#CVE

주간 보안 동향 요약: 2026-03-29 ~ 2026-04-05

최근 7일간 발생한 주요 보안 취약점, 이슈, 위협 동향 요약. CVE-2026-5281, AI 기반 공격 산업화, Tycoon2FA 붕괴, NoVoice Android 악성코드 등 포함.

TrueConf Zero-Day 취약점 - 아시아 정부 공격 사례 분석

CVE-2026-3502는 TrueConf 클라이언트 애플리케이션의 업데이터 유효성 검사 메커니즘 결함으로 인해 발생하는 제로데이 취약점이다. CVSS 점수 7.8로 평가되며, 공격자가 온프레미스 TrueConf 서버를 제어할 경우 연결된 모든 엔드포인트에 임의의 파일을 배포하고 실행할 …

Ubuntu Snapd CVE-2026-3888: Snapd 사용자 권한 상승 취약점 심층 분석

Ubuntu Snapd CVE-2026-3888 취약점 분석 및 대응 전략

2026 Q1 제로데이 동향: 심층 분석

2026 Q1 제로데이 취약점 동향을 심층 분석한 보고서. 클라우드, 모바일, 엔터프라이즈 소프트웨어 분야의 주요 취약점과 기술적 분석, 대응 전략을 포함합니다.

Next.js 자격증명 유출 사고: CVE-2025-55182 React2Shell 대규모 침해 분석

2025년 12월, React Server Components (RSC)의 "Flight" 프로토콜에 존재하는 치명적인 원격 코드 실행 취약점인 **CVE-2025-55182** (React2Shell)이 악용되어 대규모 자격증명 유출 사고가 발생했습니다. 이 사고로 **766대의 Next.js 호스트**가 단 24시간 만에 …

AI 융합과 규제 강화로 전통 보안이 붕괴하는 시대, 논리적 방어와 설계 단계 거버넌스로 위기를 기회로 전환하는 생존 전략

2026-04-03 보안 인사이트

AI/IoT CCTV 사이버 위협 - 스마트 보안 장치의 악용 가능성과 대응 방안

최근 AI 및 IoT 기술이 CCTV 감시 시스템에 급속도로 통합되면서, 스마트 보안 장치는 새로운 사이버 보안 위협에 직면했습니다. 전통적인 CCTV 시스템이 단순한 녹화 장치였다면, 오늘날의 AI 기반 CCTV는 실시간 영상 …

CVE-2026-5281 - Google Chrome Use-After-Free 취약점

Google Chrome의 Use-After-Free 메모리 손상 취약점(CVE-2026-5281)에 대한 기술적 분석과 대응 전략

CVE-2026-28500 - ONNX 모델 로딩 함수의 설계적 결함, 제로 상호작용 공급망 공격 가능

CVE-2026-28500은 ONNX(Open Neural Network Exchange)의 `onnx.hub.load()` 함수에 존재하는 보안 제어 우회 취약점이다. `silent=True` 파라미터 사용 시 모든 신뢰 검증 경고와 확인 프롬프트가 억제되어, 사용자 인식 없이 검증되지 않은 리포지토리에서 모델 …

CVE-2026-33017 - Langflow 인증되지 않은 RCE, 공개 후 20시간 만에 악용되기 시작하다

CVE-2026-33017은 Langflow의 공개 플로우 빌드 엔드포인트에 존재하는 인증되지 않은 원격 코드 실행 취약점이다. 공개된 PoC 코드가 없었음에도 어드바이저리 설명만으로 공격자가 20시간 이내에 작동하는 익스플로잇을 구축하고 실제 환경에서 악용하기 시작했다. AI …

[CVE-2026-5281] Google Dawn Use-After-Free Vulnerability

CISA

CVE-2026-33634 Trivy 악성코드 취약점과 공급망 보안

CVE-2026-33634는 Trivy 보안 스캐너를 타겟팅한 치명적 공급망 취약점입니다. 이 Deep Dive에서는 취약점 개요, 기술적 분석, 실무적 대응 전략, 벤치마킹 사례, CISO를 위한 인사이트를 다룹니다.

[CVE-2026-33634] Aquasecurity Trivy Embedded Malicious Code Vulnerability

CISA

[CVE-2026-33017] Langflow Code Injection Vulnerability

CISA

[CVE-2025-32432] Craft CMS Code Injection Vulnerability

CISA

[CVE-2025-54068] Laravel Livewire Code Injection Vulnerability

CISA

[CVE-2025-43510] Apple Multiple Products Improper Locking Vulnerability

CISA

[CVE-2025-43520] Apple Multiple Products Classic Buffer Overflow Vulnerability

CISA

[CVE-2025-31277] Apple Multiple Products Buffer Overflow Vulnerability

CISA

[CVE-2026-20131] Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2025-66376] Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability

CISA

[CVE-2026-20963] Microsoft SharePoint Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2025-47813] Wing FTP Server Information Disclosure Vulnerability

CISA

[CVE-2026-3910] Google Chromium V8 Improper Restriction of Operations Within the Bounds of a Memory Buffer Vulnerability

CISA

[CVE-2026-3909] Google Skia Out-of-Bounds Write Vulnerability

CISA

[CVE-2025-68613] n8n Improper Control of Dynamically-Managed Code Resources Vulnerability

CISA

[CVE-2021-22054] Omnissa Workspace ONE Server-Side Request Forgery

CISA

[CVE-2025-26399] SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2026-1603] Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability

CISA

[CVE-2017-7921] Hikvision Multiple Products Improper Authentication Vulnerability

CISA

[CVE-2021-22681] Rockwell Multiple Products Insufficient Protected Credentials Vulnerability

CISA

[CVE-2023-43000] Apple Multiple products Use-After-Free Vulnerability

CISA

[CVE-2021-30952] Apple Multiple Products Integer Overflow or Wraparound Vulnerability

CISA

[CVE-2023-41974] Apple iOS and iPadOS Use-After-Free Vulnerability

CISA

[CVE-2026-22719] Broadcom VMware Aria Operations Command Injection Vulnerability

CISA

[CVE-2026-21385] Qualcomm Multiple Chipsets Memory Corruption Vulnerability

CISA

라자루스의 RaaS 전환과 AI 오용이 알리는 사이버 위협의 실용주의 시대, 제로트러스트와 AI-SPM으로 무장한 방어 체계 재편 급물살

2026-02-26 보안 인사이트

[CVE-2022-20775] Cisco SD-WAN Path Traversal Vulnerability

CISA

[CVE-2026-20127] Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability

CISA

[CVE-2026-25108] Soliton Systems K.K FileZen OS Command Injection Vulnerability

CISA

[CVE-2025-49113] RoundCube Webmail Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2025-68461] RoundCube Webmail Cross-site Scripting Vulnerability

CISA

[CVE-2021-22175] GitLab Server-Side Request Forgery (SSRF) Vulnerability

CISA

[CVE-2026-22769] Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability

CISA

[CVE-2020-7796] Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability

CISA

[CVE-2024-7694] TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability

CISA

[CVE-2008-0015] Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability

CISA

[CVE-2026-2441] Google Chromium CSS Use-After-Free Vulnerability

CISA

[CVE-2026-1731] BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability

CISA

[CVE-2026-20700] Apple Multiple Buffer Overflow Vulnerability

CISA

[CVE-2024-43468] Microsoft Configuration Manager SQL Injection Vulnerability

CISA

[CVE-2025-15556] Notepad++ Download of Code Without Integrity Check Vulnerability

CISA

[CVE-2025-40536] SolarWinds Web Help Desk Security Control Bypass Vulnerability

CISA

[CVE-2026-21513] Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability

CISA

[CVE-2026-21525] Microsoft Windows NULL Pointer Dereference Vulnerability

CISA

[CVE-2026-21510] Microsoft Windows Shell Protection Mechanism Failure Vulnerability

CISA

[CVE-2026-21533] Microsoft Windows Improper Privilege Management Vulnerability

CISA

[CVE-2026-21519] Microsoft Windows Type Confusion Vulnerability

CISA

[CVE-2026-21514] Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability

CISA

[CVE-2025-11953] React Native Community CLI OS Command Injection Vulnerability

CISA

[CVE-2026-24423] SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability

CISA

[CVE-2021-39935] GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability

CISA

[CVE-2025-64328] Sangoma FreePBX OS Command Injection Vulnerability

CISA

[CVE-2019-19006] Sangoma FreePBX Improper Authentication Vulnerability

CISA

[CVE-2025-40551] SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2026-1281] Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

CISA

[CVE-2026-24858] Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability

CISA

[CVE-2018-14634] Linux Kernel Integer Overflow Vulnerability

CISA

[CVE-2025-52691] SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability

CISA

[CVE-2026-23760] SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel Vulnerability

CISA

[CVE-2026-24061] GNU InetUtils Argument Injection Vulnerability

CISA

[CVE-2026-21509] Microsoft Office Security Feature Bypass Vulnerability

CISA

[CVE-2024-37079] Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability

CISA

[CVE-2025-68645] Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability

CISA

[CVE-2025-34026] Versa Concerto Improper Authentication Vulnerability

CISA

[CVE-2025-31125] Vite Vitejs Improper Access Control Vulnerability

CISA

[CVE-2025-54313] Prettier eslint-config-prettier Embedded Malicious Code Vulnerability

CISA

[CVE-2026-20045] Cisco Unified Communications Products Code Injection Vulnerability

CISA

[CVE-2026-20805] Microsoft Windows Information Disclosure Vulnerability

CISA

[CVE-2025-8110] Gogs Path Traversal Vulnerability

CISA

[CVE-2009-0556] Microsoft Office PowerPoint Code Injection Vulnerability

CISA

[CVE-2025-37164] Hewlett Packard Enterprise (HPE) OneView Code Injection Vulnerability

CISA

CVE-2025-15070 | 지미션 WEB FAX 타 사용자 팩스 정보 노출 취약점

CVE-2025-15069 | 지미션 WEB FAX 사용자 정보 노출 및 권한 상승 취약점

CVE-2025-15068 | 지미션 WEB FAX 패스워드 강제 변경을 통한 계정 탈취 취약점

CVE-2025-15067 | 이노릭스 INNORIX WP 임의 파일 업로드 취약점

CVE-2025-15066 | 이노릭스 INNORIX WP 임의 파일 다운로드 취약점

CVE-2025-15065 | 킹스정보통신 KESS 정보 노출 및 보안 기능 우회 취약점

[CVE-2025-14847] MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability

CISA

[CVE-2023-52163] Digiever DS-2105 Pro Missing Authorization Vulnerability

CISA

[CVE-2025-14733] WatchGuard Firebox Out of Bounds Write Vulnerability

CISA

[CVE-2025-59374] ASUS Live Update Embedded Malicious Code Vulnerability

CISA

[CVE-2025-40602] SonicWall SMA1000 Missing Authorization Vulnerability

CISA

[CVE-2025-20393] Cisco Multiple Products Improper Input Validation Vulnerability

CISA

[CVE-2025-59718] Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability

CISA

[CVE-2025-14611] Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability

CISA

[CVE-2025-43529] Apple Multiple Products Use-After-Free WebKit Vulnerability

CISA

[CVE-2018-4063] Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability

CISA

[CVE-2025-14174] Google Chromium Out of Bounds Memory Access Vulnerability

CISA

[CVE-2025-58360] OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability

CISA

[CVE-2025-6218] RARLAB WinRAR Path Traversal Vulnerability

CISA

[CVE-2025-62221] Microsoft Windows Use After Free Vulnerability

CISA

[CVE-2022-37055] D-Link Routers Buffer Overflow Vulnerability

CISA

[CVE-2025-66644] Array Networks ArrayOS AG OS Command Injection Vulnerability

CISA

[CVE-2025-55182] Meta React Server Components Remote Code Execution Vulnerability

CISA

[CVE-2021-26828] OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability

CISA

[CVE-2025-48633] Android Framework Information Disclosure Vulnerability

CISA

[CVE-2025-48572] Android Framework Privilege Escalation Vulnerability

CISA

[CVE-2021-26829] OpenPLC ScadaBR Cross-site Scripting Vulnerability

CISA

[CVE-2025-61757] Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability

CISA

[CVE-2025-13223] Google Chromium V8 Type Confusion Vulnerability

CISA

[CVE-2025-58034] Fortinet FortiWeb OS Command Injection Vulnerability

CISA

[CVE-2025-64446] Fortinet FortiWeb Path Traversal Vulnerability

CISA

[CVE-2025-12480] Gladinet Triofox Improper Access Control Vulnerability

CISA

[CVE-2025-62215] Microsoft Windows Race Condition Vulnerability

CISA

[CVE-2025-9242] WatchGuard Firebox Out-of-Bounds Write Vulnerability

CISA

[CVE-2025-21042] Samsung Mobile Devices Out-of-Bounds Write Vulnerability

CISA

[CVE-2025-48703] CWP Control Web Panel OS Command Injection Vulnerability

CISA

[CVE-2025-11371] Gladinet CentreStack and Triofox Files or Directories Accessible to External Parties Vulnerability

CISA

[CVE-2025-41244] Broadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability

CISA

[CVE-2025-24893] XWiki Platform Eval Injection Vulnerability

CISA

[CVE-2025-6204] Dassault Systèmes DELMIA Apriso Code Injection Vulnerability

CISA

[CVE-2025-6205] Dassault Systèmes DELMIA Apriso Missing Authorization Vulnerability

CISA

[CVE-2025-54236] Adobe Commerce and Magento Improper Input Validation Vulnerability

CISA

[CVE-2025-59287] Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2025-61932] Motex LANSCOPE Endpoint Manager Improper Verification of Source of a Communication Channel Vulnerability

CISA

[CVE-2022-48503] Apple Multiple Products Unspecified Vulnerability

CISA

[CVE-2025-2746] Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability

CISA

[CVE-2025-2747] Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability

CISA

[CVE-2025-33073] Microsoft Windows SMB Client Improper Access Control Vulnerability

CISA

[CVE-2025-61884] Oracle E-Business Suite Server-Side Request Forgery (SSRF) Vulnerability

CISA

[CVE-2025-54253] Adobe Experience Manager Forms Code Execution Vulnerability

CISA

[CVE-2025-47827] IGEL OS Use of a Key Past its Expiration Date Vulnerability

CISA

[CVE-2025-24990] Microsoft Windows Untrusted Pointer Dereference Vulnerability

CISA

[CVE-2025-59230] Microsoft Windows Improper Access Control Vulnerability

CISA

[CVE-2016-7836] SKYSEA Client View Improper Authentication Vulnerability

CISA

CVE-2025-11221 | 지티원 ChangeFlow 원격 명령 실행 취약점

CVE-2025-11182 | 지티원 ChangeFlow 임의 파일 다운로드 취약점

CVE-2025-11020 | 마크애니 SafePC 원격 명령 실행 취약점

[CVE-2021-43798] Grafana Path Traversal Vulnerability

CISA

[CVE-2025-27915] Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability

CISA

[CVE-2021-22555] Linux Kernel Heap Out-of-Bounds Write Vulnerability

CISA

[CVE-2010-3962] Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability

CISA

[CVE-2021-43226] Microsoft Windows Privilege Escalation Vulnerability

CISA

[CVE-2013-3918] Microsoft Windows Out-of-Bounds Write Vulnerability

CISA

[CVE-2011-3402] Microsoft Windows Remote Code Execution Vulnerability

CISA

[CVE-2010-3765] Mozilla Multiple Products Remote Code Execution Vulnerability

CISA

[CVE-2025-61882] Oracle E-Business Suite Unspecified Vulnerability

CISA

[CVE-2014-6278] GNU Bash OS Command Injection Vulnerability

CISA

[CVE-2017-1000353] Jenkins Remote Code Execution Vulnerability

CISA

[CVE-2015-7755] Juniper ScreenOS Improper Authentication Vulnerability

CISA

[CVE-2025-21043] Samsung Mobile Devices Out-of-Bounds Write Vulnerability

CISA

[CVE-2025-4008] Smartbedded Meteobridge Command Injection Vulnerability

CISA

[CVE-2025-32463] Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability

CISA

[CVE-2025-59689] Libraesva Email Security Gateway Command Injection Vulnerability

CISA

[CVE-2025-10035] Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2025-20352] Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability

CISA

[CVE-2021-21311] Adminer Server-Side Request Forgery Vulnerability

CISA

[CVE-2025-20362] Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization Vulnerability

CISA

[CVE-2025-20333] Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability

CISA

[CVE-2025-10585] Google Chromium V8 Type Confusion Vulnerability

CISA

[CVE-2025-5086] Dassault Systèmes DELMIA Apriso Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2025-38352] Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability

CISA

[CVE-2025-48543] Android Runtime Use-After-Free Vulnerability

CISA

[CVE-2025-53690] Sitecore Multiple Products Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2023-50224] TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability

CISA

[CVE-2025-9377] TP-Link Archer C7(EU) and TL-WR841N/ND(MS) OS Command Injection Vulnerability

CISA

[CVE-2020-24363] TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability

CISA

[CVE-2025-55177] Meta Platforms WhatsApp Incorrect Authorization Vulnerability

CISA

[CVE-2025-57819] Sangoma FreePBX Authentication Bypass Vulnerability

CISA

[CVE-2025-7775] Citrix NetScaler Memory Overflow Vulnerability

CISA

[CVE-2025-48384] Git Link Following Vulnerability

CISA

[CVE-2024-8068] Citrix Session Recording Improper Privilege Management Vulnerability

CISA

[CVE-2024-8069] Citrix Session Recording Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2025-43300] Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability

CISA

[CVE-2025-54948] Trend Micro Apex One OS Command Injection Vulnerability

CISA

[CVE-2025-8876] N-able N-Central Command Injection Vulnerability

CISA

[CVE-2025-8875] N-able N-Central Insecure Deserialization Vulnerability

CISA

[CVE-2025-8088] RARLAB WinRAR Path Traversal Vulnerability

CISA

[CVE-2007-0671] Microsoft Office Excel Remote Code Execution Vulnerability

CISA

[CVE-2013-3893] Microsoft Internet Explorer Resource Management Errors Vulnerability

CISA

[CVE-2020-25078] D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability

CISA

[CVE-2020-25079] D-Link DCS-2530L and DCS-2670L Command Injection Vulnerability

CISA

[CVE-2022-40799] D-Link DNR-322L Download of Code Without Integrity Check Vulnerability

CISA

[CVE-2023-2533] PaperCut NG/MF Cross-Site Request Forgery (CSRF) Vulnerability

CISA

[CVE-2025-20337] Cisco Identity Services Engine Injection Vulnerability

CISA

[CVE-2025-20281] Cisco Identity Services Engine Injection Vulnerability

CISA

[CVE-2025-2775] SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability

CISA

[CVE-2025-2776] SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability

CISA

[CVE-2025-6558] Google Chromium ANGLE and GPU Improper Input Validation Vulnerability

CISA

[CVE-2025-54309] CrushFTP Unprotected Alternate Channel Vulnerability

CISA

[CVE-2025-49704] Microsoft SharePoint Code Injection Vulnerability

CISA

[CVE-2025-49706] Microsoft SharePoint Improper Authentication Vulnerability

CISA

[CVE-2025-53770] Microsoft SharePoint Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2025-25257] Fortinet FortiWeb SQL Injection Vulnerability

CISA

CVE-2025-7672 | 지란지교소프트 CrossEditor4 취약점

CVE-2025-3621 | 프로티앤에스(ProTNS) ActADUR 취약점

[CVE-2025-47812] Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability

CISA

[CVE-2025-5777] Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability

CISA

[CVE-2019-9621] Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery (SSRF) Vulnerability

CISA

[CVE-2019-5418] Rails Ruby on Rails Path Traversal Vulnerability

CISA

[CVE-2016-10033] PHPMailer Command Injection Vulnerability

CISA

[CVE-2014-3931] Multi-Router Looking Glass (MRLG) Buffer Overflow Vulnerability

CISA

[CVE-2025-6554] Google Chromium V8 Type Confusion Vulnerability

CISA

[CVE-2025-48928] TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability

CISA

[CVE-2025-48927] TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability

CISA

[CVE-2025-6543] Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability

CISA

[CVE-2019-6693] Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability

CISA

[CVE-2024-0769] D-Link DIR-859 Router Path Traversal Vulnerability

CISA

[CVE-2024-54085] AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability

CISA

[CVE-2023-0386] Linux Kernel Improper Ownership Management Vulnerability

CISA

[CVE-2023-33538] TP-Link Multiple Routers Command Injection Vulnerability

CISA

[CVE-2025-43200] Apple Multiple Products Unspecified Vulnerability

CISA

[CVE-2025-33053] Microsoft Windows External Control of File Name or Path Vulnerability

CISA

[CVE-2025-24016] Wazuh Server Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2024-42009] RoundCube Webmail Cross-Site Scripting Vulnerability

CISA

[CVE-2025-32433] Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability

CISA

[CVE-2025-5419] Google Chromium V8 Out-of-Bounds Read and Write Vulnerability

CISA

[CVE-2025-21479] Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability

CISA

[CVE-2025-21480] Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability

CISA

[CVE-2025-27038] Qualcomm Multiple Chipsets Use-After-Free Vulnerability

CISA

[CVE-2021-32030] ASUS Routers Improper Authentication Vulnerability

CISA

[CVE-2025-3935] ConnectWise ScreenConnect Improper Authentication Vulnerability

CISA

[CVE-2025-35939] Craft CMS External Control of Assumed-Immutable Web Parameter Vulnerability

CISA

[CVE-2024-56145] Craft CMS Code Injection Vulnerability

CISA

[CVE-2023-39780] ASUS RT-AX55 Routers OS Command Injection Vulnerability

CISA

[CVE-2025-4632] Samsung MagicINFO 9 Server Path Traversal Vulnerability

CISA

[CVE-2023-38950] ZKTeco BioTime Path Traversal Vulnerability

CISA

[CVE-2024-27443] Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2025-27920] Srimax Output Messenger Directory Traversal Vulnerability

CISA

[CVE-2024-11182] MDaemon Email Server Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2025-4428] Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

CISA

[CVE-2025-4427] Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability

CISA

[CVE-2025-42999] SAP NetWeaver Deserialization Vulnerability

CISA

[CVE-2024-12987] DrayTek Vigor Routers OS Command Injection Vulnerability

CISA

[CVE-2025-32756] Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability

CISA

[CVE-2025-32709] Microsoft Windows Ancillary Function Driver for WinSock Use-After-Free Vulnerability

CISA

[CVE-2025-30397] Microsoft Windows Scripting Engine Type Confusion Vulnerability

CISA

[CVE-2025-32706] Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability

CISA

[CVE-2025-32701] Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability

CISA

[CVE-2025-30400] Microsoft Windows DWM Core Library Use-After-Free Vulnerability

CISA

[CVE-2025-47729] TeleMessage TM SGNL Hidden Functionality Vulnerability

CISA

[CVE-2024-11120] GeoVision Devices OS Command Injection Vulnerability

CISA

[CVE-2024-6047] GeoVision Devices OS Command Injection Vulnerability

CISA

[CVE-2025-27363] FreeType Out-of-Bounds Write Vulnerability

CISA

[CVE-2025-3248] Langflow Missing Authentication Vulnerability

CISA

[CVE-2025-34028] Commvault Command Center Path Traversal Vulnerability

CISA

[CVE-2024-58136] Yiiframework Yii Improper Protection of Alternate Path Vulnerability

CISA

[CVE-2024-38475] Apache HTTP Server Improper Escaping of Output Vulnerability

CISA

[CVE-2023-44221] SonicWall SMA100 Appliances OS Command Injection Vulnerability

CISA

[CVE-2025-31324] SAP NetWeaver Unrestricted File Upload Vulnerability

CISA

[CVE-2025-1976] Broadcom Brocade Fabric OS Code Injection Vulnerability

CISA

[CVE-2025-42599] Qualitia Active! Mail Stack-Based Buffer Overflow Vulnerability

CISA

[CVE-2025-3928] Commvault Web Server Unspecified Vulnerability

CISA

[CVE-2025-24054] Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability

CISA

[CVE-2025-31201] Apple Multiple Products Arbitrary Read and Write Vulnerability

CISA

[CVE-2025-31200] Apple Multiple Products Memory Corruption Vulnerability

CISA

[CVE-2021-20035] SonicWall SMA100 Appliances OS Command Injection Vulnerability

CISA

[CVE-2024-53150] Linux Kernel Out-of-Bounds Read Vulnerability

CISA

[CVE-2024-53197] Linux Kernel Out-of-Bounds Access Vulnerability

CISA

[CVE-2025-29824] Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability

CISA

[CVE-2025-30406] Gladinet CentreStack and Triofox Use of Hard-coded Cryptographic Key Vulnerability

CISA

CVE-2024-11071 | 사이버다임 DestinyECM 취약점

[CVE-2025-31161] CrushFTP Authentication Bypass Vulnerability

CISA

[CVE-2025-22457] Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability

CISA

[CVE-2025-24813] Apache Tomcat Path Equivalence Vulnerability

CISA

[CVE-2024-20439] Cisco Smart Licensing Utility Static Credential Vulnerability

CISA

[CVE-2025-2783] Google Chromium Mojo Sandbox Escape Vulnerability

CISA

[CVE-2019-9875] Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability

CISA

[CVE-2019-9874] Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability

CISA

[CVE-2025-30154] reviewdog/action-setup GitHub Action Embedded Malicious Code Vulnerability

CISA

[CVE-2017-12637] SAP NetWeaver Directory Traversal Vulnerability

CISA

[CVE-2024-48248] NAKIVO Backup and Replication Absolute Path Traversal Vulnerability

CISA

[CVE-2025-1316] Edimax IC-7100 IP Camera OS Command Injection Vulnerability

CISA

[CVE-2025-30066] tj-actions/changed-files GitHub Action Embedded Malicious Code Vulnerability

CISA

[CVE-2025-24472] Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability

CISA

[CVE-2025-21590] Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability

CISA

[CVE-2025-24201] Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability

CISA

[CVE-2025-24993] Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability

CISA

[CVE-2025-24991] Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability

CISA

[CVE-2025-24985] Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability

CISA

[CVE-2025-24984] Microsoft Windows NTFS Information Disclosure Vulnerability

CISA

[CVE-2025-24983] Microsoft Windows Win32k Use-After-Free Vulnerability

CISA

[CVE-2025-26633] Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability

CISA

[CVE-2024-13161] Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability

CISA

[CVE-2024-13160] Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability

CISA

[CVE-2024-13159] Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability

CISA

[CVE-2024-57968] Advantive VeraCore Unrestricted File Upload Vulnerability

CISA

[CVE-2025-25181] Advantive VeraCore SQL Injection Vulnerability

CISA

[CVE-2025-22226] VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability

CISA

[CVE-2025-22225] VMware ESXi Arbitrary Write Vulnerability

CISA

[CVE-2025-22224] VMware ESXi and Workstation TOCTOU Race Condition Vulnerability

CISA

[CVE-2024-50302] Linux Kernel Use of Uninitialized Resource Vulnerability

CISA

[CVE-2024-4885] Progress WhatsUp Gold Path Traversal Vulnerability

CISA

[CVE-2018-8639] Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability

CISA

[CVE-2022-43769] Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability

CISA

[CVE-2022-43939] Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability

CISA

[CVE-2023-20118] Cisco Small Business RV Series Routers Command Injection Vulnerability

CISA

[CVE-2023-34192] Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2024-49035] Microsoft Partner Center Improper Access Control Vulnerability

CISA

[CVE-2024-20953] Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability

CISA

[CVE-2017-3066] Adobe ColdFusion Deserialization Vulnerability

CISA

[CVE-2025-24989] Microsoft Power Pages Improper Access Control Vulnerability

CISA

[CVE-2025-0111] Palo Alto Networks PAN-OS File Read Vulnerability

CISA

[CVE-2025-23209] Craft CMS Code Injection Vulnerability

CISA

[CVE-2025-0108] Palo Alto Networks PAN-OS Authentication Bypass Vulnerability

CISA

[CVE-2024-53704] SonicWall SonicOS SSLVPN Improper Authentication Vulnerability

CISA

[CVE-2024-57727] SimpleHelp Path Traversal Vulnerability

CISA

[CVE-2025-24200] Apple iOS and iPadOS Incorrect Authorization Vulnerability

CISA

[CVE-2024-41710] Mitel SIP Phones Argument Injection Vulnerability

CISA

[CVE-2024-40891] Zyxel DSL CPE OS Command Injection Vulnerability

CISA

[CVE-2024-40890] Zyxel DSL CPE OS Command Injection Vulnerability

CISA

[CVE-2025-21418] Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability

CISA

[CVE-2025-21391] Microsoft Windows Storage Link Following Vulnerability

CISA

[CVE-2025-0994] Trimble Cityworks Deserialization Vulnerability

CISA

[CVE-2020-15069] Sophos XG Firewall Buffer Overflow Vulnerability

CISA

[CVE-2020-29574] CyberoamOS (CROS) SQL Injection Vulnerability

CISA

[CVE-2024-21413] Microsoft Outlook Improper Input Validation Vulnerability

CISA

[CVE-2022-23748] Dante Discovery Process Control Vulnerability

CISA

[CVE-2025-0411] 7-Zip Mark of the Web Bypass Vulnerability

CISA

[CVE-2024-53104] Linux Kernel Out-of-Bounds Write Vulnerability

CISA

[CVE-2018-19410] Paessler PRTG Network Monitor Local File Inclusion Vulnerability

CISA

[CVE-2018-9276] Paessler PRTG Network Monitor OS Command Injection Vulnerability

CISA

[CVE-2024-29059] Microsoft .NET Framework Information Disclosure Vulnerability

CISA

[CVE-2024-45195] Apache OFBiz Forced Browsing Vulnerability

CISA

[CVE-2025-24085] Apple Multiple Products Use-After-Free Vulnerability

CISA

[CVE-2025-23006] SonicWall SMA1000 Appliances Deserialization Vulnerability

CISA

[CVE-2020-11023] JQuery Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2024-50603] Aviatrix Controllers OS Command Injection Vulnerability

CISA

[CVE-2025-21335] Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability

CISA

[CVE-2025-21334] Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability

CISA

[CVE-2025-21333] Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability

CISA

[CVE-2024-55591] Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability

CISA

[CVE-2023-48365] Qlik Sense HTTP Tunneling Vulnerability

CISA

[CVE-2024-12686] BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability

CISA

[CVE-2025-0282] Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability

CISA

[CVE-2020-2883] Oracle WebLogic Server Unspecified Vulnerability

CISA

[CVE-2024-55550] Mitel MiCollab Path Traversal Vulnerability

CISA

[CVE-2024-41713] Mitel MiCollab Path Traversal Vulnerability

CISA

[CVE-2024-3393] Palo Alto Networks PAN-OS Malicious DNS Packet Vulnerability

CISA

[CVE-2021-44207] Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability

CISA

[CVE-2024-12356] BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability

CISA

[CVE-2021-40407] Reolink RLC-410W IP Camera OS Command Injection Vulnerability

CISA

[CVE-2019-11001] Reolink Multiple IP Cameras OS Command Injection Vulnerability

CISA

[CVE-2022-23227] NUUO NVRmini2 Devices Missing Authentication Vulnerability

CISA

[CVE-2018-14933] NUUO NVRmini Devices OS Command Injection Vulnerability

CISA

[CVE-2024-55956] Cleo Multiple Products Unauthenticated File Upload Vulnerability

CISA

[CVE-2024-35250] Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability

CISA

[CVE-2024-20767] Adobe ColdFusion Improper Access Control Vulnerability

CISA

[CVE-2024-50623] Cleo Multiple Products Unrestricted File Upload Vulnerability

CISA

[CVE-2024-49138] Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability

CISA

[CVE-2024-51378] CyberPanel Incorrect Default Permissions Vulnerability

CISA

[CVE-2024-11667] Zyxel Multiple Firewalls Path Traversal Vulnerability

CISA

[CVE-2024-11680] ProjectSend Improper Authentication Vulnerability

CISA

[CVE-2023-45727] North Grid Proself Improper Restriction of XML External Entity (XXE) Reference Vulnerability

CISA

[CVE-2023-28461] Array Networks AG and vxAG ArrayOS Missing Authentication for Critical Function Vulnerability

CISA

[CVE-2024-21287] Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability

CISA

[CVE-2024-44309] Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2024-44308] Apple Multiple Products Code Execution Vulnerability

CISA

[CVE-2024-38813] VMware vCenter Server Privilege Escalation Vulnerability

CISA

[CVE-2024-38812] VMware vCenter Server Heap-Based Buffer Overflow Vulnerability

CISA

[CVE-2024-9474] Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability

CISA

[CVE-2024-0012] Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability

CISA

[CVE-2024-1212] Progress Kemp LoadMaster OS Command Injection Vulnerability

CISA

[CVE-2024-9465] Palo Alto Networks Expedition SQL Injection Vulnerability

CISA

[CVE-2024-9463] Palo Alto Networks Expedition OS Command Injection Vulnerability

CISA

[CVE-2021-26086] Atlassian Jira Server and Data Center Path Traversal Vulnerability

CISA

[CVE-2014-2120] Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2021-41277] Metabase GeoJSON API Local File Inclusion Vulnerability

CISA

[CVE-2024-43451] Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability

CISA

[CVE-2024-49039] Microsoft Windows Task Scheduler Privilege Escalation Vulnerability

CISA

[CVE-2019-16278] Nostromo nhttpd Directory Traversal Vulnerability

CISA

[CVE-2024-51567] CyberPanel Incorrect Default Permissions Vulnerability

CISA

[CVE-2024-43093] Android Framework Privilege Escalation Vulnerability

CISA

[CVE-2024-5910] Palo Alto Networks Expedition Missing Authentication Vulnerability

CISA

[CVE-2024-8956] PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability

CISA

[CVE-2024-8957] PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability

CISA

[CVE-2024-37383] RoundCube Webmail Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2024-20481] Cisco ASA and FTD Denial-of-Service Vulnerability

CISA

[CVE-2024-47575] Fortinet FortiManager Missing Authentication Vulnerability

CISA

[CVE-2024-38094] Microsoft SharePoint Deserialization Vulnerability

CISA

[CVE-2024-9537] ScienceLogic SL1 Unspecified Vulnerability

CISA

[CVE-2024-40711] Veeam Backup and Replication Deserialization Vulnerability

CISA

[CVE-2024-28987] SolarWinds Web Help Desk Hardcoded Credential Vulnerability

CISA

[CVE-2024-9680] Mozilla Firefox Use-After-Free Vulnerability

CISA

[CVE-2024-30088] Microsoft Windows Kernel TOCTOU Race Condition Vulnerability

CISA

[CVE-2024-9380] Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability

CISA

[CVE-2024-9379] Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability

CISA

[CVE-2024-23113] Fortinet Multiple Products Format String Vulnerability

CISA

[CVE-2024-43573] Microsoft Windows MSHTML Platform Spoofing Vulnerability

CISA

[CVE-2024-43572] Microsoft Windows Management Console Remote Code Execution Vulnerability

CISA

[CVE-2024-43047] Qualcomm Multiple Chipsets Use-After-Free Vulnerability

CISA

[CVE-2024-45519] Synacor Zimbra Collaboration Suite (ZCS) Command Execution Vulnerability

CISA

[CVE-2024-29824] Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability

CISA

[CVE-2019-0344] SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2020-15415] DrayTek Multiple Vigor Routers OS Command Injection Vulnerability

CISA

[CVE-2023-25280] D-Link DIR-820 Router OS Command Injection Vulnerability

CISA

[CVE-2024-7593] Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability

CISA

[CVE-2024-8963] Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability

CISA

[CVE-2020-14644] Oracle WebLogic Server Remote Code Execution Vulnerability

CISA

[CVE-2022-21445] Oracle ADF Faces Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2020-0618] Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability

CISA

[CVE-2024-27348] Apache HugeGraph-Server Improper Access Control Vulnerability

CISA

[CVE-2014-0502] Adobe Flash Player Double Free Vulnerablity

CISA

[CVE-2013-0648] Adobe Flash Player Code Execution Vulnerability

CISA

[CVE-2013-0643] Adobe Flash Player Incorrect Default Permissions Vulnerability

CISA

[CVE-2014-0497] Adobe Flash Player Integer Underflow Vulnerablity

CISA

[CVE-2024-6670] Progress WhatsUp Gold SQL Injection Vulnerability

CISA

[CVE-2024-43461] Microsoft Windows MSHTML Platform Spoofing Vulnerability

CISA

[CVE-2024-8190] Ivanti Cloud Services Appliance OS Command Injection Vulnerability

CISA

[CVE-2024-38217] Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability

CISA

[CVE-2024-38014] Microsoft Windows Installer Improper Privilege Management Vulnerability

CISA

[CVE-2024-38226] Microsoft Publisher Protection Mechanism Failure Vulnerability

CISA

[CVE-2024-40766] SonicWall SonicOS Improper Access Control Vulnerability

CISA

[CVE-2017-1000253] Linux Kernel PIE Stack Buffer Corruption Vulnerability

CISA

[CVE-2016-3714] ImageMagick Improper Input Validation Vulnerability

CISA

[CVE-2024-7262] Kingsoft WPS Office Path Traversal Vulnerability

CISA

[CVE-2021-20124] Draytek VigorConnect Path Traversal Vulnerability

CISA

[CVE-2021-20123] Draytek VigorConnect Path Traversal Vulnerability

CISA

[CVE-2024-7965] Google Chromium V8 Inappropriate Implementation Vulnerability

CISA

[CVE-2024-38856] Apache OFBiz Incorrect Authorization Vulnerability

CISA

[CVE-2024-7971] Google Chromium V8 Type Confusion Vulnerability

CISA

[CVE-2024-39717] Versa Director Dangerous File Type Upload Vulnerability

CISA

[CVE-2021-31196] Microsoft Exchange Server Information Disclosure Vulnerability

CISA

[CVE-2022-0185] Linux Kernel Heap-Based Buffer Overflow Vulnerability

CISA

[CVE-2021-33045] Dahua IP Camera Authentication Bypass Vulnerability

CISA

[CVE-2021-33044] Dahua IP Camera Authentication Bypass Vulnerability

CISA

[CVE-2024-23897] Jenkins Command Line Interface (CLI) Path Traversal Vulnerability

CISA

[CVE-2024-28986] SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2024-38107] Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability

CISA

[CVE-2024-38106] Microsoft Windows Kernel Privilege Escalation Vulnerability

CISA

[CVE-2024-38193] Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability

CISA

[CVE-2024-38213] Microsoft Windows SmartScreen Security Feature Bypass Vulnerability

CISA

[CVE-2024-38178] Microsoft Windows Scripting Engine Memory Corruption Vulnerability

CISA

[CVE-2024-38189] Microsoft Project Remote Code Execution Vulnerability

CISA

[CVE-2024-32113] Apache OFBiz Path Traversal Vulnerability

CISA

[CVE-2024-36971] Android Kernel Remote Code Execution Vulnerability

CISA

[CVE-2018-0824] Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2024-37085] VMware ESXi Authentication Bypass Vulnerability

CISA

[CVE-2023-45249] Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability

CISA

[CVE-2024-5217] ServiceNow Incomplete List of Disallowed Inputs Vulnerability

CISA

[CVE-2024-4879] ServiceNow Improper Input Validation Vulnerability

CISA

[CVE-2024-39891] Twilio Authy Information Disclosure Vulnerability

CISA

[CVE-2012-4792] Microsoft Internet Explorer Use-After-Free Vulnerability

CISA

[CVE-2022-22948] VMware vCenter Server Incorrect Default File Permissions Vulnerability

CISA

[CVE-2024-28995] SolarWinds Serv-U Path Traversal Vulnerability

CISA

[CVE-2024-34102] Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability

CISA

[CVE-2024-36401] OSGeo GeoServer GeoTools Eval Injection Vulnerability

CISA

[CVE-2024-23692] Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability

CISA

[CVE-2024-38080] Microsoft Windows Hyper-V Privilege Escalation Vulnerability

CISA

[CVE-2024-38112] Microsoft Windows MSHTML Platform Spoofing Vulnerability

CISA

[CVE-2024-20399] Cisco NX-OS Command Injection Vulnerability

CISA

[CVE-2020-13965] Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2022-2586] Linux Kernel Use-After-Free Vulnerability

CISA

[CVE-2022-24816] OSGeo GeoServer JAI-EXT Code Injection Vulnerability

CISA

[CVE-2024-4358] Progress Telerik Report Server Authentication Bypass by Spoofing Vulnerability

CISA

[CVE-2024-26169] Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability

CISA

[CVE-2024-32896] Android Pixel Privilege Escalation Vulnerability

CISA

[CVE-2024-4577] PHP-CGI OS Command Injection Vulnerability

CISA

[CVE-2024-4610] Arm Mali GPU Kernel Driver Use-After-Free Vulnerability

CISA

[CVE-2017-3506] Oracle WebLogic Server OS Command Injection Vulnerability

CISA

[CVE-2024-1086] Linux Kernel Use-After-Free Vulnerability

CISA

[CVE-2024-24919] Check Point Quantum Security Gateways Information Disclosure Vulnerability

CISA

[CVE-2024-4978] Justice AV Solutions (JAVS) Viewer Installer Embedded Malicious Code Vulnerability

CISA

[CVE-2024-5274] Google Chromium V8 Type Confusion Vulnerability

CISA

[CVE-2020-17519] Apache Flink Improper Access Control Vulnerability

CISA

[CVE-2024-4947] Google Chromium V8 Type Confusion Vulnerability

CISA

[CVE-2023-43208] NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2024-4761] Google Chromium V8 Out-of-Bounds Memory Write Vulnerability

CISA

[CVE-2021-40655] D-Link DIR-605 Router Information Disclosure Vulnerability

CISA

[CVE-2014-100005] D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability

CISA

[CVE-2024-30040] Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability

CISA

[CVE-2024-30051] Microsoft DWM Core Library Privilege Escalation Vulnerability

CISA

[CVE-2024-4671] Google Chromium Visuals Use-After-Free Vulnerability

CISA

[CVE-2023-7028] GitLab Community and Enterprise Editions Improper Access Control Vulnerability

CISA

[CVE-2024-29988] Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability

CISA

[CVE-2024-4040] CrushFTP VFS Sandbox Escape Vulnerability

CISA

[CVE-2024-20359] Cisco ASA and FTD Privilege Escalation Vulnerability

CISA

[CVE-2024-20353] Cisco ASA and FTD Denial of Service Vulnerability

CISA

[CVE-2022-38028] Microsoft Windows Print Spooler Privilege Escalation Vulnerability

CISA

[CVE-2024-3400] Palo Alto Networks PAN-OS Command Injection Vulnerability

CISA

[CVE-2024-3273] D-Link Multiple NAS Devices Command Injection Vulnerability

CISA

[CVE-2024-3272] D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability

CISA

[CVE-2024-29748] Android Pixel Privilege Escalation Vulnerability

CISA

[CVE-2024-29745] Android Pixel Information Disclosure Vulnerability

CISA

[CVE-2023-24955] Microsoft SharePoint Server Code Injection Vulnerability

CISA

[CVE-2019-7256] Nice Linear eMerge E3-Series OS Command Injection Vulnerability

CISA

[CVE-2021-44529] Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability

CISA

[CVE-2023-48788] Fortinet FortiClient EMS SQL Injection Vulnerability

CISA

[CVE-2024-27198] JetBrains TeamCity Authentication Bypass Vulnerability

CISA

[CVE-2024-23225] Apple Multiple Products Memory Corruption Vulnerability

CISA

[CVE-2024-23296] Apple Multiple Products Memory Corruption Vulnerability

CISA

[CVE-2023-21237] Android Pixel Information Disclosure Vulnerability

CISA

[CVE-2021-36380] Sunhillo SureLine OS Command Injection Vulnerablity

CISA

[CVE-2024-21338] Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability

CISA

[CVE-2023-29360] Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability

CISA

[CVE-2024-1709] ConnectWise ScreenConnect Authentication Bypass Vulnerability

CISA

[CVE-2020-3259] Cisco ASA and FTD Information Disclosure Vulnerability

CISA

[CVE-2024-21410] Microsoft Exchange Server Privilege Escalation Vulnerability

CISA

[CVE-2024-21412] Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability

CISA

[CVE-2024-21351] Microsoft Windows SmartScreen Security Feature Bypass Vulnerability

CISA

[CVE-2023-43770] Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2024-21762] Fortinet FortiOS Out-of-Bound Write Vulnerability

CISA

[CVE-2023-4762] Google Chromium V8 Type Confusion Vulnerability

CISA

[CVE-2022-48618] Apple Multiple Products Memory Corruption Vulnerability

CISA

[CVE-2024-21893] Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability

CISA

[CVE-2023-22527] Atlassian Confluence Data Center and Server Template Injection Vulnerability

CISA

[CVE-2024-23222] Apple Multiple Products WebKit Type Confusion Vulnerability

CISA

[CVE-2023-34048] VMware vCenter Server Out-of-Bounds Write Vulnerability

CISA

[CVE-2023-35082] Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability

CISA

[CVE-2024-0519] Google Chromium V8 Out-of-Bounds Memory Access Vulnerability

CISA

[CVE-2023-6549] Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability

CISA

[CVE-2023-6548] Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability

CISA

[CVE-2018-15133] Laravel Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2023-29357] Microsoft SharePoint Server Privilege Escalation Vulnerability

CISA

[CVE-2023-46805] Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability

CISA

[CVE-2024-21887] Ivanti Connect Secure and Policy Secure Command Injection Vulnerability

CISA

[CVE-2023-23752] Joomla! Improper Access Control Vulnerability

CISA

[CVE-2016-20017] D-Link DSL-2750B Devices Command Injection Vulnerability

CISA

[CVE-2023-41990] Apple Multiple Products Code Execution Vulnerability

CISA

[CVE-2023-27524] Apache Superset Insecure Default Initialization of Resource Vulnerability

CISA

[CVE-2023-29300] Adobe ColdFusion Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2023-38203] Adobe ColdFusion Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2023-7101] Spreadsheet::ParseExcel Remote Code Execution Vulnerability

CISA

[CVE-2023-7024] Google Chromium WebRTC Heap Buffer Overflow Vulnerability

CISA

[CVE-2023-49897] FXC AE1021, AE1021PE OS Command Injection Vulnerability

CISA

[CVE-2023-47565] QNAP VioStor NVR OS Command Injection Vulnerability

CISA

[CVE-2023-6448] Unitronics Vision PLC and HMI Insecure Default Password Vulnerability

CISA

[CVE-2023-41266] Qlik Sense Path Traversal Vulnerability

CISA

[CVE-2023-41265] Qlik Sense HTTP Tunneling Vulnerability

CISA

[CVE-2023-33107] Qualcomm Multiple Chipsets Integer Overflow Vulnerability

CISA

[CVE-2023-33106] Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability

CISA

[CVE-2023-33063] Qualcomm Multiple Chipsets Use-After-Free Vulnerability

CISA

[CVE-2022-22071] Qualcomm Multiple Chipsets Use-After-Free Vulnerability

CISA

[CVE-2023-42917] Apple Multiple Products WebKit Memory Corruption Vulnerability

CISA

[CVE-2023-42916] Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability

CISA

[CVE-2023-6345] Google Skia Integer Overflow Vulnerability

CISA

[CVE-2023-49103] ownCloud graphapi Information Disclosure Vulnerability

CISA

[CVE-2023-4911] GNU C Library Buffer Overflow Vulnerability

CISA

[CVE-2023-36584] Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability

CISA

[CVE-2023-1671] Sophos Web Appliance Command Injection Vulnerability

CISA

[CVE-2020-2551] Oracle Fusion Middleware Unspecified Vulnerability

CISA

[CVE-2023-36033] Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability

CISA

[CVE-2023-36025] Microsoft Windows SmartScreen Security Feature Bypass Vulnerability

CISA

[CVE-2023-36036] Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability

CISA

[CVE-2023-47246] SysAid Server Path Traversal Vulnerability

CISA

[CVE-2023-36844] Juniper Junos OS EX Series PHP External Variable Modification Vulnerability

CISA

[CVE-2023-36845] Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability

CISA

[CVE-2023-36846] Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability

CISA

[CVE-2023-36847] Juniper Junos OS EX Series Missing Authentication for Critical Function Vulnerability

CISA

[CVE-2023-36851] Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability

CISA

[CVE-2023-29552] Service Location Protocol (SLP) Denial-of-Service Vulnerability

CISA

[CVE-2023-22518] Atlassian Confluence Data Center and Server Improper Authorization Vulnerability

CISA

[CVE-2023-46604] Apache ActiveMQ Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2023-46748] F5 BIG-IP Configuration Utility SQL Injection Vulnerability

CISA

[CVE-2023-46747] F5 BIG-IP Configuration Utility Authentication Bypass Vulnerability

CISA

[CVE-2023-5631] Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2023-20273] Cisco IOS XE Web UI Command Injection Vulnerability

CISA

[CVE-2023-4966] Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability

CISA

[CVE-2023-20198] Cisco IOS XE Web UI Privilege Escalation Vulnerability

CISA

[CVE-2023-21608] Adobe Acrobat and Reader Use-After-Free Vulnerability

CISA

[CVE-2023-20109] Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability

CISA

[CVE-2023-41763] Microsoft Skype for Business Privilege Escalation Vulnerability

CISA

[CVE-2023-36563] Microsoft WordPad Information Disclosure Vulnerability

CISA

[CVE-2023-44487] HTTP/2 Rapid Reset Attack Vulnerability

CISA

[CVE-2023-22515] Atlassian Confluence Data Center and Server Broken Access Control Vulnerability

CISA

[CVE-2023-40044] Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2023-42824] Apple iOS and iPadOS Kernel Privilege Escalation Vulnerability

CISA

[CVE-2023-42793] JetBrains TeamCity Authentication Bypass Vulnerability

CISA

[CVE-2023-28229] Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability

CISA

[CVE-2023-4211] Arm Mali GPU Kernel Driver Use-After-Free Vulnerability

CISA

[CVE-2023-5217] Google Chromium libvpx Heap Buffer Overflow Vulnerability

CISA

[CVE-2018-14667] Red Hat JBoss RichFaces Framework Expression Language Injection Vulnerability

CISA

[CVE-2023-41991] Apple Multiple Products Improper Certificate Validation Vulnerability

CISA

[CVE-2023-41992] Apple Multiple Products Kernel Privilege Escalation Vulnerability

CISA

[CVE-2023-41993] Apple Multiple Products WebKit Code Execution Vulnerability

CISA

[CVE-2023-41179] Trend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability

CISA

[CVE-2023-28434] MinIO Security Feature Bypass Vulnerability

CISA

[CVE-2022-22265] Samsung Mobile Devices Use-After-Free Vulnerability

CISA

[CVE-2014-8361] Realtek SDK Improper Input Validation Vulnerability

CISA

[CVE-2017-6884] Zyxel EMG2926 Routers Command Injection Vulnerability

CISA

[CVE-2021-3129] Laravel Ignition File Upload Vulnerability

CISA

[CVE-2023-26369] Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability

CISA

[CVE-2023-35674] Android Framework Privilege Escalation Vulnerability

CISA

[CVE-2023-20269] Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability

CISA

[CVE-2023-4863] Google Chromium WebP Heap-Based Buffer Overflow Vulnerability

CISA

[CVE-2023-36761] Microsoft Word Information Disclosure Vulnerability

CISA

[CVE-2023-36802] Microsoft Streaming Service Proxy Privilege Escalation Vulnerability

CISA

[CVE-2023-41064] Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability

CISA

[CVE-2023-41061] Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability

CISA

[CVE-2023-33246] Apache RocketMQ Command Execution Vulnerability

CISA

[CVE-2023-38831] RARLAB WinRAR Code Execution Vulnerability

CISA

[CVE-2023-32315] Ignite Realtime Openfire Path Traversal Vulnerability

CISA

[CVE-2023-38035] Ivanti Sentry Authentication Bypass Vulnerability

CISA

[CVE-2023-27532] Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability

CISA

[CVE-2023-26359] Adobe ColdFusion Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2023-24489] Citrix Content Collaboration ShareFile Improper Access Control Vulnerability

CISA

[CVE-2023-38180] Microsoft .NET Core and Visual Studio Denial-of-Service Vulnerability

CISA

[CVE-2017-18368] Zyxel P660HN-T1A Routers Command Injection Vulnerability

CISA

[CVE-2023-35081] Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability

CISA

[CVE-2023-37580] Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2023-38606] Apple Multiple Products Kernel Unspecified Vulnerability

CISA

[CVE-2023-35078] Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability

CISA

[CVE-2023-29298] Adobe ColdFusion Improper Access Control Vulnerability

CISA

[CVE-2023-38205] Adobe ColdFusion Improper Access Control Vulnerability

CISA

[CVE-2023-3519] Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability

CISA

[CVE-2023-36884] Microsoft Windows Search Remote Code Execution Vulnerability

CISA

[CVE-2022-29303] SolarView Compact Command Injection Vulnerability

CISA

[CVE-2023-37450] Apple Multiple Products WebKit Code Execution Vulnerability

CISA

[CVE-2023-32046] Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability

CISA

[CVE-2023-32049] Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability

CISA

[CVE-2023-35311] Microsoft Outlook Security Feature Bypass Vulnerability

CISA

[CVE-2023-36874] Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability

CISA

[CVE-2022-31199] Netwrix Auditor Insecure Object Deserialization Vulnerability

CISA

[CVE-2021-29256] Arm Mali GPU Kernel Driver Use-After-Free Vulnerability

CISA

[CVE-2019-17621] D-Link DIR-859 Router Command Execution Vulnerability

CISA

[CVE-2019-20500] D-Link DWL-2600AP Access Point Command Injection Vulnerability

CISA

[CVE-2021-25487] Samsung Mobile Devices Out-of-Bounds Read Vulnerability

CISA

[CVE-2021-25489] Samsung Mobile Devices Improper Input Validation Vulnerability

CISA

[CVE-2021-25394] Samsung Mobile Devices Race Condition Vulnerability

CISA

[CVE-2021-25395] Samsung Mobile Devices Race Condition Vulnerability

CISA

[CVE-2021-25371] Samsung Mobile Devices Unspecified Vulnerability

CISA

[CVE-2021-25372] Samsung Mobile Devices Improper Boundary Check Vulnerability

CISA

[CVE-2023-32434] Apple Multiple Products Integer Overflow Vulnerability

CISA

[CVE-2023-32435] Apple Multiple Products WebKit Memory Corruption Vulnerability

CISA

[CVE-2023-32439] Apple Multiple Products WebKit Type Confusion Vulnerability

CISA

[CVE-2023-20867] VMware Tools Authentication Bypass Vulnerability

CISA

[CVE-2023-27992] Zyxel Multiple NAS Devices Command Injection Vulnerability

CISA

[CVE-2023-20887] Vmware Aria Operations for Networks Command Injection Vulnerability

CISA

[CVE-2020-35730] Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2020-12641] Roundcube Webmail Remote Code Execution Vulnerability

CISA

[CVE-2021-44026] Roundcube Webmail SQL Injection Vulnerability

CISA

[CVE-2016-9079] Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free Vulnerability

CISA

[CVE-2016-0165] Microsoft Win32k Privilege Escalation Vulnerability

CISA

[CVE-2023-27997] Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability

CISA

[CVE-2023-3079] Google Chromium V8 Type Confusion Vulnerability

CISA

[CVE-2023-33009] Zyxel Multiple Firewalls Buffer Overflow Vulnerability

CISA

[CVE-2023-33010] Zyxel Multiple Firewalls Buffer Overflow Vulnerability

CISA

[CVE-2023-34362] Progress MOVEit Transfer SQL Injection Vulnerability

CISA

[CVE-2023-28771] Zyxel Multiple Firewalls OS Command Injection Vulnerability

CISA

[CVE-2023-2868] Barracuda Networks ESG Appliance Improper Input Validation Vulnerability

CISA

[CVE-2023-32409] Apple Multiple Products WebKit Sandbox Escape Vulnerability

CISA

[CVE-2023-28204] Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability

CISA

[CVE-2023-32373] Apple Multiple Products WebKit Use-After-Free Vulnerability

CISA

[CVE-2004-1464] Cisco IOS Denial-of-Service Vulnerability

CISA

[CVE-2016-6415] Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability

CISA

[CVE-2023-21492] Samsung Mobile Devices Insertion of Sensitive Information Into Log File Vulnerability

CISA

[CVE-2023-25717] Multiple Ruckus Wireless Products CSRF and RCE Vulnerability

CISA

[CVE-2021-3560] Red Hat Polkit Incorrect Authorization Vulnerability

CISA

[CVE-2014-0196] Linux Kernel Race Condition Vulnerability

CISA

[CVE-2010-3904] Linux Kernel Improper Input Validation Vulnerability

CISA

[CVE-2015-5317] Jenkins User Interface (UI) Information Disclosure Vulnerability

CISA

[CVE-2016-3427] Oracle Java SE and JRockit Unspecified Vulnerability

CISA

[CVE-2016-8735] Apache Tomcat Remote Code Execution Vulnerability

CISA

[CVE-2023-29336] Microsoft Win32K Privilege Escalation Vulnerability

CISA

[CVE-2023-1389] TP-Link Archer AX-21 Command Injection Vulnerability

CISA

[CVE-2021-45046] Apache Log4j2 Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2023-21839] Oracle WebLogic Server Unspecified Vulnerability

CISA

[CVE-2023-28432] MinIO Information Disclosure Vulnerability

CISA

[CVE-2023-27350] PaperCut MF/NG Improper Access Control Vulnerability

CISA

[CVE-2023-2136] Google Chrome Skia Integer Overflow Vulnerability

CISA

[CVE-2017-6742] Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability

CISA

[CVE-2019-8526] Apple macOS Use-After-Free Vulnerability

CISA

[CVE-2023-2033] Google Chromium V8 Type Confusion Vulnerability

CISA

[CVE-2023-20963] Android Framework Privilege Escalation Vulnerability

CISA

[CVE-2023-29492] Novi Survey Insecure Deserialization Vulnerability

CISA

[CVE-2023-28252] Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability

CISA

[CVE-2023-28205] Apple Multiple Products WebKit Use-After-Free Vulnerability

CISA

[CVE-2023-28206] Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability

CISA

[CVE-2021-27876] Veritas Backup Exec Agent File Access Vulnerability

CISA

[CVE-2021-27877] Veritas Backup Exec Agent Improper Authentication Vulnerability

CISA

[CVE-2021-27878] Veritas Backup Exec Agent Command Execution Vulnerability

CISA

[CVE-2019-1388] Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability

CISA

[CVE-2023-26083] Arm Mali GPU Kernel Driver Information Disclosure Vulnerability

CISA

[CVE-2022-27926] Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2013-3163] Microsoft Internet Explorer Memory Corruption Vulnerability

CISA

[CVE-2017-7494] Samba Remote Code Execution Vulnerability

CISA

[CVE-2022-42948] Fortra Cobalt Strike User Interface Remote Code Execution Vulnerability

CISA

[CVE-2022-39197] Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2021-30900] Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability

CISA

[CVE-2022-38181] Arm Mali GPU Kernel Driver Use-After-Free Vulnerability

CISA

[CVE-2023-0266] Linux Kernel Use-After-Free Vulnerability

CISA

[CVE-2022-3038] Google Chromium Network Service Use-After-Free Vulnerability

CISA

[CVE-2022-22706] Arm Mali GPU Kernel Driver Unspecified Vulnerability

CISA

[CVE-2023-26360] Adobe ColdFusion Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2023-23397] Microsoft Office Outlook Privilege Escalation Vulnerability

CISA

[CVE-2023-24880] Microsoft Windows SmartScreen Security Feature Bypass Vulnerability

CISA

[CVE-2022-41328] Fortinet FortiOS Path Traversal Vulnerability

CISA

[CVE-2021-39144] XStream Remote Code Execution Vulnerability

CISA

[CVE-2020-5741] Plex Media Server Remote Code Execution Vulnerability

CISA

[CVE-2022-28810] Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability

CISA

[CVE-2022-33891] Apache Spark Command Injection Vulnerability

CISA

[CVE-2022-35914] Teclib GLPI Remote Code Execution Vulnerability

CISA

[CVE-2022-36537] ZK Framework AuUploader Unspecified Vulnerability

CISA

[CVE-2022-47986] IBM Aspera Faspex Code Execution Vulnerability

CISA

[CVE-2022-41223] Mitel MiVoice Connect Code Injection Vulnerability

CISA

[CVE-2022-40765] Mitel MiVoice Connect Command Injection Vulnerability

CISA

[CVE-2022-46169] Cacti Command Injection Vulnerability

CISA

[CVE-2023-21715] Microsoft Office Publisher Security Feature Bypass Vulnerability

CISA

[CVE-2023-23376] Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability

CISA

[CVE-2023-23529] Apple Multiple Products WebKit Type Confusion Vulnerability

CISA

[CVE-2023-21823] Microsoft Windows Graphic Component Privilege Escalation Vulnerability

CISA

[CVE-2015-2291] Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability

CISA

[CVE-2022-24990] TerraMaster OS Remote Command Execution Vulnerability

CISA

[CVE-2023-0669] Fortra GoAnywhere MFT Remote Code Execution Vulnerability

CISA

[CVE-2022-21587] Oracle E-Business Suite Unspecified Vulnerability

CISA

[CVE-2023-22952] Multiple SugarCRM Products Remote Code Execution Vulnerability

CISA

[CVE-2017-11357] Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability

CISA

[CVE-2022-47966] Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability

CISA

[CVE-2022-44877] CWP Control Web Panel OS Command Injection Vulnerability

CISA

[CVE-2022-41080] Microsoft Exchange Server Privilege Escalation Vulnerability

CISA

[CVE-2023-21674] Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability

CISA

[CVE-2018-5430] TIBCO JasperReports Server Information Disclosure Vulnerability

CISA

[CVE-2018-18809] TIBCO JasperReports Library Directory Traversal Vulnerability

CISA

[CVE-2022-42856] Apple iOS Type Confusion Vulnerability

CISA

[CVE-2022-42475] Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability

CISA

[CVE-2022-44698] Microsoft Defender SmartScreen Security Feature Bypass Vulnerability

CISA

[CVE-2022-27518] Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability

CISA

[CVE-2022-26500] Veeam Backup & Replication Remote Code Execution Vulnerability

CISA

[CVE-2022-26501] Veeam Backup & Replication Remote Code Execution Vulnerability

CISA

[CVE-2022-4262] Google Chromium V8 Type Confusion Vulnerability

CISA

[CVE-2021-35587] Oracle Fusion Middleware Unspecified Vulnerability

CISA

[CVE-2022-4135] Google Chromium GPU Heap Buffer Overflow Vulnerability

CISA

[CVE-2022-41049] Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability

CISA

[CVE-2022-41091] Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability

CISA

[CVE-2022-41073] Microsoft Windows Print Spooler Privilege Escalation Vulnerability

CISA

[CVE-2022-41125] Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability

CISA

[CVE-2022-41128] Microsoft Windows Scripting Languages Remote Code Execution Vulnerability

CISA

[CVE-2021-25337] Samsung Mobile Devices Improper Access Control Vulnerability

CISA

[CVE-2021-25369] Samsung Mobile Devices Improper Access Control Vulnerability

CISA

[CVE-2021-25370] Samsung Mobile Devices Memory Corruption Vulnerability

CISA

[CVE-2022-3723] Google Chromium V8 Type Confusion Vulnerability

CISA

[CVE-2022-42827] Apple iOS and iPadOS Out-of-Bounds Write Vulnerability

CISA

[CVE-2020-3433] Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability

CISA

[CVE-2020-3153] Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability

CISA

[CVE-2018-19323] GIGABYTE Multiple Products Privilege Escalation Vulnerability

CISA

[CVE-2018-19322] GIGABYTE Multiple Products Code Execution Vulnerability

CISA

[CVE-2018-19321] GIGABYTE Multiple Products Privilege Escalation Vulnerability

CISA

[CVE-2018-19320] GIGABYTE Multiple Products Unspecified Vulnerability

CISA

[CVE-2022-41352] Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability

CISA

[CVE-2021-3493] Linux Kernel Privilege Escalation Vulnerability

CISA

[CVE-2022-40684] Fortinet Multiple Products Authentication Bypass Vulnerability

CISA

[CVE-2022-41033] Microsoft Windows COM+ Event System Service Privilege Escalation Vulnerability

CISA

[CVE-2022-41082] Microsoft Exchange Server Remote Code Execution Vulnerability

CISA

[CVE-2022-41040] Microsoft Exchange Server Server-Side Request Forgery Vulnerability

CISA

[CVE-2022-36804] Atlassian Bitbucket Server and Data Center Command Injection Vulnerability

CISA

[CVE-2022-3236] Sophos Firewall Code Injection Vulnerability

CISA

[CVE-2022-35405] Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability

CISA

[CVE-2022-40139] Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability

CISA

[CVE-2013-6282] Linux Kernel Improper Input Validation Vulnerability

CISA

[CVE-2013-2597] Code Aurora ACDB Audio Driver Stack-based Buffer Overflow Vulnerability

CISA

[CVE-2013-2596] Linux Kernel Integer Overflow Vulnerability

CISA

[CVE-2013-2094] Linux Kernel Privilege Escalation Vulnerability

CISA

[CVE-2010-2568] Microsoft Windows Remote Code Execution Vulnerability

CISA

[CVE-2022-37969] Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability

CISA

[CVE-2022-32917] Apple iOS, iPadOS, and macOS Remote Code Execution Vulnerability

CISA

[CVE-2022-3075] Google Chromium Mojo Insufficient Data Validation Vulnerability

CISA

[CVE-2022-27593] QNAP Photo Station Externally Controlled Reference Vulnerability

CISA

[CVE-2022-26258] D-Link DIR-820L Remote Code Execution Vulnerability

CISA

[CVE-2020-9934] Apple iOS, iPadOS, and macOS Input Validation Vulnerability

CISA

[CVE-2018-7445] MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability

CISA

[CVE-2018-6530] D-Link Multiple Routers OS Command Injection Vulnerability

CISA

[CVE-2018-2628] Oracle WebLogic Server Unspecified Vulnerability

CISA

[CVE-2018-13374] Fortinet FortiOS and FortiADC Improper Access Control Vulnerability

CISA

[CVE-2017-5521] NETGEAR Multiple Devices Exposure of Sensitive Information Vulnerability

CISA

[CVE-2011-4723] D-Link DIR-300 Router Cleartext Storage of a Password Vulnerability

CISA

[CVE-2011-1823] Android OS Privilege Escalation Vulnerability

CISA

[CVE-2022-26352] dotCMS Unrestricted Upload of File Vulnerability

CISA

[CVE-2022-24706] Apache CouchDB Insecure Default Initialization of Resource Vulnerability

CISA

[CVE-2022-24112] Apache APISIX Authentication Bypass Vulnerability

CISA

[CVE-2022-22963] VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability

CISA

[CVE-2022-2294] WebRTC Heap Buffer Overflow Vulnerability

CISA

[CVE-2021-39226] Grafana Authentication Bypass Vulnerability

CISA

[CVE-2021-38406] Delta Electronics DOPSoft 2 Improper Input Validation Vulnerability

CISA

[CVE-2021-31010] Apple iOS, macOS, watchOS Sandbox Bypass Vulnerability

CISA

[CVE-2020-36193] PEAR Archive_Tar Improper Link Resolution Vulnerability

CISA

[CVE-2020-28949] PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2022-0028] Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability

CISA

[CVE-2022-22536] SAP Multiple Products HTTP Request Smuggling Vulnerability

CISA

[CVE-2022-32894] Apple iOS and macOS Out-of-Bounds Write Vulnerability

CISA

[CVE-2022-32893] Apple iOS and macOS Out-of-Bounds Write Vulnerability

CISA

[CVE-2022-2856] Google Chromium Intents Insufficient Input Validation Vulnerability

CISA

[CVE-2022-26923] Microsoft Active Directory Domain Services Privilege Escalation Vulnerability

CISA

[CVE-2022-21971] Microsoft Windows Runtime Remote Code Execution Vulnerability

CISA

[CVE-2017-15944] Palo Alto Networks PAN-OS Remote Code Execution Vulnerability

CISA

[CVE-2022-27925] Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability

CISA

[CVE-2022-37042] Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerability

CISA

[CVE-2022-34713] Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

CISA

[CVE-2022-30333] RARLAB UnRAR Directory Traversal Vulnerability

CISA

[CVE-2022-27924] Synacor Zimbra Collaboration Suite (ZCS) Command Injection Vulnerability

CISA

[CVE-2022-26138] Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability

CISA

[CVE-2022-22047] Microsoft Windows Client Server Runtime Subsystem (CSRSS) Privilege Escalation Vulnerability

CISA

[CVE-2022-26925] Microsoft Windows LSA Spoofing Vulnerability

CISA

[CVE-2022-29499] Mitel MiVoice Connect Data Validation Vulnerability

CISA

[CVE-2021-30533] Google Chromium PopupBlocker Security Bypass Vulnerability

CISA

[CVE-2021-4034] Red Hat Polkit Out-of-Bounds Read and Write Vulnerability

CISA

[CVE-2021-30983] Apple iOS and iPadOS Buffer Overflow Vulnerability

CISA

[CVE-2020-3837] Apple Multiple Products Memory Corruption Vulnerability

CISA

[CVE-2020-9907] Apple Multiple Products Memory Corruption Vulnerability

CISA

[CVE-2019-8605] Apple Multiple Products Use-After-Free Vulnerability

CISA

[CVE-2018-4344] Apple Multiple Products Memory Corruption Vulnerability

CISA

[CVE-2022-30190] Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

CISA

[CVE-2021-38163] SAP NetWeaver Unrestricted File Upload Vulnerability

CISA

[CVE-2016-2386] SAP NetWeaver SQL Injection Vulnerability

CISA

[CVE-2016-2388] SAP NetWeaver Information Disclosure Vulnerability

CISA

[CVE-2019-7195] QNAP Photo Station Path Traversal Vulnerability

CISA

[CVE-2019-7194] QNAP Photo Station Path Traversal Vulnerability

CISA

[CVE-2019-7193] QNAP QTS Improper Input Validation Vulnerability

CISA

[CVE-2019-7192] QNAP Photo Station Improper Access Control Vulnerability

CISA

[CVE-2019-5825] Google Chromium V8 Out-of-Bounds Write Vulnerability

CISA

[CVE-2019-15271] Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2018-6065] Google Chromium V8 Integer Overflow Vulnerability

CISA

[CVE-2018-4990] Adobe Acrobat and Reader Double Free Vulnerability

CISA

[CVE-2018-17480] Google Chromium V8 Out-of-Bounds Write Vulnerability

CISA

[CVE-2018-17463] Google Chromium V8 Remote Code Execution Vulnerability

CISA

[CVE-2017-6862] NETGEAR Multiple Devices Buffer Overflow Vulnerability

CISA

[CVE-2017-5070] Google Chromium V8 Type Confusion Vulnerability

CISA

[CVE-2017-5030] Google Chromium V8 Memory Corruption Vulnerability

CISA

[CVE-2016-5198] Google Chromium V8 Out-of-Bounds Memory Vulnerability

CISA

[CVE-2016-1646] Google Chromium V8 Out-of-Bounds Read Vulnerability

CISA

[CVE-2013-1331] Microsoft Office Buffer Overflow Vulnerability

CISA

[CVE-2012-5054] Adobe Flash Player Integer Overflow Vulnerability

CISA

[CVE-2012-4969] Microsoft Internet Explorer Use-After-Free Vulnerability

CISA

[CVE-2012-1889] Microsoft XML Core Services Memory Corruption Vulnerability

CISA

[CVE-2012-0767] Adobe Flash Player Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2012-0754] Adobe Flash Player Memory Corruption Vulnerability

CISA

[CVE-2012-0151] Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability

CISA

[CVE-2011-2462] Adobe Reader and Acrobat Universal 3D Memory Corruption Vulnerability

CISA

[CVE-2011-0609] Adobe Flash Player Unspecified Vulnerability

CISA

[CVE-2010-2883] Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability

CISA

[CVE-2010-2572] Microsoft PowerPoint Buffer Overflow Vulnerability

CISA

[CVE-2010-1297] Adobe Flash Player Memory Corruption Vulnerability

CISA

[CVE-2009-4324] Adobe Acrobat and Reader Use-After-Free Vulnerability

CISA

[CVE-2009-3953] Adobe Acrobat and Reader Universal 3D Remote Code Execution Vulnerability

CISA

[CVE-2009-1862] Adobe Acrobat and Reader, Flash Player Unspecified Vulnerability

CISA

[CVE-2009-0563] Microsoft Office Buffer Overflow Vulnerability

CISA

[CVE-2009-0557] Microsoft Office Object Record Corruption Vulnerability

CISA

[CVE-2008-0655] Adobe Acrobat and Reader Unspecified Vulnerability

CISA

[CVE-2007-5659] Adobe Acrobat and Reader Buffer Overflow Vulnerability

CISA

[CVE-2006-2492] Microsoft Word Malformed Object Pointer Vulnerability

CISA

[CVE-2022-26134] Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability

CISA

[CVE-2019-3010] Oracle Solaris Privilege Escalation Vulnerability

CISA

[CVE-2016-3393] Microsoft Windows Graphics Device Interface (GDI) Remote Code Execution Vulnerability

CISA

[CVE-2016-7256] Microsoft Windows Open Type Font Remote Code Execution Vulnerability

CISA

[CVE-2016-1010] Adobe Flash Player and AIR Integer Overflow Vulnerability

CISA

[CVE-2016-0984] Adobe Flash Player and AIR Use-After-Free Vulnerability

CISA

[CVE-2016-0034] Microsoft Silverlight Runtime Remote Code Execution Vulnerability

CISA

[CVE-2015-0310] Adobe Flash Player ASLR Bypass Vulnerability

CISA

[CVE-2015-0016] Microsoft Windows TS WebProxy Directory Traversal Vulnerability

CISA

[CVE-2015-0071] Microsoft Internet Explorer ASLR Bypass Vulnerability

CISA

[CVE-2015-2360] Microsoft Win32k Privilege Escalation Vulnerability

CISA

[CVE-2015-2425] Microsoft Internet Explorer Memory Corruption Vulnerability

CISA

[CVE-2015-1769] Microsoft Windows Mount Manager Privilege Escalation Vulnerability

CISA

[CVE-2015-4495] Mozilla Firefox Security Feature Bypass Vulnerability

CISA

[CVE-2015-8651] Adobe Flash Player Integer Overflow Vulnerability

CISA

[CVE-2015-6175] Microsoft Windows Kernel Privilege Escalation Vulnerability

CISA

[CVE-2015-1671] Microsoft Windows Remote Code Execution Vulnerability

CISA

[CVE-2014-4148] Microsoft Windows Remote Code Execution Vulnerability

CISA

[CVE-2014-8439] Adobe Flash Player Dereferenced Pointer Vulnerability

CISA

[CVE-2014-4123] Microsoft Internet Explorer Privilege Escalation Vulnerability

CISA

[CVE-2014-0546] Adobe Reader and Acrobat Sandbox Bypass Vulnerability

CISA

[CVE-2014-2817] Microsoft Internet Explorer Privilege Escalation Vulnerability

CISA

[CVE-2014-4077] Microsoft IME Japanese Privilege Escalation Vulnerability

CISA

[CVE-2014-3153] Linux Kernel Privilege Escalation Vulnerability

CISA

[CVE-2013-7331] Microsoft Internet Explorer Information Disclosure Vulnerability

CISA

[CVE-2013-3993] IBM InfoSphere BigInsights Invalid Input Vulnerability

CISA

[CVE-2013-3896] Microsoft Silverlight Information Disclosure Vulnerability

CISA

[CVE-2013-2423] Oracle JRE Unspecified Vulnerability

CISA

[CVE-2013-0431] Oracle JRE Sandbox Bypass Vulnerability

CISA

[CVE-2013-0422] Oracle JRE Remote Code Execution Vulnerability

CISA

[CVE-2013-0074] Microsoft Silverlight Double Dereference Vulnerability

CISA

[CVE-2012-1710] Oracle Fusion Middleware Unspecified Vulnerability

CISA

[CVE-2010-1428] Red Hat JBoss Information Disclosure Vulnerability

CISA

[CVE-2010-0840] Oracle JRE Unspecified Vulnerability

CISA

[CVE-2010-0738] Red Hat JBoss Authentication Bypass Vulnerability

CISA

[CVE-2018-8611] Microsoft Windows Kernel Privilege Escalation Vulnerability

CISA

[CVE-2018-19953] QNAP NAS File Station Cross-Site Scripting Vulnerability

CISA

[CVE-2018-19949] QNAP NAS File Station Command Injection Vulnerability

CISA

[CVE-2018-19943] QNAP NAS File Station Cross-Site Scripting Vulnerability

CISA

[CVE-2017-0147] Microsoft Windows SMBv1 Information Disclosure Vulnerability

CISA

[CVE-2017-0022] Microsoft XML Core Services Information Disclosure Vulnerability

CISA

[CVE-2017-0005] Microsoft Windows Graphics Device Interface (GDI) Privilege Escalation Vulnerability

CISA

[CVE-2017-0149] Microsoft Internet Explorer Memory Corruption Vulnerability

CISA

[CVE-2017-0210] Microsoft Internet Explorer Privilege Escalation Vulnerability

CISA

[CVE-2017-8291] Artifex Ghostscript Type Confusion Vulnerability

CISA

[CVE-2017-8543] Microsoft Windows Search Remote Code Execution Vulnerability

CISA

[CVE-2017-18362] Kaseya VSA SQL Injection Vulnerability

CISA

[CVE-2016-0162] Microsoft Internet Explorer Information Disclosure Vulnerability

CISA

[CVE-2016-3351] Microsoft Internet Explorer and Edge Information Disclosure Vulnerability

CISA

[CVE-2016-4655] Apple iOS Information Disclosure Vulnerability

CISA

[CVE-2016-4656] Apple iOS Memory Corruption Vulnerability

CISA

[CVE-2016-4657] Apple iOS Webkit Memory Corruption Vulnerability

CISA

[CVE-2016-6366] Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability

CISA

[CVE-2016-6367] Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability

CISA

[CVE-2016-3298] Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability

CISA

[CVE-2022-20821] Cisco IOS XR Open Port Vulnerability

CISA

[CVE-2021-1048] Android Kernel Use-After-Free Vulnerability

CISA

[CVE-2021-0920] Android Kernel Race Condition Vulnerability

CISA

[CVE-2021-30883] Apple Multiple Products Memory Corruption Vulnerability

CISA

[CVE-2020-1027] Microsoft Windows Kernel Privilege Escalation Vulnerability

CISA

[CVE-2020-0638] Microsoft Update Notification Manager Privilege Escalation Vulnerability

CISA

[CVE-2019-7286] Apple Multiple Products Memory Corruption Vulnerability

CISA

[CVE-2019-7287] Apple iOS Memory Corruption Vulnerability

CISA

[CVE-2019-0676] Microsoft Internet Explorer Information Disclosure Vulnerability

CISA

[CVE-2019-5786] Google Chrome Blink Use-After-Free Vulnerability

CISA

[CVE-2019-0703] Microsoft Windows SMB Information Disclosure Vulnerability

CISA

[CVE-2019-0880] Microsoft Windows Privilege Escalation Vulnerability

CISA

[CVE-2019-13720] Google Chrome WebAudio Use-After-Free Vulnerability

CISA

[CVE-2019-11707] Mozilla Firefox and Thunderbird Type Confusion Vulnerability

CISA

[CVE-2019-11708] Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability

CISA

[CVE-2019-8720] WebKitGTK Memory Corruption Vulnerability

CISA

[CVE-2019-18426] WhatsApp Cross-Site Scripting Vulnerability

CISA

[CVE-2019-1385] Microsoft Windows AppX Deployment Extensions Privilege Escalation Vulnerability

CISA

[CVE-2019-1130] Microsoft Windows AppX Deployment Service Privilege Escalation Vulnerability

CISA

[CVE-2018-5002] Adobe Flash Player Stack-based Buffer Overflow Vulnerability

CISA

[CVE-2018-8589] Microsoft Win32k Privilege Escalation Vulnerability

CISA

[CVE-2022-30525] Zyxel Multiple Firewalls OS Command Injection Vulnerability

CISA

[CVE-2022-22947] VMware Spring Cloud Gateway Code Injection Vulnerability

CISA

[CVE-2022-1388] F5 BIG-IP Missing Authentication Vulnerability

CISA

[CVE-2021-1789] Apple Multiple Products Type Confusion Vulnerability

CISA

[CVE-2019-8506] Apple Multiple Products Type Confusion Vulnerability

CISA

[CVE-2014-4113] Microsoft Win32k Privilege Escalation Vulnerability

CISA

[CVE-2014-0322] Microsoft Internet Explorer Use-After-Free Vulnerability

CISA

[CVE-2014-0160] OpenSSL Information Disclosure Vulnerability

CISA

[CVE-2022-29464] WSO2 Multiple Products Unrestrictive Upload of File Vulnerability

CISA

[CVE-2022-26904] Microsoft Windows User Profile Service Privilege Escalation Vulnerability

CISA

[CVE-2022-21919] Microsoft Windows User Profile Service Privilege Escalation Vulnerability

CISA

[CVE-2022-0847] Linux Kernel Privilege Escalation Vulnerability

CISA

[CVE-2021-41357] Microsoft Win32k Privilege Escalation Vulnerability

CISA

[CVE-2021-40450] Microsoft Win32k Privilege Escalation Vulnerability

CISA

[CVE-2019-1003029] Jenkins Script Security Plugin Sandbox Bypass Vulnerability

CISA

[CVE-2018-6882] Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability

CISA

[CVE-2019-3568] WhatsApp VOIP Stack Buffer Overflow Vulnerability

CISA

[CVE-2022-22718] Microsoft Windows Print Spooler Privilege Escalation Vulnerability

CISA

[CVE-2022-22960] VMware Multiple Products Privilege Escalation Vulnerability

CISA

[CVE-2022-1364] Google Chromium V8 Type Confusion Vulnerability

CISA

[CVE-2019-3929] Crestron Multiple Products Command Injection Vulnerability

CISA

[CVE-2019-16057] D-Link DNS-320 Remote Code Execution Vulnerability

CISA

[CVE-2018-7841] Schneider Electric U.motion Builder SQL Injection Vulnerability

CISA

[CVE-2016-4523] Trihedral VTScada (formerly VTS) Denial-of-Service Vulnerability

CISA

[CVE-2014-0780] InduSoft Web Studio NTWebServer Directory Traversal Vulnerability

CISA

[CVE-2010-5330] Ubiquiti AirOS Command Injection Vulnerability

CISA

[CVE-2007-3010] Alcatel OmniPCX Enterprise Remote Code Execution Vulnerability

CISA

[CVE-2022-22954] VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability

CISA

[CVE-2022-24521] Microsoft Windows CLFS Driver Privilege Escalation Vulnerability

CISA

[CVE-2018-7602] Drupal Core Remote Code Execution Vulnerability

CISA

[CVE-2018-20753] Kaseya VSA Remote Code Execution Vulnerability

CISA

[CVE-2015-5123] Adobe Flash Player Use-After-Free Vulnerability

CISA

[CVE-2015-5122] Adobe Flash Player Use-After-Free Vulnerability

CISA

[CVE-2015-3113] Adobe Flash Player Heap-Based Buffer Overflow Vulnerability

CISA

[CVE-2015-2502] Microsoft Internet Explorer Memory Corruption Vulnerability

CISA

[CVE-2015-0313] Adobe Flash Player Use-After-Free Vulnerability

CISA

[CVE-2015-0311] Adobe Flash Player Remote Code Execution Vulnerability

CISA

[CVE-2014-9163] Adobe Flash Player Stack-Based Buffer Overflow Vulnerability

CISA

[CVE-2022-23176] WatchGuard Firebox and XTM Privilege Escalation Vulnerability

CISA

[CVE-2021-42287] Microsoft Active Directory Domain Services Privilege Escalation Vulnerability

CISA

[CVE-2021-42278] Microsoft Active Directory Domain Services Privilege Escalation Vulnerability

CISA

[CVE-2021-39793] Google Pixel Out-of-Bounds Write Vulnerability

CISA

[CVE-2021-27852] Checkbox Survey Deserialization of Untrusted Data Vulnerability

CISA

[CVE-2021-22600] Linux Kernel Privilege Escalation Vulnerability

CISA

[CVE-2020-2509] QNAP Network-Attached Storage (NAS) Command Injection Vulnerability

CISA

[CVE-2017-11317] Telerik UI for ASP.NET AJAX Unrestricted File Upload Vulnerability

CISA

[CVE-2021-3156] Sudo Heap-Based Buffer Overflow Vulnerability

CISA

[CVE-2021-31166] Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability

CISA

[CVE-2017-0148] Microsoft SMBv1 Server Remote Code Execution Vulnerability

CISA

[CVE-2022-22965] Spring Framework JDK 9+ Remote Code Execution Vulnerability

CISA

[CVE-2022-22675] Apple macOS Out-of-Bounds Write Vulnerability

CISA

[CVE-2022-22674] Apple macOS Out-of-Bounds Read Vulnerability

CISA

[CVE-2021-45382] D-Link Multiple Routers Remote Code Execution Vulnerability

CISA

[CVE-2022-26871] Trend Micro Apex Central Arbitrary File Upload Vulnerability

CISA

[CVE-2022-1040] Sophos Firewall Authentication Bypass Vulnerability

CISA

[CVE-2021-34484] Microsoft Windows User Profile Service Privilege Escalation Vulnerability

CISA

[CVE-2021-28799] QNAP NAS Improper Authorization Vulnerability

CISA

[CVE-2021-21551] Dell dbutil Driver Insufficient Access Control Vulnerability

CISA

[CVE-2018-10562] Dasan GPON Routers Command Injection Vulnerability

CISA

[CVE-2018-10561] Dasan GPON Routers Authentication Bypass Vulnerability

CISA

[CVE-2022-1096] Google Chromium V8 Type Confusion Vulnerability

CISA

[CVE-2022-0543] Debian-specific Redis Server Lua Sandbox Escape Vulnerability

CISA

[CVE-2021-38646] Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability

CISA

[CVE-2021-34486] Microsoft Windows Event Tracing Privilege Escalation Vulnerability

CISA

[CVE-2021-26085] Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability

CISA

[CVE-2021-20028] SonicWall Secure Remote Access (SRA) SQL Injection Vulnerability

CISA

[CVE-2019-7483] SonicWall SMA100 Directory Traversal Vulnerability

CISA

[CVE-2018-8440] Microsoft Windows Privilege Escalation Vulnerability

CISA

[CVE-2018-8406] Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability

CISA

[CVE-2018-8405] Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability

CISA

[CVE-2017-0213] Microsoft Windows Privilege Escalation Vulnerability

CISA

[CVE-2017-0059] Microsoft Internet Explorer Information Disclosure Vulnerability

CISA

[CVE-2017-0037] Microsoft Edge and Internet Explorer Type Confusion Vulnerability

CISA

[CVE-2016-7201] Microsoft Edge Memory Corruption Vulnerability

CISA

[CVE-2016-7200] Microsoft Edge Memory Corruption Vulnerability

CISA

[CVE-2016-0189] Microsoft Internet Explorer Memory Corruption Vulnerability

CISA

[CVE-2016-0151] Microsoft Windows CSRSS Security Feature Bypass Vulnerability

CISA

[CVE-2016-0040] Microsoft Windows Kernel Privilege Escalation Vulnerability

CISA

[CVE-2015-2426] Microsoft Windows Adobe Type Manager Library Remote Code Execution Vulnerability

CISA

[CVE-2015-2419] Microsoft Internet Explorer Memory Corruption Vulnerability