[CISA-2022:0303] CISA Adds 95 Known Exploited Vulnerabilities to Catalog
CISA has added 95 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
[CVE-2002-0367] Microsoft Windows Privilege Escalation Vulnerability
smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Windows
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2002-0367
[CVE-2004-0210] Microsoft Windows Privilege Escalation Vulnerability
A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Windows
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2004-0210
[CVE-2008-2992] Adobe Reader and Acrobat Input Validation Vulnerability
Adobe Acrobat and Reader contain an input validation issue in a JavaScript method that could potentially lead to remote code execution.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Adobe
- Product: Acrobat and Reader
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2008-2992
[CVE-2008-3431] Oracle VirtualBox Insufficient Input Validation Vulnerability
An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Oracle
- Product: VirtualBox
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2008-3431
[CVE-2009-1123] Microsoft Windows Improper Input Validation Vulnerability
The kernel in Microsoft Windows does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Windows
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2009-1123
[CVE-2009-3129] Microsoft Excel Featheader Record Memory Corruption Vulnerability
Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Excel
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2009-3129
[CVE-2010-0188] Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability
Unspecified vulnerability in Adobe Reader and Acrobat allows attackers to cause a denial of service or possibly execute arbitrary code.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Known
- Vendor: Adobe
- Product: Reader and Acrobat
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2010-0188
[CVE-2010-0232] Microsoft Windows Kernel Exception Handler Vulnerability
The kernel in Microsoft Windows, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Windows
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2010-0232
[CVE-2010-3333] Microsoft Office Stack-based Buffer Overflow Vulnerability
A stack-based buffer overflow vulnerability exists in the parsing of RTF data in Microsoft Office and earlier allows an attacker to perform remote code execution.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Office
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2010-3333
[CVE-2011-0611] Adobe Flash Player Remote Code Execution Vulnerability
Adobe Flash Player contains a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content.
- Action The impacted product is end-of-life and should be disconnected if still in use.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Adobe
- Product: Flash Player
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2011-0611
[CVE-2011-1889] Microsoft Forefront TMG Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the Forefront Threat Management Gateway (TMG) Firewall Client Winsock provider that could allow code execution in the security context of the client application.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Forefront Threat Management Gateway (TMG)
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2011-1889
[CVE-2011-3544] Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Oracle
- Product: Java SE JDK and JRE
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2011-3544
[CVE-2012-0507] Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
An incorrect type vulnerability exists in the Concurrency component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Known
- Vendor: Oracle
- Product: Java SE
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2012-0507
[CVE-2012-1535] Adobe Flash Player Arbitrary Code Execution Vulnerability
Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code or cause a denial of service via crafted SWF content.
- Action The impacted product is end-of-life and should be disconnected if still in use.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Adobe
- Product: Flash Player
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2012-1535
[CVE-2012-1723] Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Hotspot.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Known
- Vendor: Oracle
- Product: Java SE
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2012-1723
[CVE-2012-1856] Microsoft Office MSCOMCTL.OCX Remote Code Execution Vulnerability
The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Office
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2012-1856
[CVE-2012-4681] Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
The Java Runtime Environment (JRE) component in Oracle Java SE allow for remote code execution.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Oracle
- Product: Java SE
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2012-4681
[CVE-2013-0632] Adobe ColdFusion Authentication Bypass Vulnerability
An authentication bypass vulnerability exists in Adobe ColdFusion which could result in an unauthorized user gaining administrative access.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Adobe
- Product: ColdFusion
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2013-0632
[CVE-2013-0640] Adobe Reader and Acrobat Memory Corruption Vulnerability
An memory corruption vulnerability exists in the acroform.dll in Adobe Reader that allows an attacker to perform remote code execution.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Adobe
- Product: Reader and Acrobat
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2013-0640
[CVE-2013-0641] Adobe Reader Buffer Overflow Vulnerability
A buffer overflow vulnerability exists in Adobe Reader which allows an attacker to perform remote code execution.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Adobe
- Product: Reader
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2013-0641
[CVE-2013-1347] Microsoft Internet Explorer Remote Code Execution Vulnerability
This vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Internet Explorer
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2013-1347
[CVE-2013-1675] Mozilla Firefox Information Disclosure Vulnerability
Mozilla Firefox does not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Mozilla
- Product: Firefox
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2013-1675
[CVE-2013-3346] Adobe Reader and Acrobat Memory Corruption Vulnerability
Adobe Reader and Acrobat contain a memory corruption vulnerability which can allow attackers to execute arbitrary code or cause a denial of service.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Adobe
- Product: Reader and Acrobat
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2013-3346
[CVE-2013-3897] Microsoft Internet Explorer Use-After-Free Vulnerability
A use-after-free vulnerability exists within CDisplayPointer in Microsoft Internet Explorer that allows an attacker to remotely execute arbitrary code.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Internet Explorer
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2013-3897
[CVE-2013-5065] Microsoft Windows Kernel Privilege Escalation Vulnerability
Microsoft Windows NDProxy.sys in the kernel contains an improper input validation vulnerability which can allow a local attacker to escalate privileges.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Windows
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2013-5065
[CVE-2014-0496] Adobe Reader and Acrobat Use-After-Free Vulnerability
Adobe Reader and Acrobat contain a use-after-free vulnerability which can allow for code execution.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Adobe
- Product: Reader and Acrobat
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2014-0496
[CVE-2014-4114] Microsoft Windows Object Linking & Embedding (OLE) Remote Code Execution Vulnerability
A vulnerability exists in Windows Object Linking & Embedding (OLE) that could allow remote code execution if a user opens a file that contains a specially crafted OLE object.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Windows
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2014-4114
[CVE-2015-1642] Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability that allows remote attackers to execute arbitrary code via a crafted document.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Office
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2015-1642
[CVE-2015-1701] Microsoft Win32k Privilege Escalation Vulnerability
An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code with elevated privileges.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Known
- Vendor: Microsoft
- Product: Win32k
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2015-1701
[CVE-2015-2387] Microsoft ATM Font Driver Privilege Escalation Vulnerability
ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server allows local users to gain privileges via a crafted application.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: ATM Font Driver
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2015-2387
[CVE-2015-2424] Microsoft PowerPoint Memory Corruption Vulnerability
Microsoft PowerPoint allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: PowerPoint
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2015-2424
[CVE-2015-2545] Microsoft Office Malformed EPS File Vulnerability
Microsoft Office allows remote attackers to execute arbitrary code via a crafted EPS image.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Office
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2015-2545
[CVE-2015-2590] Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability
An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Oracle
- Product: Java SE
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2015-2590
[CVE-2015-3043] Adobe Flash Player Memory Corruption Vulnerability
A memory corruption vulnerability exists in Adobe Flash Player that allows an attacker to perform remote code execution.
- Action The impacted product is end-of-life and should be disconnected if still in use.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Adobe
- Product: Flash Player
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2015-3043
[CVE-2015-4902] Oracle Java SE Integrity Check Vulnerability
Unspecified vulnerability in Oracle Java SE allows remote attackers to affect integrity via Unknown vectors related to deployment.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Oracle
- Product: Java SE
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2015-4902
[CVE-2015-5119] Adobe Flash Player Use-After-Free Vulnerability
A use-after-free vulnerability exists within the ActionScript 3 ByteArray class in Adobe Flash Player that allows an attacker to perform remote code execution.
- Action The impacted product is end-of-life and should be disconnected if still in use.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Adobe
- Product: Flash Player
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2015-5119
[CVE-2015-7645] Adobe Flash Player Arbitrary Code Execution Vulnerability
Adobe Flash Player allows remote attackers to execute arbitrary code via a crafted SWF file.
- Action The impacted product is end-of-life and should be disconnected if still in use.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Adobe
- Product: Flash Player
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2015-7645
[CVE-2016-0099] Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability
A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Known
- Vendor: Microsoft
- Product: Windows
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2016-0099
[CVE-2016-1019] Adobe Flash Player Arbitrary Code Execution Vulnerability
Adobe Flash Player allows remote attackers to cause a denial of service or possibly execute arbitrary code.
- Action The impacted product is end-of-life and should be disconnected if still in use.
- Known To Be Used in Ransomware Campaigns?: Known
- Vendor: Adobe
- Product: Flash Player
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2016-1019
[CVE-2016-4117] Adobe Flash Player Arbitrary Code Execution Vulnerability
An access of resource using incompatible type vulnerability exists within Adobe Flash Player that allows an attacker to perform remote code execution.
- Action The impacted product is end-of-life and should be disconnected if still in use.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Adobe
- Product: Flash Player
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2016-4117
[CVE-2016-5195] Linux Kernel Race Condition Vulnerability
Race condition in mm/gup.c in the Linux kernel allows local users to escalate privileges.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Linux
- Product: Kernel
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2016-5195
[CVE-2016-7193] Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability which can allow for remote code execution.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Office
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2016-7193
[CVE-2016-7262] Microsoft Office Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Excel
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2016-7262
[CVE-2016-7855] Adobe Flash Player Use-After-Free Vulnerability
Use-after-free vulnerability in Adobe Flash Player Windows and OS and Linux allows remote attackers to execute arbitrary code.
- Action The impacted product is end-of-life and should be disconnected if still in use.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Adobe
- Product: Flash Player
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2016-7855
[CVE-2016-8562] Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability
An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor (CP) that allows a privileged attacker to remotely cause a denial of service.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Siemens
- Product: SIMATIC CP
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2016-8562
[CVE-2017-0001] Microsoft Graphics Device Interface (GDI) Privilege Escalation Vulnerability
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Graphics Device Interface (GDI)
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-0001
[CVE-2017-0261] Microsoft Office Use-After-Free Vulnerability
Microsoft Office contains a use-after-free vulnerability which can allow for remote code execution.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Office
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-0261
[CVE-2017-11292] Adobe Flash Player Type Confusion Vulnerability
Adobe Flash Player contains a type confusion vulnerability which can allow for remote code execution.
- Action The impacted product is end-of-life and should be disconnected if still in use.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Adobe
- Product: Flash Player
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-11292
[CVE-2017-11826] Microsoft Office Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Office
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-11826
[CVE-2017-12231] Cisco IOS Software Network Address Translation Denial-of-Service Vulnerability
A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-12231
[CVE-2017-12232] Cisco IOS Software for Cisco Integrated Services Routers Denial-of-Service Vulnerability
A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-12232
[CVE-2017-12233] Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability
There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-12233
[CVE-2017-12234] Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability
There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-12234
[CVE-2017-12235] Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability
A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-12235
[CVE-2017-12237] Cisco IOS and IOS XE Software Internet Key Exchange Denial-of-Service Vulnerability
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS and IOS XE Software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-12237
[CVE-2017-12238] Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability
A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: Catalyst 6800 Series Switches
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-12238
[CVE-2017-12240] Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability
The Dynamic Host Configuration Protocol (DHCP) relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS and IOS XE Software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-12240
[CVE-2017-12319] Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial-of-Service Vulnerability
A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS XE Software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-12319
[CVE-2017-6627] Cisco IOS Software and Cisco IOS XE Software UDP Packet Processing Denial-of-Service Vulnerability
A vulnerability in the UDP processing code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and denial of service.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS and IOS XE Software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-6627
[CVE-2017-6663] Cisco IOS Software and Cisco IOS XE Software Denial-of-Service Vulnerability
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in denial-of-service (DoS).
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS and IOS XE Software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-6663
[CVE-2017-6736] Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS and IOS XE Software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-6736
[CVE-2017-6737] Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS and IOS XE Software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-6737
[CVE-2017-6738] Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS and IOS XE Software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-6738
[CVE-2017-6739] Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS and IOS XE Software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-6739
[CVE-2017-6740] Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS and IOS XE Software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-6740
[CVE-2017-6743] Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS and IOS XE Software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-6743
[CVE-2017-6744] Cisco IOS Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS software
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-6744
[CVE-2017-8540] Microsoft Malware Protection Engine Improper Restriction of Operations Vulnerability
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability".
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Malware Protection Engine
- Due Date: Thu Mar 24 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-8540
[CVE-2018-0151] Cisco IOS Software and Cisco IOS XE Software Quality of Service Remote Code Execution Vulnerability
A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS and IOS XE Software
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0151
[CVE-2018-0154] Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability
A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS Software
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0154
[CVE-2018-0155] Cisco Catalyst Bidirectional Forwarding Detection Denial-of-Service Vulnerability
A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial-of-service (DoS) condition.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0155
[CVE-2018-0156] Cisco IOS Software and Cisco IOS XE Software Smart Install Denial-of-Service Vulnerability
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial-of-service (DoS) condition.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS Software and Cisco IOS XE Software
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0156
[CVE-2018-0158] Cisco IOS and XE Software Internet Key Exchange Memory Leak Vulnerability
A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS Software and Cisco IOS XE Software
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0158
[CVE-2018-0159] Cisco IOS and XE Software Internet Key Exchange Version 1 Denial-of-Service Vulnerability
A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS Software and Cisco IOS XE Software
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0159
[CVE-2018-0161] Cisco IOS Software Resource Management Errors Vulnerability
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial-of-service (DoS) condition.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS Software
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0161
[CVE-2018-0167] Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability
There is a buffer overflow vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS, XR, and XE Software
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0167
[CVE-2018-0172] Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS and IOS XE Software
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0172
[CVE-2018-0173] Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets can allow for denial-of-service (DoS).
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS and IOS XE Software
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0173
[CVE-2018-0174] Cisco IOS Software and Cisco IOS XE Software Improper Input Validation Vulnerability
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS XE Software
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0174
[CVE-2018-0175] Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability
Format string vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS, XR, and XE Software
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0175
[CVE-2018-0179] Cisco IOS Software Denial-of-Service Vulnerability
A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS Software
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0179
[CVE-2018-0180] Cisco IOS Software Denial-of-Service Vulnerability
A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: IOS Software
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0180
[CVE-2018-8298] ChakraCore Scripting Engine Type Confusion Vulnerability
The ChakraCore scripting engine contains a type confusion vulnerability which can allow for remote code execution.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: ChakraCore
- Product: ChakraCore scripting engine
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-8298
[CVE-2018-8581] Microsoft Exchange Server Privilege Escalation Vulnerability
A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Known
- Vendor: Microsoft
- Product: Exchange Server
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-8581
[CVE-2019-1297] Microsoft Excel Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Excel
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2019-1297
[CVE-2019-1652] Cisco Small Business Routers Improper Input Validation Vulnerability
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2019-1652
[CVE-2019-16928] Exim Out-of-bounds Write Vulnerability
Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Exim
- Product: Exim Internet Mailer
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2019-16928
[CVE-2020-11899] Treck TCP/IP stack Out-of-Bounds Read Vulnerability
The Treck TCP/IP stack contains an IPv6 out-of-bounds read vulnerability.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Treck TCP/IP stack
- Product: IPv6
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2020-11899
[CVE-2020-1938] Apache Tomcat Improper Privilege Management Vulnerability
Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Apache
- Product: Tomcat
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2020-1938
[CVE-2021-41379] Microsoft Windows Installer Privilege Escalation Vulnerability
Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Known
- Vendor: Microsoft
- Product: Windows
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-41379
[CVE-2022-20699] Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: Small Business RV160, RV260, RV340, and RV345 Series Routers
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2022-20699
[CVE-2022-20700] Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: Small Business RV160, RV260, RV340, and RV345 Series Routers
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2022-20700
[CVE-2022-20701] Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: Small Business RV160, RV260, RV340, and RV345 Series Routers
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2022-20701
[CVE-2022-20703] Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: Small Business RV160, RV260, RV340, and RV345 Series Routers
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2022-20703
[CVE-2022-20708] Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Cisco
- Product: Small Business RV160, RV260, RV340, and RV345 Series Routers
- Due Date: Thu Mar 17 00:00:00 2022
- Notes: https://nvd.nist.gov/vuln/detail/CVE-2022-20708
- ID
- CISA-2022:0303
- Severity
- high
- Severity from
- CVE-2012-0507
- URL
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- Published
-
2022-03-03T00:00:00
(2 years ago) - Modified
-
2022-03-03T00:00:00
(2 years ago) - Other Advisories
-
- ALAS-2011-10
- ALAS-2012-88
- ALAS-2015-570
- ALAS-2015-571
- ALAS-2015-586
- ALAS-2016-757
- ALAS-2019-1310
- ALAS-2020-1352
- ALAS-2020-1353
- ALAS2-2020-1402
- ALPINE:CVE-2019-16928
- ASA-201610-11
- ASA-201610-14
- ASA-201910-1
- CISCO-SA-20161026-LINUX
- CISCO-SA-20170629-SNMP
- CISCO-SA-20170726-ANIDOS
- CISCO-SA-20170906-IOS-UDP
- CISCO-SA-20170927-CIP
- CISCO-SA-20170927-DHCP
- CISCO-SA-20170927-IKE
- CISCO-SA-20170927-NAT
- CISCO-SA-20170927-PROFINET
- CISCO-SA-20170927-RBIP-DOS
- CISCO-SA-20170927-VPLS
- CISCO-SA-20171103-BGP
- CISCO-SA-20180328-BFD
- CISCO-SA-20180328-DHCPR1
- CISCO-SA-20180328-DHCPR2
- CISCO-SA-20180328-DHCPR3
- CISCO-SA-20180328-DOS
- CISCO-SA-20180328-IKE
- CISCO-SA-20180328-IKE-DOS
- CISCO-SA-20180328-LLDP
- CISCO-SA-20180328-QOS
- CISCO-SA-20180328-SLOGIN
- CISCO-SA-20180328-SMI
- CISCO-SA-20180328-SNMP
- CISCO-SA-20190123-RV-INJECT
- CISCO-SA-SMB-MULT-VULN-KA9PK6D
- CISCO-SA-TRECK-IP-STACK-JYBQ5GYC
- DSA-2699-1
- DSA-2720-1
- DSA-3316-1
- DSA-3339-1
- DSA-3696-1
- DSA-4536-1
- DSA-4673-1
- DSA-4680-1
- ELSA-2011-1380
- ELSA-2012-0135
- ELSA-2012-0322
- ELSA-2012-0729
- ELSA-2012-0730
- ELSA-2012-1009
- ELSA-2012-1223
- ELSA-2013-0820
- ELSA-2013-0821
- ELSA-2015-1228
- ELSA-2015-1229
- ELSA-2015-1230
- ELSA-2015-1526
- ELSA-2016-2098
- ELSA-2016-2105
- ELSA-2016-2124
- ELSA-2016-3632
- ELSA-2016-3633
- ELSA-2016-3634
- ELSA-2020-0855
- ELSA-2020-0912
- FEDORA-2011-14638
- FEDORA-2011-14648
- FEDORA-2011-15020
- FEDORA-2011-15555
- FEDORA-2012-13100
- FEDORA-2012-13127
- FEDORA-2012-13131
- FEDORA-2012-13138
- FEDORA-2012-16346
- FEDORA-2012-16351
- FEDORA-2012-1690
- FEDORA-2012-1711
- FEDORA-2012-1721
- FEDORA-2012-9541
- FEDORA-2012-9545
- FEDORA-2012-9590
- FEDORA-2012-9593
- FEDORA-2013-0868
- FEDORA-2013-0888
- FEDORA-2013-11281
- FEDORA-2013-1898
- FEDORA-2013-2188
- FEDORA-2013-2197
- FEDORA-2013-2209
- FEDORA-2013-2813
- FEDORA-2013-3467
- FEDORA-2013-5922
- FEDORA-2016-c3558808cd
- FEDORA-2016-c8a0c7eece
- FEDORA-2016-db4b75b352
- FEDORA-2019-006dfc94cd
- FEDORA-2019-d778bd4137
- FEDORA-2019-e080507ba5
- FEDORA-2020-04ac174fa9
- FEDORA-2020-0e42878ba7
- FEDORA-2020-c870aa8378
- FREEBSD:07888B49-35C4-11E6-8E82-002590263BF5
- FREEBSD:0C6B008D-35C4-11E6-8E82-002590263BF5
- FREEBSD:16846D1E-F1DE-11E1-8BD8-0022156E8794
- FREEBSD:32B05547-6913-11E0-BDC4-001B2134EF46
- FREEBSD:3364D497-E4E6-11E4-A265-C485083CA99C
- FREEBSD:348BFA69-25A2-11E5-ADE1-0011D823EEBD
- FREEBSD:4A1CA8A4-BD82-11E2-B7A0-D43D7E0C7C02
- FREEBSD:84147B46-E876-486D-B746-339EE45A8BB9
- FREEBSD:A5934BA8-A376-11E5-85E9-14DAE9D210B8
- FREEBSD:A73518DA-B2FA-11E7-98EF-D43D7EF03AA6
- FREEBSD:DE6D01D5-9C44-11E6-BA67-0011D823EEBD
- GLSA-200901-09
- GLSA-201009-05
- GLSA-201110-11
- GLSA-201111-02
- GLSA-201209-01
- GLSA-201308-03
- GLSA-201309-10
- GLSA-201309-23
- GLSA-201401-30
- GLSA-201406-32
- GLSA-201504-07
- GLSA-201507-13
- GLSA-201511-02
- GLSA-201603-11
- GLSA-201603-14
- GLSA-201606-08
- GLSA-201610-10
- GLSA-201710-22
- GLSA-202003-43
- GLSA-202003-47
- MAVEN:GHSA-C9HW-WF7X-JP9J
- MS:CVE-2016-7193
- MS:CVE-2016-7262
- MS:CVE-2017-0001
- MS:CVE-2017-0261
- MS:CVE-2017-11826
- MS:CVE-2017-8540
- MS:CVE-2018-8298
- MS:CVE-2018-8581
- MS:CVE-2019-1297
- MS:CVE-2021-41379
- openSUSE-SU-2020:0345-1
- openSUSE-SU-2020:0554-1
- openSUSE-SU-2020:0597-1
- openSUSE-SU-2021:0677-1
- openSUSE-SU-2021:0753-1
- openSUSE-SU-2021:0754-1
- RHSA-2011:0451
- RHSA-2011:1380
- RHSA-2011:1384
- RHSA-2012:0034
- RHSA-2012:0135
- RHSA-2012:0139
- RHSA-2012:0508
- RHSA-2012:0514
- RHSA-2012:0729
- RHSA-2012:0734
- RHSA-2012:1009
- RHSA-2012:1019
- RHSA-2012:1173
- RHSA-2012:1223
- RHSA-2012:1225
- RHSA-2012:1289
- RHSA-2012:1467
- RHSA-2013:0551
- RHSA-2013:0820
- RHSA-2013:0821
- RHSA-2013:0826
- RHSA-2015:0813
- RHSA-2015:1214
- RHSA-2015:1228
- RHSA-2015:1229
- RHSA-2015:1485
- RHSA-2015:1486
- RHSA-2015:1526
- RHSA-2015:1544
- RHSA-2015:1913
- RHSA-2015:2506
- RHSA-2015:2508
- RHSA-2015:2509
- RHSA-2015:2518
- RHSA-2016:0610
- RHSA-2016:1079
- RHSA-2016:2098
- RHSA-2016:2105
- RHSA-2016:2110
- RHSA-2016:2119
- RHSA-2017:0372
- RHSA-2017:2899
- RHSA-2020:0855
- RHSA-2020:0912
- RHSA-2020:4847
- RLSA-2020:4847
- SSA:2016-305-01
- SUSE-SU-2015:0239-1
- SUSE-SU-2015:0344-1
- SUSE-SU-2015:0493-1
- SUSE-SU-2015:0722-1
- SUSE-SU-2015:0723-1
- SUSE-SU-2015:0880-1
- SUSE-SU-2015:1064-1
- SUSE-SU-2015:1086-3
- SUSE-SU-2015:1137-1
- SUSE-SU-2015:1211-1
- SUSE-SU-2015:1319-1
- SUSE-SU-2015:1320-1
- SUSE-SU-2015:1329-1
- SUSE-SU-2015:1331-1
- SUSE-SU-2015:1345-1
- SUSE-SU-2015:1375-1
- SUSE-SU-2015:1509-1
- SUSE-SU-2015:1770-1
- SUSE-SU-2015:1771-1
- SUSE-SU-2015:2166-1
- SUSE-SU-2015:2168-1
- SUSE-SU-2015:2168-2
- SUSE-SU-2015:2182-1
- SUSE-SU-2015:2192-1
- SUSE-SU-2015:2216-1
- SUSE-SU-2015:2268-1
- SUSE-SU-2016:0990-1
- SUSE-SU-2016:1305-1
- SUSE-SU-2016:2585-1
- SUSE-SU-2016:2592-1
- SUSE-SU-2016:2593-1
- SUSE-SU-2016:2596-1
- SUSE-SU-2016:2614-1
- SUSE-SU-2016:2629-1
- SUSE-SU-2016:2630-1
- SUSE-SU-2016:2631-1
- SUSE-SU-2016:2632-1
- SUSE-SU-2016:2633-1
- SUSE-SU-2016:2634-1
- SUSE-SU-2016:2635-1
- SUSE-SU-2016:2636-1
- SUSE-SU-2016:2637-1
- SUSE-SU-2016:2638-1
- SUSE-SU-2016:2655-1
- SUSE-SU-2016:2657-1
- SUSE-SU-2016:2658-1
- SUSE-SU-2016:2659-1
- SUSE-SU-2016:2662-1
- SUSE-SU-2016:2673-1
- SUSE-SU-2016:3069-1
- SUSE-SU-2016:3304-1
- SUSE-SU-2020:0598-1
- SUSE-SU-2020:0631-1
- SUSE-SU-2020:0632-1
- SUSE-SU-2020:0725-1
- SUSE-SU-2020:0806-1
- SUSE-SU-2020:1111-1
- SUSE-SU-2020:1126-1
- SUSE-SU-2020:1272-1
- TOMCAT:CVE-2020-1938
- USN-1263-1
- USN-1373-1
- USN-1373-2
- USN-1505-1
- USN-1822-1
- USN-1823-1
- USN-2696-1
- USN-2706-1
- USN-3104-1
- USN-3104-2
- USN-3105-1
- USN-3105-2
- USN-3106-1
- USN-3106-2
- USN-3106-3
- USN-3106-4
- USN-3107-1
- USN-3107-2
- USN-4141-1
- VU:230057
- VU:237655
- VU:243144
- VU:257161
- VU:422807
- VU:561288
- VU:593409
- VU:636312
- VU:647436
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |