diff --git a/docs/api/v1/diff/2025-12-17.json b/docs/api/v1/diff/2025-12-17.json index c1bd999ef8..7fe151f2b7 100644 --- a/docs/api/v1/diff/2025-12-17.json +++ b/docs/api/v1/diff/2025-12-17.json @@ -15,1058 +15,298 @@ "percentile": 0.9843, "poc_count": 1, "summary": "The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks ro..." + }, + { + "cve": "CVE-2025-8489", + "epss": 0.43315, + "percentile": 0.97363, + "poc_count": 0, + "summary": "" + }, + { + "cve": "CVE-2025-8426", + "epss": 0.3937, + "percentile": 0.97134, + "poc_count": 0, + "summary": "" + }, + { + "cve": "CVE-2025-8518", + "epss": 0.33903, + "percentile": 0.96792, + "poc_count": 1, + "summary": "A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l..." + }, + { + "cve": "CVE-2025-8868", + "epss": 0.17119, + "percentile": 0.94767, + "poc_count": 0, + "summary": "" + }, + { + "cve": "CVE-2025-8730", + "epss": 0.11861, + "percentile": 0.93477, + "poc_count": 2, + "summary": "A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-c..." + }, + { + "cve": "CVE-2025-7795", + "epss": 0.096, + "percentile": 0.92596, + "poc_count": 3, + "summary": "A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument pa..." + }, + { + "cve": "CVE-2025-9090", + "epss": 0.08297, + "percentile": 0.91936, + "poc_count": 4, + "summary": "A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible..." + }, + { + "cve": "CVE-2025-8085", + "epss": 0.07832, + "percentile": 0.91659, + "poc_count": 1, + "summary": "The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs." } ], "new_kev_entries": [ { - "cve": "CVE-2025-9242", - "date_added": "2025-11-12", - "due_date": "2025-12-03", - "epss": 0.7437, - "notes": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00015 ; https://nvd.nist.gov/vuln/detail/CVE-2025-9242", - "percentile": 0.98786, + "cve": "CVE-2025-59718", + "date_added": "2025-12-16", + "due_date": "2025-12-23", + "epss": null, + "notes": "https://fortiguard.fortinet.com/psirt/FG-IR-25-647 ; https://docs.fortinet.com/upgrade-tool/fortigate ; https://nvd.nist.gov/vuln/detail/CVE-2025-59718", + "percentile": null, "poc_count": 0, - "product": "Firebox", + "product": "Multiple Products", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "WatchGuard Firebox contains an out-of-bounds write vulnerability in the OS iked process that may allow a remote unauthenticated attacker to execute arbitrary code.", - "summary": "", - "vendor": "WatchGuard" + "short_description": "Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulnerability that may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML message. Please be aware that CVE-2025-59719 pertains to the same problem and is mentioned in the same vendor advisory. Ensure to apply all patches mentioned in the advisory.", + "vendor": "Fortinet" }, { - "cve": "CVE-2025-7775", - "date_added": "2025-08-26", - "due_date": "2025-08-28", - "epss": 0.17354, - "notes": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938 ; https://nvd.nist.gov/vuln/detail/CVE-2025-7775", - "percentile": 0.94817, - "poc_count": 15, - "product": "NetScaler", + "cve": "CVE-2025-14611", + "date_added": "2025-12-15", + "due_date": "2026-01-05", + "epss": null, + "notes": "https://www.centrestack.com/p/gce_latest_release.html ; https://access.triofox.com/releases_history/; https://support.centrestack.com/hc/en-us/articles/360007159054-Hardening-the-CentreStack-Cluster#h_01JQRV57T37HJFQZKBZH9NBXQP ; https://nvd.nist.gov/vuln/detail/CVE-2025-14611", + "percentile": null, + "poc_count": 0, + "product": "CentreStack and Triofox", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that could allow for remote code execution and/or denial of service.", - "summary": "Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) o...", - "vendor": "Citrix" + "short_description": "Gladinet CentreStack and TrioFox contain a hardcoded cryptographic keys vulnerability for their implementation of the AES cryptoscheme. This vulnerability degrades security for public exposed endpoints that may make use of it and may offer arbitrary local file inclusion when provided a specially crafted request without authentication.", + "vendor": "Gladinet" }, { - "cve": "CVE-2025-9377", - "date_added": "2025-09-03", - "due_date": "2025-09-24", - "epss": 0.14589, - "notes": "https://www.tp-link.com/us/support/faq/4308/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-9377", - "percentile": 0.94217, - "poc_count": 4, - "product": "Multiple Routers", + "cve": "CVE-2025-43529", + "date_added": "2025-12-15", + "due_date": "2026-01-05", + "epss": null, + "notes": "https://support.apple.com/en-us/125884 ; https://support.apple.com/en-us/125892 ; https://support.apple.com/en-us/125885 ; https://support.apple.com/en-us/125886 ; https://support.apple.com/en-us/125889 ; https://nvd.nist.gov/vuln/detail/CVE-2025-43529", + "percentile": null, + "poc_count": 0, + "product": "Multiple Products", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "TP-Link Archer C7(EU) and TL-WR841N/ND(MS) contain an OS command injection vulnerability that exists in the Parental Control page. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.", - "summary": "The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9.This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/N...", - "vendor": "TP-Link" + "short_description": "Apple iOS, iPadOS, macOS, and other Apple products contain a use-after-free vulnerability in WebKit. Processing maliciously crafted web content may lead to memory corruption. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", + "vendor": "Apple" }, { - "cve": "CVE-2025-8876", - "date_added": "2025-08-13", - "due_date": "2025-08-20", - "epss": 0.13881, - "notes": "https://status.n-able.com/2025/08/13/announcing-the-ga-of-n-central-2025-3-1/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-8876", - "percentile": 0.94059, - "poc_count": 6, - "product": "N-Central", + "cve": "CVE-2018-4063", + "date_added": "2025-12-12", + "due_date": "2026-01-02", + "epss": null, + "notes": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-122-03 ; https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---swi-psa-2019-003 ; https://source.sierrawireless.com/resources/airlink/hardware_reference_docs/airlink_es450_eol ; https://nvd.nist.gov/vuln/detail/CVE-2018-4063", + "percentile": null, + "poc_count": 2, + "product": "AirLink ALEOS", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "N-able N-Central contains a command injection vulnerability via improper sanitization of user input.", - "summary": "Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1.", - "vendor": "N-able" + "short_description": "Sierra Wireless AirLink ALEOS contains an unrestricted upload of file with dangerous type vulnerability. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.", + "vendor": "Sierra Wireless" }, { - "cve": "CVE-2025-8875", - "date_added": "2025-08-13", - "due_date": "2025-08-20", - "epss": 0.05085, - "notes": "https://status.n-able.com/2025/08/13/announcing-the-ga-of-n-central-2025-3-1/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-8875", - "percentile": 0.89424, - "poc_count": 7, - "product": "N-Central", + "cve": "CVE-2025-14174", + "date_added": "2025-12-12", + "due_date": "2026-01-02", + "epss": null, + "notes": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html ; https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security ; https://nvd.nist.gov/vuln/detail/CVE-2025-14174", + "percentile": null, + "poc_count": 0, + "product": "Chromium", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "N-able N-Central contains an insecure deserialization vulnerability that could lead to command execution.", - "summary": "Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-central: before 2025.3.1.", - "vendor": "N-able" + "short_description": "Google Chromium contains an out of bounds memory access vulnerability in ANGLE that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", + "vendor": "Google" }, { - "cve": "CVE-2025-8088", - "date_added": "2025-08-12", - "due_date": "2025-09-02", - "epss": 0.03156, - "notes": "https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=283&cHash=a64b4a8f662d3639dec8d65f47bc93c5 ; https://nvd.nist.gov/vuln/detail/CVE-2025-8088", - "percentile": 0.8647, - "poc_count": 45, + "cve": "CVE-2025-58360", + "date_added": "2025-12-11", + "due_date": "2026-01-01", + "epss": null, + "notes": "This vulnerability affects an open-source component, third-party library, or a protocol used by different products. For more information, please see: https://github.com/geoserver/geoserver/security/advisories/GHSA-fjf5-xgmq-5525 ; https://osgeo-org.atlassian.net/browse/GEOS-11922 ; https://nvd.nist.gov/vuln/detail/CVE-2025-58360", + "percentile": null, + "poc_count": 0, + "product": "GeoServer", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the application accepts XML input through a specific endpoint /geoserver/wms operation GetMap and could allow an attacker to define external entities within the XML request.", + "vendor": "OSGeo" + }, + { + "cve": "CVE-2025-6218", + "date_added": "2025-12-09", + "due_date": "2025-12-30", + "epss": null, + "notes": "https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=276&cHash=b5165454d983fc9717bc8748901a64f9 ; https://nvd.nist.gov/vuln/detail/CVE-2025-6218", + "percentile": null, + "poc_count": 10, "product": "WinRAR", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "RARLAB WinRAR contains a path traversal vulnerability affecting the Windows version of WinRAR. This vulnerability could allow an attacker to execute arbitrary code by crafting malicious archive files.", - "summary": "A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovere...", + "short_description": "RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the current user.", "vendor": "RARLAB" }, { - "cve": "CVE-2002-0367", - "date_added": "2022-03-03", - "due_date": "2022-03-24", + "cve": "CVE-2025-62221", + "date_added": "2025-12-09", + "due_date": "2025-12-30", "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2002-0367", + "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-62221 ; https://nvd.nist.gov/vuln/detail/CVE-2025-62221", "percentile": null, - "poc_count": 2, - "product": "Windows", - "required_action": "Apply updates per vendor instructions.", - "short_description": "smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.", - "summary": "smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2004-0210", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2004-0210", - "percentile": null, - "poc_count": 2, - "product": "Windows", - "required_action": "Apply updates per vendor instructions.", - "short_description": "A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system.", - "summary": "The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2004-1464", - "date_added": "2023-05-19", - "due_date": "2023-06-09", - "epss": null, - "notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040827-telnet; https://nvd.nist.gov/vuln/detail/CVE-2004-1464", - "percentile": null, - "poc_count": 2, - "product": "IOS", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device.", - "summary": "Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.", - "vendor": "Cisco" - }, - { - "cve": "CVE-2005-2773", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2005-2773", - "percentile": null, - "poc_count": 1, - "product": "OpenView Network Node Manager", - "required_action": "Apply updates per vendor instructions.", - "short_description": "HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system.", - "summary": "HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl...", - "vendor": "Hewlett Packard (HP)" - }, - { - "cve": "CVE-2006-1547", - "date_added": "2022-01-21", - "due_date": "2022-07-21", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2006-1547", - "percentile": null, - "poc_count": 2, - "product": "Struts 1", - "required_action": "Apply updates per vendor instructions.", - "short_description": "ActionForm in Apache Struts versions before 1.2.9 with BeanUtils 1.7 contains a vulnerability that allows for denial-of-service (DoS).", - "summary": "ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references t...", - "vendor": "Apache" - }, - { - "cve": "CVE-2006-2492", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2006-2492", - "percentile": null, - "poc_count": 3, - "product": "Word", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft Word and Microsoft Works Suites contain a malformed object pointer which allows attackers to execute code.", - "summary": "Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object po...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2007-0671", - "date_added": "2025-08-12", - "due_date": "2025-09-02", - "epss": null, - "notes": "https://learn.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015 ; https://nvd.nist.gov/vuln/detail/CVE-2007-0671", - "percentile": null, - "poc_count": 5, - "product": "Office", - "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "Microsoft Office Excel contains a remote code execution vulnerability that can be exploited when a specially crafted Excel file is opened. This malicious file could be delivered as an email attachment or hosted on a malicious website. An attacker could leverage this vulnerability by creating a specially crafted Excel file, which, when opened, allowing an attacker to execute remote code on the affected system.", - "summary": "Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonst...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2007-3010", - "date_added": "2022-04-15", - "due_date": "2022-05-06", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2007-3010", - "percentile": null, - "poc_count": 3, - "product": "OmniPCX Enterprise", - "required_action": "Apply updates per vendor instructions.", - "short_description": "masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server allows remote attackers to execute arbitrary commands.", - "summary": "masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during...", - "vendor": "Alcatel" - }, - { - "cve": "CVE-2007-5659", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2007-5659", - "percentile": null, - "poc_count": 4, - "product": "Acrobat and Reader", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Adobe Acrobat and Reader contain a buffer overflow vulnerability that allows remote attackers to execute code via a PDF file with long arguments to unspecified JavaScript methods.", - "summary": "Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2008-0655", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2008-0655", - "percentile": null, - "poc_count": 3, - "product": "Acrobat and Reader", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times.", - "summary": "Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.", - "vendor": "Adobe" - }, - { - "cve": "CVE-2008-2992", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2008-2992", - "percentile": null, - "poc_count": 7, - "product": "Acrobat and Reader", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Adobe Acrobat and Reader contain an input validation issue in a JavaScript method that could potentially lead to remote code execution.", - "summary": "Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string ar...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2008-3431", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2008-3431", - "percentile": null, - "poc_count": 5, - "product": "VirtualBox", - "required_action": "Apply updates per vendor instructions.", - "short_description": "An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.", - "summary": "The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, whi...", - "vendor": "Oracle" - }, - { - "cve": "CVE-2009-0557", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-0557", - "percentile": null, - "poc_count": 2, - "product": "Office", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft Office contains an object record corruption vulnerability that allows remote attackers to execute code via a crafted Excel file with a malformed record object.", - "summary": "Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel V...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2009-0563", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-0563", - "percentile": null, - "poc_count": 2, - "product": "Office", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft Office contains a buffer overflow vulnerability that allows remote attackers to execute code via a Word document with a crafted tag containing an invalid length field.", - "summary": "Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Mic...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2009-0927", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-0927", - "percentile": null, - "poc_count": 4, - "product": "Reader and Acrobat", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.", - "summary": "Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Colla...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2009-1123", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-1123", - "percentile": null, - "poc_count": 2, - "product": "Windows", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The kernel in Microsoft Windows does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application.", - "summary": "The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to ga...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2009-1151", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-1151", - "percentile": null, - "poc_count": 19, - "product": "phpMyAdmin", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file.", - "summary": "Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.", - "vendor": "phpMyAdmin" - }, - { - "cve": "CVE-2009-1862", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-1862", - "percentile": null, - "poc_count": 3, - "product": "Acrobat and Reader, Flash Player", - "required_action": "For Adobe Acrobat and Reader, apply updates per vendor instructions. For Adobe Flash Player, the impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Adobe Acrobat and Reader and Adobe Flash Player allows remote attackers to execute code or cause denial-of-service (DoS).", - "summary": "Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2009-2055", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-2055", - "percentile": null, - "poc_count": 2, - "product": "IOS XR", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).", - "summary": "Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.", - "vendor": "Cisco" - }, - { - "cve": "CVE-2009-3129", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-3129", - "percentile": null, - "poc_count": 2, - "product": "Excel", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset.", - "summary": "Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatib...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2009-3953", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-3953", - "percentile": null, - "poc_count": 1, - "product": "Acrobat and Reader", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Adobe Acrobat and Reader contains an array boundary issue in Universal 3D (U3D) support that could lead to remote code execution.", - "summary": "The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF documen...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2009-3960", - "date_added": "2022-03-07", - "due_date": "2022-09-07", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-3960", - "percentile": null, - "poc_count": 2, - "product": "BlazeDS", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Adobe BlazeDS, which is utilized in LifeCycle and Coldfusion, contains a vulnerability that allows for information disclosure.", - "summary": "Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, all...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2009-4324", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-4324", - "percentile": null, - "poc_count": 6, - "product": "Acrobat and Reader", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Use-after-free vulnerability in Adobe Acrobat and Reader allows remote attackers to execute code via a crafted PDF file.", - "summary": "Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary cod...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2010-0188", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-0188", - "percentile": null, - "poc_count": 3, - "product": "Reader and Acrobat", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Unspecified vulnerability in Adobe Reader and Acrobat allows attackers to cause a denial of service or possibly execute arbitrary code.", - "summary": "Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.", - "vendor": "Adobe" - }, - { - "cve": "CVE-2010-0232", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-0232", - "percentile": null, - "poc_count": 17, - "product": "Windows", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The kernel in Microsoft Windows, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges.", - "summary": "The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when acces...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2010-0738", - "date_added": "2022-05-25", - "due_date": "2022-06-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-0738", - "percentile": null, - "poc_count": 21, - "product": "JBoss", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.", - "summary": "The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST me...", - "vendor": "Red Hat" - }, - { - "cve": "CVE-2010-0840", - "date_added": "2022-05-25", - "due_date": "2022-06-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-0840", - "percentile": null, - "poc_count": 8, - "product": "Java Runtime Environment (JRE)", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Unspecified vulnerability in the Java Runtime Environment (JRE) in Java SE component allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors.", - "summary": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and av...", - "vendor": "Oracle" - }, - { - "cve": "CVE-2010-1297", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-1297", - "percentile": null, - "poc_count": 5, - "product": "Flash Player", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).", - "summary": "Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to exec...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2010-1428", - "date_added": "2022-05-25", - "due_date": "2022-06-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-1428", - "percentile": null, - "poc_count": 3, - "product": "JBoss", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Unauthenticated access to the JBoss Application Server Web Console (/web-console) is blocked by default. However, it was found that this block was incomplete, and only blocked GET and POST HTTP verbs. A remote attacker could use this flaw to gain access to sensitive information.", - "summary": "The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST...", - "vendor": "Red Hat" - }, - { - "cve": "CVE-2010-1871", - "date_added": "2021-12-10", - "due_date": "2022-06-10", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-1871", - "percentile": null, - "poc_count": 17, - "product": "JBoss Seam 2", - "required_action": "Apply updates per vendor instructions.", - "short_description": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can only be exploited when the Java Security Manager is not properly configured.", - "summary": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to...", - "vendor": "Red Hat" - }, - { - "cve": "CVE-2010-2568", - "date_added": "2022-09-15", - "due_date": "2022-10-06", - "epss": null, - "notes": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-046; https://nvd.nist.gov/vuln/detail/CVE-2010-2568", - "percentile": null, - "poc_count": 22, - "product": "Windows", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attacker who successfully exploited this vulnerability could execute code as the logged-on user.", - "summary": "Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2010-2572", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-2572", - "percentile": null, - "poc_count": 1, - "product": "PowerPoint", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft PowerPoint contains a buffer overflow vulnerability that alllows for remote code execution.", - "summary": "Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka \"PowerPoint Parsing Buffer Overflow Vulnerability.\"", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2010-2861", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-2861", - "percentile": null, - "poc_count": 64, - "product": "ColdFusion", - "required_action": "Apply updates per vendor instructions.", - "short_description": "A directory traversal vulnerability exists in the administrator console in Adobe ColdFusion which allows remote attackers to read arbitrary files.", - "summary": "Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settin...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2010-2883", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-2883", - "percentile": null, - "poc_count": 9, - "product": "Acrobat and Reader", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Adobe Acrobat and Reader contain a stack-based buffer overflow vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).", - "summary": "Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (app...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2010-3035", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-3035", - "percentile": null, - "poc_count": 2, - "product": "IOS XR", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).", - "summary": "Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix annou...", - "vendor": "Cisco" - }, - { - "cve": "CVE-2010-3333", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-3333", - "percentile": null, - "poc_count": 33, - "product": "Office", - "required_action": "Apply updates per vendor instructions.", - "short_description": "A stack-based buffer overflow vulnerability exists in the parsing of RTF data in Microsoft Office and earlier allows an attacker to perform remote code execution.", - "summary": "Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attack...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2010-3765", - "date_added": "2025-10-06", - "due_date": "2025-10-27", - "epss": null, - "notes": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-73 ; https://nvd.nist.gov/vuln/detail/CVE-2010-3765", - "percentile": null, - "poc_count": 4, - "product": "Multiple Products", - "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "Mozilla Firefox, SeaMonkey, and Thunderbird contain an unspecified vulnerability when JavaScript is enabled. This allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption.", - "summary": "Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute ar...", - "vendor": "Mozilla" - }, - { - "cve": "CVE-2010-3904", - "date_added": "2023-05-12", - "due_date": "2023-06-02", - "epss": null, - "notes": "https://lkml.iu.edu/hypermail/linux/kernel/1601.3/06474.html; https://nvd.nist.gov/vuln/detail/CVE-2010-3904", - "percentile": null, - "poc_count": 125, - "product": "Kernel", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Linux Kernel contains an improper input validation vulnerability in the Reliable Datagram Sockets (RDS) protocol implementation that allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.", - "summary": "The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which a...", - "vendor": "Linux" - }, - { - "cve": "CVE-2010-3962", - "date_added": "2025-10-06", - "due_date": "2025-10-27", - "epss": null, - "notes": "https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2010/2458511?redirectedfrom=MSDN ; https://nvd.nist.gov/vuln/detail/CVE-2010-3962", - "percentile": null, - "poc_count": 3, - "product": "Internet Explorer", - "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "Microsoft Internet Explorer contains an uninitialized memory corruption vulnerability that could allow for remote code execution. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.", - "summary": "Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2010-4344", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-4344", - "percentile": null, - "poc_count": 9, - "product": "Exim", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.", - "summary": "Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a lar...", - "vendor": "Exim" - }, - { - "cve": "CVE-2010-4345", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-4345", - "percentile": null, - "poc_count": 4, - "product": "Exim", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.", - "summary": "Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstra...", - "vendor": "Exim" - }, - { - "cve": "CVE-2010-4398", - "date_added": "2022-03-28", - "due_date": "2022-04-21", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-4398", - "percentile": null, - "poc_count": 9, - "product": "Windows", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature.", - "summary": "Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Wind...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2010-5326", - "date_added": "2021-11-03", - "due_date": "2022-05-03", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-5326", - "percentile": null, - "poc_count": 1, - "product": "NetWeaver", - "required_action": "Apply updates per vendor instructions.", - "short_description": "SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote code execution via a HTTP or HTTPS request.", - "summary": "The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as ex...", - "vendor": "SAP" - }, - { - "cve": "CVE-2010-5330", - "date_added": "2022-04-15", - "due_date": "2022-05-06", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-5330", - "percentile": null, - "poc_count": 2, - "product": "AirOS", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.", - "summary": "On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4....", - "vendor": "Ubiquiti" - }, - { - "cve": "CVE-2011-0609", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2011-0609", - "percentile": null, - "poc_count": 4, - "product": "Flash Player", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Adobe Flash Player contains an unspecified vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).", - "summary": "Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bund...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2011-0611", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2011-0611", - "percentile": null, - "poc_count": 8, - "product": "Flash Player", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Adobe Flash Player contains a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content.", - "summary": "Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2011-1823", - "date_added": "2022-09-08", - "due_date": "2022-09-29", - "epss": null, - "notes": "https://android.googlesource.com/platform/system/vold/+/c51920c82463b240e2be0430849837d6fdc5352e; https://nvd.nist.gov/vuln/detail/CVE-2011-1823", - "percentile": null, - "poc_count": 3, - "product": "Android OS", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is associated with GingerBreak and Exploit.AndroidOS.Lotoor.", - "summary": "The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 trusts messages that are received from a PF_NETLINK socket, which allows local users to execute arbitrary code and gain root privileges via a negative...", - "vendor": "Android" - }, - { - "cve": "CVE-2011-1889", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2011-1889", - "percentile": null, - "poc_count": 1, - "product": "Forefront Threat Management Gateway (TMG)", - "required_action": "Apply updates per vendor instructions.", - "short_description": "A remote code execution vulnerability exists in the Forefront Threat Management Gateway (TMG) Firewall Client Winsock provider that could allow code execution in the security context of the client application.", - "summary": "The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka \"TMG Firewa...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2011-2005", - "date_added": "2022-03-28", - "due_date": "2022-04-18", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2011-2005", - "percentile": null, - "poc_count": 18, - "product": "Ancillary Function Driver (afd.sys)", - "required_action": "Apply updates per vendor instructions.", - "short_description": "afd.sys in the Ancillary Function Driver in Microsoft Windows does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application.", - "summary": "afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a craf...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2011-2462", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2011-2462", - "percentile": null, - "poc_count": 7, - "product": "Reader and Acrobat", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The Universal 3D (U3D) component in Adobe Reader and Acrobat contains a memory corruption vulnerability which could allow remote attackers to execute code or cause denial-of-service (DoS).", - "summary": "Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or c...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2011-3402", - "date_added": "2025-10-06", - "due_date": "2025-10-27", - "epss": null, - "notes": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-087 ; https://nvd.nist.gov/vuln/detail/CVE-2011-3402", - "percentile": null, - "poc_count": 3, + "poc_count": 0, "product": "Windows", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "Microsoft Windows Kernel contains an unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers that allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page.", - "summary": "Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and...", + "short_description": "Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges locally.", "vendor": "Microsoft" }, { - "cve": "CVE-2011-3544", - "date_added": "2022-03-03", - "due_date": "2022-03-24", + "cve": "CVE-2022-37055", + "date_added": "2025-12-08", + "due_date": "2025-12-29", "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2011-3544", + "notes": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10308 ; https://nvd.nist.gov/vuln/detail/CVE-2022-37055", "percentile": null, - "poc_count": 5, - "product": "Java SE JDK and JRE", - "required_action": "Apply updates per vendor instructions.", - "short_description": "An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.", - "summary": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect...", - "vendor": "Oracle" - }, - { - "cve": "CVE-2011-4723", - "date_added": "2022-09-08", - "due_date": "2022-09-29", - "epss": null, - "notes": "https://www.dlink.com/uk/en/support/product/dir-300-wireless-g-router; https://nvd.nist.gov/vuln/detail/CVE-2011-4723", - "percentile": null, - "poc_count": 1, - "product": "DIR-300 Router", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information.", - "summary": "The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.", + "poc_count": 2, + "product": "Routers", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "D-Link Routers contains a buffer overflow vulnerability that has a high impact on confidentiality, integrity, and availability. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.", "vendor": "D-Link" }, { - "cve": "CVE-2012-0151", - "date_added": "2022-06-08", - "due_date": "2022-06-22", + "cve": "CVE-2025-66644", + "date_added": "2025-12-08", + "due_date": "2025-12-29", "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-0151", + "notes": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/ag.html ; https://www.jpcert.or.jp/at/2025/at250024.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-66644", + "percentile": null, + "poc_count": 0, + "product": "ArrayOS AG", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "Array Networks ArrayOS AG contains an OS command injection vulnerability that could allow an attacker to execute arbitrary commands.", + "vendor": "Array Networks" + }, + { + "cve": "CVE-2025-55182", + "date_added": "2025-12-05", + "due_date": "2025-12-12", + "epss": null, + "notes": "Check for signs of potential compromise on all internet accessible REACT instances after applying mitigations. For more information, please see: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components ; https://github.com/vercel-labs/fix-react2shell-next?tab=readme-ov-file ; https://nvd.nist.gov/vuln/detail/CVE-2025-55182", + "percentile": null, + "poc_count": 0, + "product": "React Server Components", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent to React Server Function endpoints. Please note CVE-2025-66478 has been rejected, but it is associated with CVE-2025- 55182.", + "vendor": "Meta" + }, + { + "cve": "CVE-2021-26828", + "date_added": "2025-12-03", + "due_date": "2025-12-24", + "epss": null, + "notes": "This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/SCADA-LTS/Scada-LTS/pull/2174 ; https://nvd.nist.gov/vuln/detail/CVE-2021-26828", + "percentile": null, + "poc_count": 16, + "product": "ScadaBR", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.", + "vendor": "OpenPLC" + }, + { + "cve": "CVE-2025-48572", + "date_added": "2025-12-02", + "due_date": "2025-12-23", + "epss": null, + "notes": "https://source.android.com/docs/security/bulletin/2025-12-01 ; https://nvd.nist.gov/vuln/detail/CVE-2025-48572", + "percentile": null, + "poc_count": 0, + "product": "Framework", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "Android Framework contains an unspecified vulnerability that allows for privilege escalation.", + "vendor": "Android" + }, + { + "cve": "CVE-2025-48633", + "date_added": "2025-12-02", + "due_date": "2025-12-23", + "epss": null, + "notes": "https://source.android.com/docs/security/bulletin/2025-12-01 ; https://nvd.nist.gov/vuln/detail/CVE-2025-48633", + "percentile": null, + "poc_count": 0, + "product": "Framework", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "Android Framework contains an unspecified vulnerability that allows for information disclosure.", + "vendor": "Android" + }, + { + "cve": "CVE-2021-26829", + "date_added": "2025-11-28", + "due_date": "2025-12-19", + "epss": null, + "notes": "This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/SCADA-LTS/Scada-LTS/pull/3211 ; https://nvd.nist.gov/vuln/detail/CVE-2021-26829", "percentile": null, "poc_count": 1, - "product": "Windows", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute code.", - "summary": "The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer...", - "vendor": "Microsoft" + "product": "ScadaBR", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "OpenPLC ScadaBR contains a cross-site scripting vulnerability via system_settings.shtm.", + "vendor": "OpenPLC" }, { - "cve": "CVE-2012-0158", - "date_added": "2021-11-03", - "due_date": "2022-05-03", + "cve": "CVE-2025-61757", + "date_added": "2025-11-21", + "due_date": "2025-12-12", "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-0158", + "notes": "https://www.oracle.com/security-alerts/cpuoct2025.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-61757", "percentile": null, - "poc_count": 29, - "product": "MSCOMCTL.OCX", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft MSCOMCTL.OCX contains an unspecified vulnerability that allows for remote code execution, allowing an attacker to take complete control of an affected system under the context of the current user.", - "summary": "The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Component...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2012-0391", - "date_added": "2022-01-21", - "due_date": "2022-07-21", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-0391", - "percentile": null, - "poc_count": 6, - "product": "Struts 2", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution.", - "summary": "The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers...", - "vendor": "Apache" - }, - { - "cve": "CVE-2012-0507", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-0507", - "percentile": null, - "poc_count": 6, - "product": "Java SE", - "required_action": "Apply updates per vendor instructions.", - "short_description": "An incorrect type vulnerability exists in the Concurrency component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.", - "summary": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidential...", - "vendor": "Oracle" - }, - { - "cve": "CVE-2012-0518", - "date_added": "2022-03-28", - "due_date": "2022-04-18", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-0518", - "percentile": null, - "poc_count": 4, + "poc_count": 0, "product": "Fusion Middleware", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via Unknown vectors", - "summary": "Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a differ...", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over Identity Manager.", "vendor": "Oracle" }, { - "cve": "CVE-2012-0754", - "date_added": "2022-06-08", - "due_date": "2022-06-22", + "cve": "CVE-2025-13223", + "date_added": "2025-11-19", + "due_date": "2025-12-10", "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-0754", + "notes": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_17.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-13223", "percentile": null, - "poc_count": 1, - "product": "Flash Player", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).", - "summary": "Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute ar...", - "vendor": "Adobe" + "poc_count": 0, + "product": "Chromium V8", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "Google Chromium V8 contains a type confusion vulnerability that allows for heap corruption.", + "vendor": "Google" }, { - "cve": "CVE-2012-0767", - "date_added": "2022-06-08", - "due_date": "2022-06-22", + "cve": "CVE-2025-58034", + "date_added": "2025-11-18", + "due_date": "2025-11-25", "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-0767", + "notes": "https://fortiguard.fortinet.com/psirt/FG-IR-25-513 ; https://nvd.nist.gov/vuln/detail/CVE-2025-58034", "percentile": null, - "poc_count": 1, - "product": "Flash Player", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Adobe Flash Player contains a XSS vulnerability that allows remote attackers to inject web script or HTML.", - "summary": "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 o...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2012-1535", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-1535", - "percentile": null, - "poc_count": 1, - "product": "Flash Player", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code or cause a denial of service via crafted SWF content.", - "summary": "Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2012-1710", - "date_added": "2022-05-25", - "due_date": "2022-06-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-1710", - "percentile": null, - "poc_count": 3, - "product": "Fusion Middleware", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Designer.", - "summary": "Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors rel...", - "vendor": "Oracle" - }, - { - "cve": "CVE-2012-1723", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-1723", - "percentile": null, - "poc_count": 5, - "product": "Java SE", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Hotspot.", - "summary": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to...", - "vendor": "Oracle" - }, - { - "cve": "CVE-2012-1823", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-1823", - "percentile": null, - "poc_count": 71, - "product": "PHP", - "required_action": "Apply updates per vendor instructions.", - "short_description": "sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.", - "summary": "sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attack...", - "vendor": "PHP" - }, - { - "cve": "CVE-2012-1856", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-1856", - "percentile": null, - "poc_count": 5, - "product": "Office", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption.", - "summary": "The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2012-1889", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-1889", - "percentile": null, - "poc_count": 9, - "product": "XML Core Services", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft XML Core Services contains a memory corruption vulnerability which could allow for remote code execution.", - "summary": "Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2012-2034", - "date_added": "2022-03-28", - "due_date": "2022-04-18", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-2034", - "percentile": null, - "poc_count": 1, - "product": "Flash Player", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Adobe Flash Player contains a memory corruption vulnerability that allows for remote code execution or denial-of-service (DoS).", - "summary": "Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2012-2539", - "date_added": "2022-03-28", - "due_date": "2022-04-18", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-2539", - "percentile": null, - "poc_count": 1, - "product": "Word", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft Word allows attackers to execute remote code or cause a denial-of-service (DoS) via crafted RTF data.", - "summary": "Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2012-3152", - "date_added": "2021-11-03", - "due_date": "2022-05-03", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-3152", - "percentile": null, - "poc_count": 9, - "product": "Fusion Middleware", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity of affected systems.", - "summary": "Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors rela...", - "vendor": "Oracle" + "poc_count": 0, + "product": "FortiWeb", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "Fortinet FortiWeb contains an OS command Injection vulnerability that may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands.", + "vendor": "Fortinet" } ], "removed_high_epss": [], diff --git a/docs/api/v1/diff/latest.json b/docs/api/v1/diff/latest.json index c1bd999ef8..7fe151f2b7 100644 --- a/docs/api/v1/diff/latest.json +++ b/docs/api/v1/diff/latest.json @@ -15,1058 +15,298 @@ "percentile": 0.9843, "poc_count": 1, "summary": "The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks ro..." + }, + { + "cve": "CVE-2025-8489", + "epss": 0.43315, + "percentile": 0.97363, + "poc_count": 0, + "summary": "" + }, + { + "cve": "CVE-2025-8426", + "epss": 0.3937, + "percentile": 0.97134, + "poc_count": 0, + "summary": "" + }, + { + "cve": "CVE-2025-8518", + "epss": 0.33903, + "percentile": 0.96792, + "poc_count": 1, + "summary": "A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l..." + }, + { + "cve": "CVE-2025-8868", + "epss": 0.17119, + "percentile": 0.94767, + "poc_count": 0, + "summary": "" + }, + { + "cve": "CVE-2025-8730", + "epss": 0.11861, + "percentile": 0.93477, + "poc_count": 2, + "summary": "A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-c..." + }, + { + "cve": "CVE-2025-7795", + "epss": 0.096, + "percentile": 0.92596, + "poc_count": 3, + "summary": "A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument pa..." + }, + { + "cve": "CVE-2025-9090", + "epss": 0.08297, + "percentile": 0.91936, + "poc_count": 4, + "summary": "A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible..." + }, + { + "cve": "CVE-2025-8085", + "epss": 0.07832, + "percentile": 0.91659, + "poc_count": 1, + "summary": "The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs." } ], "new_kev_entries": [ { - "cve": "CVE-2025-9242", - "date_added": "2025-11-12", - "due_date": "2025-12-03", - "epss": 0.7437, - "notes": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00015 ; https://nvd.nist.gov/vuln/detail/CVE-2025-9242", - "percentile": 0.98786, + "cve": "CVE-2025-59718", + "date_added": "2025-12-16", + "due_date": "2025-12-23", + "epss": null, + "notes": "https://fortiguard.fortinet.com/psirt/FG-IR-25-647 ; https://docs.fortinet.com/upgrade-tool/fortigate ; https://nvd.nist.gov/vuln/detail/CVE-2025-59718", + "percentile": null, "poc_count": 0, - "product": "Firebox", + "product": "Multiple Products", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "WatchGuard Firebox contains an out-of-bounds write vulnerability in the OS iked process that may allow a remote unauthenticated attacker to execute arbitrary code.", - "summary": "", - "vendor": "WatchGuard" + "short_description": "Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulnerability that may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML message. Please be aware that CVE-2025-59719 pertains to the same problem and is mentioned in the same vendor advisory. Ensure to apply all patches mentioned in the advisory.", + "vendor": "Fortinet" }, { - "cve": "CVE-2025-7775", - "date_added": "2025-08-26", - "due_date": "2025-08-28", - "epss": 0.17354, - "notes": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938 ; https://nvd.nist.gov/vuln/detail/CVE-2025-7775", - "percentile": 0.94817, - "poc_count": 15, - "product": "NetScaler", + "cve": "CVE-2025-14611", + "date_added": "2025-12-15", + "due_date": "2026-01-05", + "epss": null, + "notes": "https://www.centrestack.com/p/gce_latest_release.html ; https://access.triofox.com/releases_history/; https://support.centrestack.com/hc/en-us/articles/360007159054-Hardening-the-CentreStack-Cluster#h_01JQRV57T37HJFQZKBZH9NBXQP ; https://nvd.nist.gov/vuln/detail/CVE-2025-14611", + "percentile": null, + "poc_count": 0, + "product": "CentreStack and Triofox", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that could allow for remote code execution and/or denial of service.", - "summary": "Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) o...", - "vendor": "Citrix" + "short_description": "Gladinet CentreStack and TrioFox contain a hardcoded cryptographic keys vulnerability for their implementation of the AES cryptoscheme. This vulnerability degrades security for public exposed endpoints that may make use of it and may offer arbitrary local file inclusion when provided a specially crafted request without authentication.", + "vendor": "Gladinet" }, { - "cve": "CVE-2025-9377", - "date_added": "2025-09-03", - "due_date": "2025-09-24", - "epss": 0.14589, - "notes": "https://www.tp-link.com/us/support/faq/4308/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-9377", - "percentile": 0.94217, - "poc_count": 4, - "product": "Multiple Routers", + "cve": "CVE-2025-43529", + "date_added": "2025-12-15", + "due_date": "2026-01-05", + "epss": null, + "notes": "https://support.apple.com/en-us/125884 ; https://support.apple.com/en-us/125892 ; https://support.apple.com/en-us/125885 ; https://support.apple.com/en-us/125886 ; https://support.apple.com/en-us/125889 ; https://nvd.nist.gov/vuln/detail/CVE-2025-43529", + "percentile": null, + "poc_count": 0, + "product": "Multiple Products", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "TP-Link Archer C7(EU) and TL-WR841N/ND(MS) contain an OS command injection vulnerability that exists in the Parental Control page. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.", - "summary": "The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9.This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/N...", - "vendor": "TP-Link" + "short_description": "Apple iOS, iPadOS, macOS, and other Apple products contain a use-after-free vulnerability in WebKit. Processing maliciously crafted web content may lead to memory corruption. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", + "vendor": "Apple" }, { - "cve": "CVE-2025-8876", - "date_added": "2025-08-13", - "due_date": "2025-08-20", - "epss": 0.13881, - "notes": "https://status.n-able.com/2025/08/13/announcing-the-ga-of-n-central-2025-3-1/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-8876", - "percentile": 0.94059, - "poc_count": 6, - "product": "N-Central", + "cve": "CVE-2018-4063", + "date_added": "2025-12-12", + "due_date": "2026-01-02", + "epss": null, + "notes": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-122-03 ; https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---swi-psa-2019-003 ; https://source.sierrawireless.com/resources/airlink/hardware_reference_docs/airlink_es450_eol ; https://nvd.nist.gov/vuln/detail/CVE-2018-4063", + "percentile": null, + "poc_count": 2, + "product": "AirLink ALEOS", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "N-able N-Central contains a command injection vulnerability via improper sanitization of user input.", - "summary": "Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1.", - "vendor": "N-able" + "short_description": "Sierra Wireless AirLink ALEOS contains an unrestricted upload of file with dangerous type vulnerability. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.", + "vendor": "Sierra Wireless" }, { - "cve": "CVE-2025-8875", - "date_added": "2025-08-13", - "due_date": "2025-08-20", - "epss": 0.05085, - "notes": "https://status.n-able.com/2025/08/13/announcing-the-ga-of-n-central-2025-3-1/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-8875", - "percentile": 0.89424, - "poc_count": 7, - "product": "N-Central", + "cve": "CVE-2025-14174", + "date_added": "2025-12-12", + "due_date": "2026-01-02", + "epss": null, + "notes": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html ; https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security ; https://nvd.nist.gov/vuln/detail/CVE-2025-14174", + "percentile": null, + "poc_count": 0, + "product": "Chromium", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "N-able N-Central contains an insecure deserialization vulnerability that could lead to command execution.", - "summary": "Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-central: before 2025.3.1.", - "vendor": "N-able" + "short_description": "Google Chromium contains an out of bounds memory access vulnerability in ANGLE that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", + "vendor": "Google" }, { - "cve": "CVE-2025-8088", - "date_added": "2025-08-12", - "due_date": "2025-09-02", - "epss": 0.03156, - "notes": "https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=283&cHash=a64b4a8f662d3639dec8d65f47bc93c5 ; https://nvd.nist.gov/vuln/detail/CVE-2025-8088", - "percentile": 0.8647, - "poc_count": 45, + "cve": "CVE-2025-58360", + "date_added": "2025-12-11", + "due_date": "2026-01-01", + "epss": null, + "notes": "This vulnerability affects an open-source component, third-party library, or a protocol used by different products. For more information, please see: https://github.com/geoserver/geoserver/security/advisories/GHSA-fjf5-xgmq-5525 ; https://osgeo-org.atlassian.net/browse/GEOS-11922 ; https://nvd.nist.gov/vuln/detail/CVE-2025-58360", + "percentile": null, + "poc_count": 0, + "product": "GeoServer", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the application accepts XML input through a specific endpoint /geoserver/wms operation GetMap and could allow an attacker to define external entities within the XML request.", + "vendor": "OSGeo" + }, + { + "cve": "CVE-2025-6218", + "date_added": "2025-12-09", + "due_date": "2025-12-30", + "epss": null, + "notes": "https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=276&cHash=b5165454d983fc9717bc8748901a64f9 ; https://nvd.nist.gov/vuln/detail/CVE-2025-6218", + "percentile": null, + "poc_count": 10, "product": "WinRAR", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "RARLAB WinRAR contains a path traversal vulnerability affecting the Windows version of WinRAR. This vulnerability could allow an attacker to execute arbitrary code by crafting malicious archive files.", - "summary": "A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovere...", + "short_description": "RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the current user.", "vendor": "RARLAB" }, { - "cve": "CVE-2002-0367", - "date_added": "2022-03-03", - "due_date": "2022-03-24", + "cve": "CVE-2025-62221", + "date_added": "2025-12-09", + "due_date": "2025-12-30", "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2002-0367", + "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-62221 ; https://nvd.nist.gov/vuln/detail/CVE-2025-62221", "percentile": null, - "poc_count": 2, - "product": "Windows", - "required_action": "Apply updates per vendor instructions.", - "short_description": "smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.", - "summary": "smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2004-0210", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2004-0210", - "percentile": null, - "poc_count": 2, - "product": "Windows", - "required_action": "Apply updates per vendor instructions.", - "short_description": "A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system.", - "summary": "The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2004-1464", - "date_added": "2023-05-19", - "due_date": "2023-06-09", - "epss": null, - "notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040827-telnet; https://nvd.nist.gov/vuln/detail/CVE-2004-1464", - "percentile": null, - "poc_count": 2, - "product": "IOS", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device.", - "summary": "Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.", - "vendor": "Cisco" - }, - { - "cve": "CVE-2005-2773", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2005-2773", - "percentile": null, - "poc_count": 1, - "product": "OpenView Network Node Manager", - "required_action": "Apply updates per vendor instructions.", - "short_description": "HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system.", - "summary": "HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl...", - "vendor": "Hewlett Packard (HP)" - }, - { - "cve": "CVE-2006-1547", - "date_added": "2022-01-21", - "due_date": "2022-07-21", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2006-1547", - "percentile": null, - "poc_count": 2, - "product": "Struts 1", - "required_action": "Apply updates per vendor instructions.", - "short_description": "ActionForm in Apache Struts versions before 1.2.9 with BeanUtils 1.7 contains a vulnerability that allows for denial-of-service (DoS).", - "summary": "ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references t...", - "vendor": "Apache" - }, - { - "cve": "CVE-2006-2492", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2006-2492", - "percentile": null, - "poc_count": 3, - "product": "Word", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft Word and Microsoft Works Suites contain a malformed object pointer which allows attackers to execute code.", - "summary": "Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object po...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2007-0671", - "date_added": "2025-08-12", - "due_date": "2025-09-02", - "epss": null, - "notes": "https://learn.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015 ; https://nvd.nist.gov/vuln/detail/CVE-2007-0671", - "percentile": null, - "poc_count": 5, - "product": "Office", - "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "Microsoft Office Excel contains a remote code execution vulnerability that can be exploited when a specially crafted Excel file is opened. This malicious file could be delivered as an email attachment or hosted on a malicious website. An attacker could leverage this vulnerability by creating a specially crafted Excel file, which, when opened, allowing an attacker to execute remote code on the affected system.", - "summary": "Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonst...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2007-3010", - "date_added": "2022-04-15", - "due_date": "2022-05-06", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2007-3010", - "percentile": null, - "poc_count": 3, - "product": "OmniPCX Enterprise", - "required_action": "Apply updates per vendor instructions.", - "short_description": "masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server allows remote attackers to execute arbitrary commands.", - "summary": "masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during...", - "vendor": "Alcatel" - }, - { - "cve": "CVE-2007-5659", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2007-5659", - "percentile": null, - "poc_count": 4, - "product": "Acrobat and Reader", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Adobe Acrobat and Reader contain a buffer overflow vulnerability that allows remote attackers to execute code via a PDF file with long arguments to unspecified JavaScript methods.", - "summary": "Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2008-0655", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2008-0655", - "percentile": null, - "poc_count": 3, - "product": "Acrobat and Reader", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times.", - "summary": "Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.", - "vendor": "Adobe" - }, - { - "cve": "CVE-2008-2992", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2008-2992", - "percentile": null, - "poc_count": 7, - "product": "Acrobat and Reader", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Adobe Acrobat and Reader contain an input validation issue in a JavaScript method that could potentially lead to remote code execution.", - "summary": "Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string ar...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2008-3431", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2008-3431", - "percentile": null, - "poc_count": 5, - "product": "VirtualBox", - "required_action": "Apply updates per vendor instructions.", - "short_description": "An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.", - "summary": "The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, whi...", - "vendor": "Oracle" - }, - { - "cve": "CVE-2009-0557", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-0557", - "percentile": null, - "poc_count": 2, - "product": "Office", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft Office contains an object record corruption vulnerability that allows remote attackers to execute code via a crafted Excel file with a malformed record object.", - "summary": "Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel V...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2009-0563", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-0563", - "percentile": null, - "poc_count": 2, - "product": "Office", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft Office contains a buffer overflow vulnerability that allows remote attackers to execute code via a Word document with a crafted tag containing an invalid length field.", - "summary": "Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Mic...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2009-0927", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-0927", - "percentile": null, - "poc_count": 4, - "product": "Reader and Acrobat", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.", - "summary": "Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Colla...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2009-1123", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-1123", - "percentile": null, - "poc_count": 2, - "product": "Windows", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The kernel in Microsoft Windows does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application.", - "summary": "The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to ga...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2009-1151", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-1151", - "percentile": null, - "poc_count": 19, - "product": "phpMyAdmin", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file.", - "summary": "Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.", - "vendor": "phpMyAdmin" - }, - { - "cve": "CVE-2009-1862", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-1862", - "percentile": null, - "poc_count": 3, - "product": "Acrobat and Reader, Flash Player", - "required_action": "For Adobe Acrobat and Reader, apply updates per vendor instructions. For Adobe Flash Player, the impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Adobe Acrobat and Reader and Adobe Flash Player allows remote attackers to execute code or cause denial-of-service (DoS).", - "summary": "Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2009-2055", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-2055", - "percentile": null, - "poc_count": 2, - "product": "IOS XR", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).", - "summary": "Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.", - "vendor": "Cisco" - }, - { - "cve": "CVE-2009-3129", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-3129", - "percentile": null, - "poc_count": 2, - "product": "Excel", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset.", - "summary": "Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatib...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2009-3953", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-3953", - "percentile": null, - "poc_count": 1, - "product": "Acrobat and Reader", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Adobe Acrobat and Reader contains an array boundary issue in Universal 3D (U3D) support that could lead to remote code execution.", - "summary": "The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF documen...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2009-3960", - "date_added": "2022-03-07", - "due_date": "2022-09-07", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-3960", - "percentile": null, - "poc_count": 2, - "product": "BlazeDS", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Adobe BlazeDS, which is utilized in LifeCycle and Coldfusion, contains a vulnerability that allows for information disclosure.", - "summary": "Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, all...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2009-4324", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-4324", - "percentile": null, - "poc_count": 6, - "product": "Acrobat and Reader", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Use-after-free vulnerability in Adobe Acrobat and Reader allows remote attackers to execute code via a crafted PDF file.", - "summary": "Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary cod...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2010-0188", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-0188", - "percentile": null, - "poc_count": 3, - "product": "Reader and Acrobat", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Unspecified vulnerability in Adobe Reader and Acrobat allows attackers to cause a denial of service or possibly execute arbitrary code.", - "summary": "Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.", - "vendor": "Adobe" - }, - { - "cve": "CVE-2010-0232", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-0232", - "percentile": null, - "poc_count": 17, - "product": "Windows", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The kernel in Microsoft Windows, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges.", - "summary": "The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when acces...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2010-0738", - "date_added": "2022-05-25", - "due_date": "2022-06-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-0738", - "percentile": null, - "poc_count": 21, - "product": "JBoss", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.", - "summary": "The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST me...", - "vendor": "Red Hat" - }, - { - "cve": "CVE-2010-0840", - "date_added": "2022-05-25", - "due_date": "2022-06-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-0840", - "percentile": null, - "poc_count": 8, - "product": "Java Runtime Environment (JRE)", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Unspecified vulnerability in the Java Runtime Environment (JRE) in Java SE component allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors.", - "summary": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and av...", - "vendor": "Oracle" - }, - { - "cve": "CVE-2010-1297", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-1297", - "percentile": null, - "poc_count": 5, - "product": "Flash Player", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).", - "summary": "Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to exec...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2010-1428", - "date_added": "2022-05-25", - "due_date": "2022-06-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-1428", - "percentile": null, - "poc_count": 3, - "product": "JBoss", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Unauthenticated access to the JBoss Application Server Web Console (/web-console) is blocked by default. However, it was found that this block was incomplete, and only blocked GET and POST HTTP verbs. A remote attacker could use this flaw to gain access to sensitive information.", - "summary": "The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST...", - "vendor": "Red Hat" - }, - { - "cve": "CVE-2010-1871", - "date_added": "2021-12-10", - "due_date": "2022-06-10", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-1871", - "percentile": null, - "poc_count": 17, - "product": "JBoss Seam 2", - "required_action": "Apply updates per vendor instructions.", - "short_description": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can only be exploited when the Java Security Manager is not properly configured.", - "summary": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to...", - "vendor": "Red Hat" - }, - { - "cve": "CVE-2010-2568", - "date_added": "2022-09-15", - "due_date": "2022-10-06", - "epss": null, - "notes": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-046; https://nvd.nist.gov/vuln/detail/CVE-2010-2568", - "percentile": null, - "poc_count": 22, - "product": "Windows", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attacker who successfully exploited this vulnerability could execute code as the logged-on user.", - "summary": "Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2010-2572", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-2572", - "percentile": null, - "poc_count": 1, - "product": "PowerPoint", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft PowerPoint contains a buffer overflow vulnerability that alllows for remote code execution.", - "summary": "Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka \"PowerPoint Parsing Buffer Overflow Vulnerability.\"", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2010-2861", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-2861", - "percentile": null, - "poc_count": 64, - "product": "ColdFusion", - "required_action": "Apply updates per vendor instructions.", - "short_description": "A directory traversal vulnerability exists in the administrator console in Adobe ColdFusion which allows remote attackers to read arbitrary files.", - "summary": "Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settin...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2010-2883", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-2883", - "percentile": null, - "poc_count": 9, - "product": "Acrobat and Reader", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Adobe Acrobat and Reader contain a stack-based buffer overflow vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).", - "summary": "Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (app...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2010-3035", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-3035", - "percentile": null, - "poc_count": 2, - "product": "IOS XR", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).", - "summary": "Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix annou...", - "vendor": "Cisco" - }, - { - "cve": "CVE-2010-3333", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-3333", - "percentile": null, - "poc_count": 33, - "product": "Office", - "required_action": "Apply updates per vendor instructions.", - "short_description": "A stack-based buffer overflow vulnerability exists in the parsing of RTF data in Microsoft Office and earlier allows an attacker to perform remote code execution.", - "summary": "Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attack...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2010-3765", - "date_added": "2025-10-06", - "due_date": "2025-10-27", - "epss": null, - "notes": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-73 ; https://nvd.nist.gov/vuln/detail/CVE-2010-3765", - "percentile": null, - "poc_count": 4, - "product": "Multiple Products", - "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "Mozilla Firefox, SeaMonkey, and Thunderbird contain an unspecified vulnerability when JavaScript is enabled. This allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption.", - "summary": "Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute ar...", - "vendor": "Mozilla" - }, - { - "cve": "CVE-2010-3904", - "date_added": "2023-05-12", - "due_date": "2023-06-02", - "epss": null, - "notes": "https://lkml.iu.edu/hypermail/linux/kernel/1601.3/06474.html; https://nvd.nist.gov/vuln/detail/CVE-2010-3904", - "percentile": null, - "poc_count": 125, - "product": "Kernel", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Linux Kernel contains an improper input validation vulnerability in the Reliable Datagram Sockets (RDS) protocol implementation that allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.", - "summary": "The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which a...", - "vendor": "Linux" - }, - { - "cve": "CVE-2010-3962", - "date_added": "2025-10-06", - "due_date": "2025-10-27", - "epss": null, - "notes": "https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2010/2458511?redirectedfrom=MSDN ; https://nvd.nist.gov/vuln/detail/CVE-2010-3962", - "percentile": null, - "poc_count": 3, - "product": "Internet Explorer", - "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "Microsoft Internet Explorer contains an uninitialized memory corruption vulnerability that could allow for remote code execution. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.", - "summary": "Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2010-4344", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-4344", - "percentile": null, - "poc_count": 9, - "product": "Exim", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.", - "summary": "Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a lar...", - "vendor": "Exim" - }, - { - "cve": "CVE-2010-4345", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-4345", - "percentile": null, - "poc_count": 4, - "product": "Exim", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.", - "summary": "Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstra...", - "vendor": "Exim" - }, - { - "cve": "CVE-2010-4398", - "date_added": "2022-03-28", - "due_date": "2022-04-21", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-4398", - "percentile": null, - "poc_count": 9, - "product": "Windows", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature.", - "summary": "Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Wind...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2010-5326", - "date_added": "2021-11-03", - "due_date": "2022-05-03", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-5326", - "percentile": null, - "poc_count": 1, - "product": "NetWeaver", - "required_action": "Apply updates per vendor instructions.", - "short_description": "SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote code execution via a HTTP or HTTPS request.", - "summary": "The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as ex...", - "vendor": "SAP" - }, - { - "cve": "CVE-2010-5330", - "date_added": "2022-04-15", - "due_date": "2022-05-06", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-5330", - "percentile": null, - "poc_count": 2, - "product": "AirOS", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.", - "summary": "On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4....", - "vendor": "Ubiquiti" - }, - { - "cve": "CVE-2011-0609", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2011-0609", - "percentile": null, - "poc_count": 4, - "product": "Flash Player", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Adobe Flash Player contains an unspecified vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).", - "summary": "Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bund...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2011-0611", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2011-0611", - "percentile": null, - "poc_count": 8, - "product": "Flash Player", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Adobe Flash Player contains a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content.", - "summary": "Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2011-1823", - "date_added": "2022-09-08", - "due_date": "2022-09-29", - "epss": null, - "notes": "https://android.googlesource.com/platform/system/vold/+/c51920c82463b240e2be0430849837d6fdc5352e; https://nvd.nist.gov/vuln/detail/CVE-2011-1823", - "percentile": null, - "poc_count": 3, - "product": "Android OS", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is associated with GingerBreak and Exploit.AndroidOS.Lotoor.", - "summary": "The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 trusts messages that are received from a PF_NETLINK socket, which allows local users to execute arbitrary code and gain root privileges via a negative...", - "vendor": "Android" - }, - { - "cve": "CVE-2011-1889", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2011-1889", - "percentile": null, - "poc_count": 1, - "product": "Forefront Threat Management Gateway (TMG)", - "required_action": "Apply updates per vendor instructions.", - "short_description": "A remote code execution vulnerability exists in the Forefront Threat Management Gateway (TMG) Firewall Client Winsock provider that could allow code execution in the security context of the client application.", - "summary": "The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka \"TMG Firewa...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2011-2005", - "date_added": "2022-03-28", - "due_date": "2022-04-18", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2011-2005", - "percentile": null, - "poc_count": 18, - "product": "Ancillary Function Driver (afd.sys)", - "required_action": "Apply updates per vendor instructions.", - "short_description": "afd.sys in the Ancillary Function Driver in Microsoft Windows does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application.", - "summary": "afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a craf...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2011-2462", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2011-2462", - "percentile": null, - "poc_count": 7, - "product": "Reader and Acrobat", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The Universal 3D (U3D) component in Adobe Reader and Acrobat contains a memory corruption vulnerability which could allow remote attackers to execute code or cause denial-of-service (DoS).", - "summary": "Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or c...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2011-3402", - "date_added": "2025-10-06", - "due_date": "2025-10-27", - "epss": null, - "notes": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-087 ; https://nvd.nist.gov/vuln/detail/CVE-2011-3402", - "percentile": null, - "poc_count": 3, + "poc_count": 0, "product": "Windows", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", - "short_description": "Microsoft Windows Kernel contains an unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers that allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page.", - "summary": "Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and...", + "short_description": "Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges locally.", "vendor": "Microsoft" }, { - "cve": "CVE-2011-3544", - "date_added": "2022-03-03", - "due_date": "2022-03-24", + "cve": "CVE-2022-37055", + "date_added": "2025-12-08", + "due_date": "2025-12-29", "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2011-3544", + "notes": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10308 ; https://nvd.nist.gov/vuln/detail/CVE-2022-37055", "percentile": null, - "poc_count": 5, - "product": "Java SE JDK and JRE", - "required_action": "Apply updates per vendor instructions.", - "short_description": "An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.", - "summary": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect...", - "vendor": "Oracle" - }, - { - "cve": "CVE-2011-4723", - "date_added": "2022-09-08", - "due_date": "2022-09-29", - "epss": null, - "notes": "https://www.dlink.com/uk/en/support/product/dir-300-wireless-g-router; https://nvd.nist.gov/vuln/detail/CVE-2011-4723", - "percentile": null, - "poc_count": 1, - "product": "DIR-300 Router", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information.", - "summary": "The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.", + "poc_count": 2, + "product": "Routers", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "D-Link Routers contains a buffer overflow vulnerability that has a high impact on confidentiality, integrity, and availability. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.", "vendor": "D-Link" }, { - "cve": "CVE-2012-0151", - "date_added": "2022-06-08", - "due_date": "2022-06-22", + "cve": "CVE-2025-66644", + "date_added": "2025-12-08", + "due_date": "2025-12-29", "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-0151", + "notes": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/ag.html ; https://www.jpcert.or.jp/at/2025/at250024.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-66644", + "percentile": null, + "poc_count": 0, + "product": "ArrayOS AG", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "Array Networks ArrayOS AG contains an OS command injection vulnerability that could allow an attacker to execute arbitrary commands.", + "vendor": "Array Networks" + }, + { + "cve": "CVE-2025-55182", + "date_added": "2025-12-05", + "due_date": "2025-12-12", + "epss": null, + "notes": "Check for signs of potential compromise on all internet accessible REACT instances after applying mitigations. For more information, please see: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components ; https://github.com/vercel-labs/fix-react2shell-next?tab=readme-ov-file ; https://nvd.nist.gov/vuln/detail/CVE-2025-55182", + "percentile": null, + "poc_count": 0, + "product": "React Server Components", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent to React Server Function endpoints. Please note CVE-2025-66478 has been rejected, but it is associated with CVE-2025- 55182.", + "vendor": "Meta" + }, + { + "cve": "CVE-2021-26828", + "date_added": "2025-12-03", + "due_date": "2025-12-24", + "epss": null, + "notes": "This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/SCADA-LTS/Scada-LTS/pull/2174 ; https://nvd.nist.gov/vuln/detail/CVE-2021-26828", + "percentile": null, + "poc_count": 16, + "product": "ScadaBR", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.", + "vendor": "OpenPLC" + }, + { + "cve": "CVE-2025-48572", + "date_added": "2025-12-02", + "due_date": "2025-12-23", + "epss": null, + "notes": "https://source.android.com/docs/security/bulletin/2025-12-01 ; https://nvd.nist.gov/vuln/detail/CVE-2025-48572", + "percentile": null, + "poc_count": 0, + "product": "Framework", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "Android Framework contains an unspecified vulnerability that allows for privilege escalation.", + "vendor": "Android" + }, + { + "cve": "CVE-2025-48633", + "date_added": "2025-12-02", + "due_date": "2025-12-23", + "epss": null, + "notes": "https://source.android.com/docs/security/bulletin/2025-12-01 ; https://nvd.nist.gov/vuln/detail/CVE-2025-48633", + "percentile": null, + "poc_count": 0, + "product": "Framework", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "Android Framework contains an unspecified vulnerability that allows for information disclosure.", + "vendor": "Android" + }, + { + "cve": "CVE-2021-26829", + "date_added": "2025-11-28", + "due_date": "2025-12-19", + "epss": null, + "notes": "This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/SCADA-LTS/Scada-LTS/pull/3211 ; https://nvd.nist.gov/vuln/detail/CVE-2021-26829", "percentile": null, "poc_count": 1, - "product": "Windows", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute code.", - "summary": "The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer...", - "vendor": "Microsoft" + "product": "ScadaBR", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "OpenPLC ScadaBR contains a cross-site scripting vulnerability via system_settings.shtm.", + "vendor": "OpenPLC" }, { - "cve": "CVE-2012-0158", - "date_added": "2021-11-03", - "due_date": "2022-05-03", + "cve": "CVE-2025-61757", + "date_added": "2025-11-21", + "due_date": "2025-12-12", "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-0158", + "notes": "https://www.oracle.com/security-alerts/cpuoct2025.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-61757", "percentile": null, - "poc_count": 29, - "product": "MSCOMCTL.OCX", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft MSCOMCTL.OCX contains an unspecified vulnerability that allows for remote code execution, allowing an attacker to take complete control of an affected system under the context of the current user.", - "summary": "The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Component...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2012-0391", - "date_added": "2022-01-21", - "due_date": "2022-07-21", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-0391", - "percentile": null, - "poc_count": 6, - "product": "Struts 2", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution.", - "summary": "The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers...", - "vendor": "Apache" - }, - { - "cve": "CVE-2012-0507", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-0507", - "percentile": null, - "poc_count": 6, - "product": "Java SE", - "required_action": "Apply updates per vendor instructions.", - "short_description": "An incorrect type vulnerability exists in the Concurrency component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.", - "summary": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidential...", - "vendor": "Oracle" - }, - { - "cve": "CVE-2012-0518", - "date_added": "2022-03-28", - "due_date": "2022-04-18", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-0518", - "percentile": null, - "poc_count": 4, + "poc_count": 0, "product": "Fusion Middleware", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via Unknown vectors", - "summary": "Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a differ...", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over Identity Manager.", "vendor": "Oracle" }, { - "cve": "CVE-2012-0754", - "date_added": "2022-06-08", - "due_date": "2022-06-22", + "cve": "CVE-2025-13223", + "date_added": "2025-11-19", + "due_date": "2025-12-10", "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-0754", + "notes": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_17.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-13223", "percentile": null, - "poc_count": 1, - "product": "Flash Player", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).", - "summary": "Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute ar...", - "vendor": "Adobe" + "poc_count": 0, + "product": "Chromium V8", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "Google Chromium V8 contains a type confusion vulnerability that allows for heap corruption.", + "vendor": "Google" }, { - "cve": "CVE-2012-0767", - "date_added": "2022-06-08", - "due_date": "2022-06-22", + "cve": "CVE-2025-58034", + "date_added": "2025-11-18", + "due_date": "2025-11-25", "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-0767", + "notes": "https://fortiguard.fortinet.com/psirt/FG-IR-25-513 ; https://nvd.nist.gov/vuln/detail/CVE-2025-58034", "percentile": null, - "poc_count": 1, - "product": "Flash Player", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Adobe Flash Player contains a XSS vulnerability that allows remote attackers to inject web script or HTML.", - "summary": "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 o...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2012-1535", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-1535", - "percentile": null, - "poc_count": 1, - "product": "Flash Player", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code or cause a denial of service via crafted SWF content.", - "summary": "Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2012-1710", - "date_added": "2022-05-25", - "due_date": "2022-06-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-1710", - "percentile": null, - "poc_count": 3, - "product": "Fusion Middleware", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Designer.", - "summary": "Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors rel...", - "vendor": "Oracle" - }, - { - "cve": "CVE-2012-1723", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-1723", - "percentile": null, - "poc_count": 5, - "product": "Java SE", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Hotspot.", - "summary": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to...", - "vendor": "Oracle" - }, - { - "cve": "CVE-2012-1823", - "date_added": "2022-03-25", - "due_date": "2022-04-15", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-1823", - "percentile": null, - "poc_count": 71, - "product": "PHP", - "required_action": "Apply updates per vendor instructions.", - "short_description": "sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.", - "summary": "sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attack...", - "vendor": "PHP" - }, - { - "cve": "CVE-2012-1856", - "date_added": "2022-03-03", - "due_date": "2022-03-24", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-1856", - "percentile": null, - "poc_count": 5, - "product": "Office", - "required_action": "Apply updates per vendor instructions.", - "short_description": "The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption.", - "summary": "The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2012-1889", - "date_added": "2022-06-08", - "due_date": "2022-06-22", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-1889", - "percentile": null, - "poc_count": 9, - "product": "XML Core Services", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft XML Core Services contains a memory corruption vulnerability which could allow for remote code execution.", - "summary": "Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2012-2034", - "date_added": "2022-03-28", - "due_date": "2022-04-18", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-2034", - "percentile": null, - "poc_count": 1, - "product": "Flash Player", - "required_action": "The impacted product is end-of-life and should be disconnected if still in use.", - "short_description": "Adobe Flash Player contains a memory corruption vulnerability that allows for remote code execution or denial-of-service (DoS).", - "summary": "Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on...", - "vendor": "Adobe" - }, - { - "cve": "CVE-2012-2539", - "date_added": "2022-03-28", - "due_date": "2022-04-18", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-2539", - "percentile": null, - "poc_count": 1, - "product": "Word", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Microsoft Word allows attackers to execute remote code or cause a denial-of-service (DoS) via crafted RTF data.", - "summary": "Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (...", - "vendor": "Microsoft" - }, - { - "cve": "CVE-2012-3152", - "date_added": "2021-11-03", - "due_date": "2022-05-03", - "epss": null, - "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-3152", - "percentile": null, - "poc_count": 9, - "product": "Fusion Middleware", - "required_action": "Apply updates per vendor instructions.", - "short_description": "Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity of affected systems.", - "summary": "Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors rela...", - "vendor": "Oracle" + "poc_count": 0, + "product": "FortiWeb", + "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "short_description": "Fortinet FortiWeb contains an OS command Injection vulnerability that may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands.", + "vendor": "Fortinet" } ], "removed_high_epss": [], diff --git a/docs/api/v1/epss_top.json b/docs/api/v1/epss_top.json index f39bbc2b94..c42ccecaae 100644 --- a/docs/api/v1/epss_top.json +++ b/docs/api/v1/epss_top.json @@ -14,6 +14,62 @@ "percentile": 0.9843, "poc_count": 1, "summary": "The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks ro..." + }, + { + "cve": "CVE-2025-8489", + "epss": 0.43315, + "percentile": 0.97363, + "poc_count": 0, + "summary": "" + }, + { + "cve": "CVE-2025-8426", + "epss": 0.3937, + "percentile": 0.97134, + "poc_count": 0, + "summary": "" + }, + { + "cve": "CVE-2025-8518", + "epss": 0.33903, + "percentile": 0.96792, + "poc_count": 1, + "summary": "A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l..." + }, + { + "cve": "CVE-2025-8868", + "epss": 0.17119, + "percentile": 0.94767, + "poc_count": 0, + "summary": "" + }, + { + "cve": "CVE-2025-8730", + "epss": 0.11861, + "percentile": 0.93477, + "poc_count": 2, + "summary": "A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-c..." + }, + { + "cve": "CVE-2025-7795", + "epss": 0.096, + "percentile": 0.92596, + "poc_count": 3, + "summary": "A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument pa..." + }, + { + "cve": "CVE-2025-9090", + "epss": 0.08297, + "percentile": 0.91936, + "poc_count": 4, + "summary": "A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible..." + }, + { + "cve": "CVE-2025-8085", + "epss": 0.07832, + "percentile": 0.91659, + "poc_count": 1, + "summary": "The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs." } ] } \ No newline at end of file diff --git a/docs/api/v1/joined_top.json b/docs/api/v1/joined_top.json index a9322f62d1..43a142a2a0 100644 --- a/docs/api/v1/joined_top.json +++ b/docs/api/v1/joined_top.json @@ -14,6 +14,62 @@ "percentile": 0.9843, "poc_count": 1, "summary": "The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks ro..." + }, + { + "cve": "CVE-2025-8489", + "epss": 0.43315, + "percentile": 0.97363, + "poc_count": 0, + "summary": "" + }, + { + "cve": "CVE-2025-8426", + "epss": 0.3937, + "percentile": 0.97134, + "poc_count": 0, + "summary": "" + }, + { + "cve": "CVE-2025-8518", + "epss": 0.33903, + "percentile": 0.96792, + "poc_count": 1, + "summary": "A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l..." + }, + { + "cve": "CVE-2025-8868", + "epss": 0.17119, + "percentile": 0.94767, + "poc_count": 0, + "summary": "" + }, + { + "cve": "CVE-2025-8730", + "epss": 0.11861, + "percentile": 0.93477, + "poc_count": 2, + "summary": "A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-c..." + }, + { + "cve": "CVE-2025-7795", + "epss": 0.096, + "percentile": 0.92596, + "poc_count": 3, + "summary": "A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument pa..." + }, + { + "cve": "CVE-2025-9090", + "epss": 0.08297, + "percentile": 0.91936, + "poc_count": 4, + "summary": "A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible..." + }, + { + "cve": "CVE-2025-8085", + "epss": 0.07832, + "percentile": 0.91659, + "poc_count": 1, + "summary": "The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs." } ], "kev_top": [ diff --git a/docs/api/v1/snapshots/2025-12-17.json b/docs/api/v1/snapshots/2025-12-17.json index a9322f62d1..43a142a2a0 100644 --- a/docs/api/v1/snapshots/2025-12-17.json +++ b/docs/api/v1/snapshots/2025-12-17.json @@ -14,6 +14,62 @@ "percentile": 0.9843, "poc_count": 1, "summary": "The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks ro..." + }, + { + "cve": "CVE-2025-8489", + "epss": 0.43315, + "percentile": 0.97363, + "poc_count": 0, + "summary": "" + }, + { + "cve": "CVE-2025-8426", + "epss": 0.3937, + "percentile": 0.97134, + "poc_count": 0, + "summary": "" + }, + { + "cve": "CVE-2025-8518", + "epss": 0.33903, + "percentile": 0.96792, + "poc_count": 1, + "summary": "A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l..." + }, + { + "cve": "CVE-2025-8868", + "epss": 0.17119, + "percentile": 0.94767, + "poc_count": 0, + "summary": "" + }, + { + "cve": "CVE-2025-8730", + "epss": 0.11861, + "percentile": 0.93477, + "poc_count": 2, + "summary": "A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-c..." + }, + { + "cve": "CVE-2025-7795", + "epss": 0.096, + "percentile": 0.92596, + "poc_count": 3, + "summary": "A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument pa..." + }, + { + "cve": "CVE-2025-9090", + "epss": 0.08297, + "percentile": 0.91936, + "poc_count": 4, + "summary": "A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible..." + }, + { + "cve": "CVE-2025-8085", + "epss": 0.07832, + "percentile": 0.91659, + "poc_count": 1, + "summary": "The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs." } ], "kev_top": [ diff --git a/docs/cve/index.html b/docs/cve/index.html index 89e7445f00..e5f59d20d6 100644 --- a/docs/cve/index.html +++ b/docs/cve/index.html @@ -10,12 +10,12 @@
-
CVE PoC Hubdaily
+
CVE PoC Hub
@@ -25,10 +25,6 @@

Loading…

Fetching CVE data.

-
- Data source: /api/v1/cve/<id>.json - Fallback: CVE_list.json -