates per vendor instructions.2021-11-17
43
C/C++logicArguable: Description is useless. https://webkitgtk.org/security/WSA-2021-0002.html#CVE-2021-1870CVE-2021-1870AppleiOSApple iOS Privilege Escalation and Code Execution ChainNVD-CWE-noinfo2021-11-03A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.Apply updates per vendor instructions.2021-11-17
44
C/C++logicArguable; useless descriptionCVE-2021-1871AppleiOSApple iOS Privilege Escalation and Code Execution ChainNVD-CWE-noinfo2021-11-03A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.Apply updates per vendor instructions.2021-11-17
45
C/C++evalevalCVE-2021-1879AppleiOSApple iOS Webkit Browser Engine XSSCWE-792021-11-03Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been actively exploited.Apply updates per vendor instructions.2021-11-17
46
C/C++memorymemoryCVE-2021-30661AppleiOSApple iOS Webkit Storage Use-After-Free Remote Code Execution VulnerabilityCWE-4162021-11-03Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.Apply updates per vendor instructions.2021-11-17
47
C/C++memorymemoryCVE-2021-30666AppleiOSApple iOS12.x Buffer OverflowCWE-1202021-11-03Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.Apply updates per vendor instructions.2021-11-17
48
C/C++logiclogicCVE-2021-30713ApplemacOSApple macOS Input Validation ErrorCWE-8632021-11-03A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited.Apply updates per vendor instructions.2021-11-17
49
C/C++logiccryptographyCVE-2021-30657ApplemacOSApple macOS Policy Subsystem Gatekeeper BypassCWE-4942021-11-03A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited.Apply updates per vendor instructions.2021-11-17
50
C/C++memorymemoryCVE-2021-30665AppleSafariApple Safari Webkit Browser Engine Buffer Overflow VulnerabilityCWE-1192021-11-03Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.Apply updates per vendor instructions.2021-11-17
51
C/C++memoryTODOmemoryCVE-2021-30663AppleSafariApple Safari Webkit Browser Engine Integer Overflow VulnerabilityCWE-1902021-11-03Integer overflow. Processing maliciously crafted web content may lead to arbitrary code execution.Apply updates per vendor instructions.2021-11-17
52
C/C++memorymemoryCVE-2021-30761AppleiOSApple WebKit Browser Engine Memory Corruption VulnerabilityCWE-7872021-11-03Memory corruption issue. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.Apply updates per vendor instructions.2021-11-17
53
C/C++logicmemoryCVE-2021-30869AppleiOS, macOS, and iPadOSApple XNU Kernel Type ConfusionCWE-8432021-11-03Apple XNU kernel contains a type confusion vulnerability which allows a malicious application to execute arbitrary code with kernel privileges.Apply updates per vendor instructions.2021-11-17
54
C/C++memoryhttps://www.synacktiv.com/en/publications/the-fix-for-cve-2020-9859-and-the-lightspeed-vulnerability.html https://www.synacktiv.com/en/publications/return-of-the-ios-sandbox-escape-lightspeeds-back-in-the-racelogicCVE-2020-9859AppleiOS and iPadOSApple 11-13.5 XNU Kernel VulnerabilityCWE-4002021-11-03A memory consumption issue was addressed with improved memory handling. An application may be able to execute arbitrary code with kernel privileges.Apply updates per vendor instructions.2022-05-03
55
C/C++logichttps://medium.com/tenable-techblog/bypassing-authentication-on-arcadyan-routers-with-cve-2021-20090-and-rooting-some-buffalo-ea1dd30980c2logicCVE-2021-20090ArcadyanBuffalo WSR-2533DHPL2 and WSR-2533DHP3 firmwareArcadyan Buffalo Firmware Multiple Versions Path TraversalCWE-222021-11-03A path traversal vulnerability in Arcadyan firmware could allow unauthenticated remote attackers to bypass authentication. It impacts many routers.Apply updates per vendor instructions.2021-11-17
56
C/C++logichttps://ssd-disclosure.com/ssd-advisory-yealink-dm-pre-auth-root-level-rce/ Looks like 2 bugs: SSRF in Nginx, and command injection in some JavaScript. Classifying via the 1st in the chain: C/C++, logic.memoryCVE-2021-27562ArmArm Trusted FirmwareArm Trusted Firmware M through 1.2 Denial-of-ServiceCWE-7872021-11-03In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode. This vulnerability has known active exploitation against Yealink Device Management servers. It is assessed this product utilizes the affected Arm firmware.Apply updates per vendor instructions.2021-11-17
57
C/C++logichttps://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20VulnerabilitieslogicCVE-2021-28664ArmMali Graphics Processing Unit (GPU)Arm Mali GPU Kernel Boundary Error VulnerabilityCWE-2692021-11-03The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r8p0 through r30p0.Apply updates per vendor instructions.2021-11-17
58
C/C++memorymemoryCVE-2021-28663ArmMali Graphics Processing Unit (GPU)Arm Mali GPU Kernel Use-After-Free VulnerabilityCWE-4162021-11-03The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0.Apply updates per vendor instructions.2021-11-17
59
JavalogiclogicCVE-2019-3398AtlassianConfluenceAtlassian Confluence Path Traversal VulnerabilityCWE-222021-11-03Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability.Apply updates per vendor instructions.2022-05-03
60
JavaevalevalCVE-2021-26084AtlassianConfluence ServerAtlassian Confluence Server < 6.13.23, 6.14.0 - 7.12.5 Arbitrary Code ExecutionCWE-742021-11-03Atlassian Confluence Server The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5 contains an OGNL injection vulnerability which allows an attacker to execute arbitrary code.Apply updates per vendor instructions.2021-11-17
61
JavaconfigurationCVE-2019-11580AtlassianCrowd and Crowd Data CenterAtlassian Crowd and Crowd Data Center Remote Code Execution VulnerabilityNVD-CWE-noinfo2021-11-03Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code execution on systems running a vulnerable version of Crowd or Crowd Data Center. All versions of Crowd from version 2.1.0 before 3.0.5, from version 3.1.0 before 3.1.6, from version 3.2.0 before 3.2.8, from version 3.3.0 before 3.3.5, and from version 3.4.0 before 3.4.4 are affected by this vulnerability.Apply updates per vendor instructions.2022-05-03
62
JavaevallogicCVE-2019-3396AtlassianAtlassian Confluence ServerRemote code execution via Widget Connector macro VulnerabilityCWE-222021-11-03Allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.Apply updates per vendor instructions.2022-05-03
63
evalevalCVE-2021-42258BQEBillQuick Web SuiteBQE BillQuick Web Suite Versions Prior to 22.0.9.1 (from 2018 through 2021) Remote Code Execution VulnerabilityCWE-892021-11-03BQE BillQuick Web Suite 2018 through 2021 prior to 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in the wild in October 2021 for ransomware installation.Apply updates per vendor instructions.2021-11-17
64
logiclogicCVE-2020-3452CiscoAdaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)Cisco Adaptive Security Appliance and Cisco Fire Power Threat Defense directory traversal sensitive file readCWE-202021-11-03A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.Apply updates per vendor instructions.2022-05-03
65
evalevalCVE-2020-3580CiscoAdaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)Cisco ASA and FTD XSS VulnerabilitiesCWE-792021-11-03Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations.Apply updates per vendor instructions.2022-05-03
66
evalevalCVE-2021-1497CiscoHyperFlex HXCisco HyperFlex HX Command Injection VulnerabilitiesCWE-782021-11-03Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.Apply updates per vendor instructions.2021-11-17
67
evalevalCVE-2021-1498CiscoHyperFlex HXCisco HyperFlex HX Command Injection VulnerabilitiesCWE-782021-11-03Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.Apply updates per vendor instructions.2021-11-17
68
C/C++memorymemoryCVE-2018-0171CiscoIOS and IOS XECisco IOS and IOS XE Software Smart Install Remote Code Execution VulnerabilityCWE-7872021-11-03A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.Apply updates per vendor instructions.2022-05-03
69
C/C++memorymemoryCVE-2020-3118CiscoIOS XRCisco IOS XR Software Cisco Discovery Protocol Format String VulnerabilityCWE-1342021-11-03A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).Apply updates per vendor instructions.2022-05-03
70
C/C++logiclogicCVE-2020-3566CiscoIOS XRCisco IOS XR Software DVMRP Memory Exhaustion VulnerabilityCWE-4002021-11-03A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols.Apply updates per vendor instructions.2022-05-03
71
C/C++logiclogicCVE-2020-3569CiscoIOS XRCisco IOS XR Software DVMRP Memory Exhaustion VulnerabilityCWE-4002021-11-03Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols.Apply updates per vendor instructions.2022-05-03
72
C/C++memoryhttps://www.tenable.com/security/research/tra-2020-24logicCVE-2020-3161CiscoIP PhonesCisco IP Phones Web Server DoS and Remote Code Execution VulnerabilityCWE-202021-11-03A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition.Apply updates per vendor instructions.2022-05-03
73
C/C++logiclogicCVE-2019-1653CiscoRV320 and RV325 RoutersCisco RV320 and RV325 Routers Improper Access Control Vulnerability (COVID-19-CTI list)CWE-2002021-11-03A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information.Apply updates per vendor instructions.2022-05-03
74
logiclogicCVE-2018-0296CiscoAdaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)Cisco Adaptive Security Appliance Firepower Threat Defense Denial-of-Service/Directory Traversal vulnerabilityCWE-222021-11-03A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.Apply updates per vendor instructions.2022-05-03
75
evalevalCVE-2019-13608CitrixStoreFront ServerCitrix StoreFront Server Multiple Versions XML External Entity (XXE)CWE-6112021-11-03Citrix StoreFront Server contains a XXE processing vulnerability that could allow an unauthenticated attacker to retrieve potentially sensitive information.Apply updates per vendor instructions.2022-05-03
76
logiclogicCVE-2020-8193CitrixApplication Delivery Controller (ADC), Gateway, and SDWAN WANOPCitrix ADC, Citrix Gateway, Citrix SDWAN WANOP Unauthenticated Authorization BypassCWE-8622021-11-03Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.Apply updates per vendor instructions.2022-05-03
77
logiclogicCVE-2020-8195CitrixApplication Delivery Controller (ADC), Gateway, and SDWAN WANOPCitrix ADC, Citrix Gateway, Citrix SDWAN WANOP Unauthenticated Authorization BypassCWE-202021-11-03Application Delivery Controller (ADC), Gateway, and SDWAN WANOPApply updates per vendor instructions.2022-05-03
78
logiclogicCVE-2020-8196CitrixApplication Delivery Controller (ADC), Gateway, and SDWAN WANOPCitrix ADC, Citrix Gateway, Citrix SDWAN WANOP Unauthenticated Authorization BypassCWE-8622021-11-03Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.Apply updates per vendor instructions.2022-05-03
79
logiclogicCVE-2019-19781CitrixApplication Delivery Controller (ADC) and GatewayCitrix Application Delivery Controller and Citrix Gateway VulnerabilityCWE-222021-11-03Issue in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 allowing Directory Traversal.Apply updates per vendor instructions.2022-05-03
80
logicCVE-2019-11634CitrixWorkspace (for Windows)Citrix Workspace (for Windows) Prior to 1904 Improper Access ControlNVD-CWE-noinfo2021-11-03Citrix Workspace app and Receiver for Windows prior to version 1904 contains an incorrect access control vulnerability which allows for code execution.Apply updates per vendor instructions.2022-05-03
81
C/C++memoryhttps://vuldb.com/?id.168929memoryCVE-2020-29557D-LinkDIR-825 R1D-Link DIR-825 R1 Through 3.0.1 Before 11/2020 Buffer OverflowCWE-1202021-11-03D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20 contain a vulnerability in the web interface allowing for remote code execution.Apply updates per vendor instructions.2022-05-03
82
evalevalCVE-2020-25506D-LinkDNS-320D-Link DNS-320 Command Injection Remote Code Execution VulnerabilityCWE-772021-11-03D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code execution.Apply updates per vendor instructions.2022-05-03
83
C#cryptographycryptographyCVE-2018-15811DNNDotNetNuke (DNN)DotNetNuke 9.2-9.2.2 Encryption Algorithm VulnerabilityCWE-3262021-11-03DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.Apply updates per vendor instructions.2022-05-03
84
C#cryptographycryptographyCVE-2018-18325DNNDotNetNuke (DNN)DotNetNuke 9.2-9.2.2 Encryption Algorithm VulnerabilityCWE-3262021-11-03DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811.Apply updates per vendor instructions.2022-05-03
85
C#evallogicCVE-2017-9822DNNDotNetNuke (DNN)DotNetNuke before 9.1.1 Remote Code Execution VulnerabilityCWE-202021-11-03DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites."Apply updates per vendor instructions.2022-05-03
86
GologicArguable: logic that allows misconfiguration?logicCVE-2019-15752DockerDesktop Community EditionDocker Desktop Community Edition Privilege Escalation VulnerabilityCWE-7322021-11-03Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restart Docker, or run 'docker login' to force the command.Apply updates per vendor instructions.2022-05-03
87
evalevalCVE-2020-8515DrayTekVigor Router(s)DrayTek Vigor Router VulnerabilityCWE-782021-11-03DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI.Apply updates per vendor instructions.2022-05-03
88
PHPconfigurationlogicCVE-2018-7600DrupalDrupalDrupal module configuration vulnerabilityCWE-202021-11-03Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.Apply updates per vendor instructions.2022-05-03
89
PerlconfigurationArguable: logic that allows misconfiguration?logicCVE-2021-22205ExifToolExifToolGitLab Community and Enterprise Editions From 11.9 Remote Code Execution VulnerabilityCWE-202021-11-03Anyone with the ability to upload an image that goes through the GitLab Workhorse could achieve Remote Code Execution via a specially crafted file.Apply updates per vendor instructions.2021-11-17
90
C/C++memorymemoryCVE-2018-6789EximEximExim Buffer Overflow VulnerabilityCWE-1192021-11-03Issue in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.Apply updates per vendor instructions.2022-05-03
91
PHPconfigurationconfigurationCVE-2020-8657EyesOfNetworkEyesOfNetworkEyesOfNetwork 5.3 Insufficient Credential ProtectionCWE-7982021-11-03Issue in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded as EONAPI_KEY in include/api_functions.php for API version 2.4.2) by default for all installations, hence allowing an attacker to calculate/guess the admin access token.Apply updates per vendor instructions.2022-05-03
92
PHPconfigurationlogicCVE-2020-8655EyesOfNetworkEyesOfNetworkEyesOfNetwork 5.3 Privilege Escalation VulnerabilityCWE-2692021-11-03Issue in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user to run arbitrary commands as root via a crafted NSE script for nmap 7.Apply updates per vendor instructions.2022-05-03
93
Javalogichttps://swarm.ptsecurity.com/rce-in-f5-big-ip/evalCVE-2020-5902F5BIG-IPF5 BIG-IP Traffic Management User Interface Remote Code Execution VulnerabilityCWE-942021-11-03In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.Apply updates per vendor instructions.2022-05-03
94
JavaconfigurationThis is a web shell as a 'feature'. https://github.com/Al1ex/CVE-2021-22986 CVE-2021-22986F5BIG-IPF5 iControl REST unauthenticated Remote Code Execution VulnerabilityNVD-CWE-noinfo2021-11-03The iControl REST interface has an unauthenticated remote command execution vulnerability.Apply updates per vendor instructions.2021-11-17
95
JavaevalevalCVE-2021-35464ForgeRockAccess Management serverForgeRock Access Management Remote Code Execution VulnerabilityCWE-5022021-11-03ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/* request to the server.Apply updates per vendor instructions.2021-11-17
96
configurationhttps://www.fortiguard.com/psirt/FG-IR-19-037 Also: cryptography (lack of)logicCVE-2019-5591FortinetFortiOSFortinet FortiOS Default Configuration VulnerabilityCWE-2002021-11-03A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server.Apply updates per vendor instructions.2022-05-03
97
logiclogicCVE-2020-12812FortinetFortiOSFortinet FortiOS SSL VPN 2FA Authentication VulnerabilityCWE-2872021-11-03An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.Apply updates per vendor instructions.2022-05-03
98
logiclogicCVE-2018-13379FortinetFortiOSFortinet FortiOS SSL VPN credential exposure vulnerabilityCWE-222021-11-03An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.Apply updates per vendor instructions.2022-05-03
99
C/C++memorymemoryCVE-2020-16010GoogleChrome for AndroidGoogle Chrome for Android Heap Overflow VulnerabilityCWE-7872021-11-03Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.Apply updates per vendor instructions.2022-05-03
100
C/C++memorymemoryCVE-2020-15999GoogleChromeGoogle Chrome FreeType Memory CorruptionCWE-7872021-11-03Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.Apply updates per vendor instructions.2021-11-17