{ "generated": "2025-12-17", "high_epss": [ { "cve": "CVE-2025-8943", "epss": 0.6583, "percentile": 0.98431, "poc_count": 1, "summary": "The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks ro..." }, { "cve": "CVE-2025-8518", "epss": 0.33903, "percentile": 0.96794, "poc_count": 1, "summary": "A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l..." }, { "cve": "CVE-2025-8730", "epss": 0.11861, "percentile": 0.93482, "poc_count": 2, "summary": "A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-c..." }, { "cve": "CVE-2025-7795", "epss": 0.096, "percentile": 0.926, "poc_count": 3, "summary": "A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument pa..." }, { "cve": "CVE-2025-9090", "epss": 0.0924, "percentile": 0.92438, "poc_count": 4, "summary": "A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible..." }, { "cve": "CVE-2025-8085", "epss": 0.07832, "percentile": 0.91666, "poc_count": 1, "summary": "The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs." } ], "kev_top": [ { "cve": "CVE-2025-7775", "date_added": "2025-08-26", "due_date": "2025-08-28", "epss": 0.17354, "notes": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938 ; https://nvd.nist.gov/vuln/detail/CVE-2025-7775", "percentile": 0.9482, "poc_count": 15, "product": "NetScaler", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "short_description": "Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that could allow for remote code execution and/or denial of service.", "summary": "Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) o...", "vendor": "Citrix" }, { "cve": "CVE-2025-9377", "date_added": "2025-09-03", "due_date": "2025-09-24", "epss": 0.14589, "notes": "https://www.tp-link.com/us/support/faq/4308/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-9377", "percentile": 0.94221, "poc_count": 4, "product": "Multiple Routers", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "short_description": "TP-Link Archer C7(EU) and TL-WR841N/ND(MS) contain an OS command injection vulnerability that exists in the Parental Control page. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.", "summary": "The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9.This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/N...", "vendor": "TP-Link" }, { "cve": "CVE-2025-8876", "date_added": "2025-08-13", "due_date": "2025-08-20", "epss": 0.13881, "notes": "https://status.n-able.com/2025/08/13/announcing-the-ga-of-n-central-2025-3-1/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-8876", "percentile": 0.94063, "poc_count": 6, "product": "N-Central", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "short_description": "N-able N-Central contains a command injection vulnerability via improper sanitization of user input.", "summary": "Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1.", "vendor": "N-able" }, { "cve": "CVE-2025-8875", "date_added": "2025-08-13", "due_date": "2025-08-20", "epss": 0.05085, "notes": "https://status.n-able.com/2025/08/13/announcing-the-ga-of-n-central-2025-3-1/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-8875", "percentile": 0.89429, "poc_count": 7, "product": "N-Central", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "short_description": "N-able N-Central contains an insecure deserialization vulnerability that could lead to command execution.", "summary": "Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-central: before 2025.3.1.", "vendor": "N-able" }, { "cve": "CVE-2025-8088", "date_added": "2025-08-12", "due_date": "2025-09-02", "epss": 0.03156, "notes": "https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=283&cHash=a64b4a8f662d3639dec8d65f47bc93c5 ; https://nvd.nist.gov/vuln/detail/CVE-2025-8088", "percentile": 0.86473, "poc_count": 45, "product": "WinRAR", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "short_description": "RARLAB WinRAR contains a path traversal vulnerability affecting the Windows version of WinRAR. This vulnerability could allow an attacker to execute arbitrary code by crafting malicious archive files.", "summary": "A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovere...", "vendor": "RARLAB" }, { "cve": "CVE-2024-0012", "date_added": "2024-11-18", "due_date": "2024-12-09", "epss": null, "notes": "https://security.paloaltonetworks.com/CVE-2024-0012 ; https://nvd.nist.gov/vuln/detail/CVE-2024-0012", "percentile": null, "poc_count": 29, "product": "PAN-OS", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, management interface for affected devices should not be exposed to untrusted networks, including the internet.", "short_description": "Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in the web-based management interface for several PAN-OS products, including firewalls and VPN concentrators.", "summary": "An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative...", "vendor": "Palo Alto Networks" }, { "cve": "CVE-2024-0519", "date_added": "2024-01-17", "due_date": "2024-02-07", "epss": null, "notes": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html; https://nvd.nist.gov/vuln/detail/CVE-2024-0519", "percentile": null, "poc_count": 5, "product": "Chromium V8", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "summary": "Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "vendor": "Google" }, { "cve": "CVE-2024-0769", "date_added": "2025-06-25", "due_date": "2025-07-16", "epss": null, "notes": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10371 ; https://nvd.nist.gov/vuln/detail/CVE-2024-0769", "percentile": null, "poc_count": 4, "product": "DIR-859 Router", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "short_description": "D-Link DIR-859 routers contain a path traversal vulnerability in the file /hedwig.cgi of the component HTTP POST Request Handler. Manipulation of the argument service with the input ../../../../htdocs/webinc/getcfg/DHCPS6.BRIDGE-1.xml allows for the leakage of session data potentially enabling privilege escalation and unauthorized control of the device. This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.", "summary": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06B01. It has been rated as critical. Affected by this issue is some unknown functionality of the file /hedwig.cgi of the component HTTP PO...", "vendor": "D-Link" }, { "cve": "CVE-2024-1086", "date_added": "2024-05-30", "due_date": "2024-06-20", "epss": null, "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f342de4e2f33e0e39165d8639387aa6c19dff660; https://nvd.nist.gov/vuln/detail/CVE-2024-1086", "percentile": null, "poc_count": 86, "product": "Kernel", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation.", "summary": "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.The nft_verdict_init() function allows positive values as drop error within th...", "vendor": "Linux" }, { "cve": "CVE-2024-11120", "date_added": "2025-05-07", "due_date": "2025-05-28", "epss": null, "notes": "https://dlcdn.geovision.com.tw/TechNotice/CyberSecurity/Security_Advisory_IP_Device_2024-11.pdf ; https://nvd.nist.gov/vuln/detail/CVE-2024-11120", "percentile": null, "poc_count": 3, "product": "Multiple Devices", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "short_description": "Multiple GeoVision devices contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to inject and execute arbitrary system commands. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.", "summary": "Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this v...", "vendor": "GeoVision" }, { "cve": "CVE-2024-11182", "date_added": "2025-05-19", "due_date": "2025-06-09", "epss": null, "notes": "https://files.mdaemon.com/mdaemon/beta/RelNotes_en.html ; https://mdaemon.com/pages/downloads-critical-updates ; https://nvd.nist.gov/vuln/detail/CVE-2024-11182", "percentile": null, "poc_count": 4, "product": "Email Server", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "short_description": "MDaemon Email Server contains a cross-site scripting (XSS) vulnerability that allows a remote attacker to load arbitrary JavaScript code via an HTML e-mail message.", "summary": "An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attackerto load arbitrary JavaScript cod...", "vendor": "MDaemon" }, { "cve": "CVE-2024-11667", "date_added": "2024-12-03", "due_date": "2024-12-24", "epss": null, "notes": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-21-2024 ; https://nvd.nist.gov/vuln/detail/CVE-2024-11667", "percentile": null, "poc_count": 3, "product": "Multiple Firewalls", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Multiple Zyxel firewalls contain a path traversal vulnerability in the web management interface that could allow an attacker to download or upload files via a crafted URL.", "summary": "A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware vers...", "vendor": "Zyxel" }, { "cve": "CVE-2024-11680", "date_added": "2024-12-03", "due_date": "2024-12-24", "epss": null, "notes": "https://github.com/projectsend/projectsend/commit/193367d937b1a59ed5b68dd4e60bd53317473744 ; https://nvd.nist.gov/vuln/detail/CVE-2024-11680", "percentile": null, "poc_count": 10, "product": "ProjectSend", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "ProjectSend contains an improper authentication vulnerability that allows a remote, unauthenticated attacker to enable unauthorized modification of the application's configuration via crafted HTTP requests to options.php. Successful exploitation allows attackers to create accounts, upload webshells, and embed malicious JavaScript.", "summary": "ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Remote, unauthenticated attackers can exploit this flaw by sending crafted HTTP requests to options.php, enabling unauthori...", "vendor": "ProjectSend" }, { "cve": "CVE-2024-1212", "date_added": "2024-11-18", "due_date": "2024-12-09", "epss": null, "notes": "https://community.progress.com/s/article/Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212 ; https://nvd.nist.gov/vuln/detail/CVE-2024-1212", "percentile": null, "poc_count": 10, "product": "Kemp LoadMaster", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution.", "summary": "Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.", "vendor": "Progress" }, { "cve": "CVE-2024-12356", "date_added": "2024-12-19", "due_date": "2024-12-27", "epss": null, "notes": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-10 ; https://nvd.nist.gov/vuln/detail/CVE-2024-12356", "percentile": null, "poc_count": 6, "product": "Privileged Remote Access (PRA) and Remote Support (RS)", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain a command injection vulnerability, which can allow an unauthenticated attacker to inject commands that are run as a site user.", "summary": "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.", "vendor": "BeyondTrust" }, { "cve": "CVE-2024-12686", "date_added": "2025-01-13", "due_date": "2025-02-03", "epss": null, "notes": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-11 ; https://nvd.nist.gov/vuln/detail/CVE-2024-12686", "percentile": null, "poc_count": 4, "product": "Privileged Remote Access (PRA) and Remote Support (RS)", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain an OS command injection vulnerability that can be exploited by an attacker with existing administrative privileges to upload a malicious file. Successful exploitation of this vulnerability can allow a remote attacker to execute underlying operating system commands within the context of the site user.", "summary": "A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.", "vendor": "BeyondTrust" }, { "cve": "CVE-2024-12987", "date_added": "2025-05-15", "due_date": "2025-06-05", "epss": null, "notes": "https://fw.draytek.com.tw/Vigor2960/Firmware/v1.5.1.5/DrayTek_Vigor2960_V1.5.1.5_01release-note.pdf ; https://fw.draytek.com.tw/Vigor300B/Firmware/v1.5.1.5/DrayTek_Vigor300B_V1.5.1.5_01release-note.pdf ; https://fw.draytek.com.tw/Vigor3900/Firmware/v1.5.1.5/DrayTek_Vigor3900_V1.5.1.5_01release-note.pdf ; https://nvd.nist.gov/vuln/detail/CVE-2024-12987", "percentile": null, "poc_count": 3, "product": "Vigor Routers", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "short_description": "DrayTek Vigor2960, Vigor300B, and Vigor3900 routers contain an OS command injection vulnerability due to an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component web management interface.", "summary": "A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1.5.1.4. Affected is an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component Web Manageme...", "vendor": "DrayTek" }, { "cve": "CVE-2024-13159", "date_added": "2025-03-10", "due_date": "2025-03-31", "epss": null, "notes": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2024-13159", "percentile": null, "poc_count": 9, "product": "Endpoint Manager (EPM)", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "short_description": "Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.", "summary": "Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.", "vendor": "Ivanti" }, { "cve": "CVE-2024-13160", "date_added": "2025-03-10", "due_date": "2025-03-31", "epss": null, "notes": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2024-13160", "percentile": null, "poc_count": 8, "product": "Endpoint Manager (EPM)", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "short_description": "Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.", "summary": "Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.", "vendor": "Ivanti" }, { "cve": "CVE-2024-13161", "date_added": "2025-03-10", "due_date": "2025-03-31", "epss": null, "notes": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2024-13161", "percentile": null, "poc_count": 8, "product": "Endpoint Manager (EPM)", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "short_description": "Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.", "summary": "Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.", "vendor": "Ivanti" }, { "cve": "CVE-2024-1709", "date_added": "2024-02-22", "due_date": "2024-02-29", "epss": null, "notes": "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8; https://nvd.nist.gov/vuln/detail/CVE-2024-1709", "percentile": null, "poc_count": 35, "product": "ScreenConnect", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "ConnectWise ScreenConnect contains an authentication bypass vulnerability that allows an attacker with network access to the management interface to create a new, administrator-level account on affected devices.", "summary": "ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical s...", "vendor": "ConnectWise" }, { "cve": "CVE-2024-20353", "date_added": "2024-04-24", "due_date": "2024-05-01", "epss": null, "notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2; https://nvd.nist.gov/vuln/detail/CVE-2024-20353", "percentile": null, "poc_count": 5, "product": "Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that can lead to remote denial of service condition.", "summary": "A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the...", "vendor": "Cisco" }, { "cve": "CVE-2024-20359", "date_added": "2024-04-24", "due_date": "2024-05-01", "epss": null, "notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h; https://nvd.nist.gov/vuln/detail/CVE-2024-20359", "percentile": null, "poc_count": 4, "product": "Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability that can allow local privilege escalation from Administrator to root.", "summary": "A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FT...", "vendor": "Cisco" }, { "cve": "CVE-2024-20399", "date_added": "2024-07-02", "due_date": "2024-07-23", "epss": null, "notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP; https://nvd.nist.gov/vuln/detail/CVE-2024-20399", "percentile": null, "poc_count": 2, "product": "NX-OS", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Cisco NX-OS contains a command injection vulnerability in the command line interface (CLI) that could allow an authenticated, local attacker to execute commands as root on the underlying operating system of an affected device.", "summary": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected d...", "vendor": "Cisco" }, { "cve": "CVE-2024-20439", "date_added": "2025-03-31", "due_date": "2025-04-21", "epss": null, "notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw ; https://nvd.nist.gov/vuln/detail/CVE-2024-20439", "percentile": null, "poc_count": 7, "product": "Smart Licensing Utility", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "short_description": "Cisco Smart Licensing Utility contains a static credential vulnerability that allows an unauthenticated, remote attacker to log in to an affected system and gain administrative credentials.", "summary": "A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by using a static administrative credential. This vulnerability is due to an undoc...", "vendor": "Cisco" }, { "cve": "CVE-2024-20481", "date_added": "2024-10-24", "due_date": "2024-11-14", "epss": null, "notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-bf-dos-vDZhLqrW ; https://nvd.nist.gov/vuln/detail/CVE-2024-20481", "percentile": null, "poc_count": 1, "product": "Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) of the RAVPN service.", "summary": "A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a...", "vendor": "Cisco" }, { "cve": "CVE-2024-20767", "date_added": "2024-12-16", "due_date": "2025-01-06", "epss": null, "notes": "https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-20767", "percentile": null, "poc_count": 30, "product": "ColdFusion", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify restricted files via an internet-exposed admin panel.", "summary": "ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. An attacker could leverage this vulnerability to access or modi...", "vendor": "Adobe" }, { "cve": "CVE-2024-20953", "date_added": "2025-02-24", "due_date": "2025-03-17", "epss": null, "notes": "https://www.oracle.com/security-alerts/cpujan2024.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-20953", "percentile": null, "poc_count": 2, "product": "Agile Product Lifecycle Management (PLM)", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Oracle Agile Product Lifecycle Management (PLM) contains a deserialization vulnerability that allows a low-privileged attacker with network access via HTTP to compromise the system.", "summary": "Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Export). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network a...", "vendor": "Oracle" }, { "cve": "CVE-2024-21287", "date_added": "2024-11-21", "due_date": "2024-12-12", "epss": null, "notes": "https://www.oracle.com/security-alerts/alert-cve-2024-21287.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-21287", "percentile": null, "poc_count": 2, "product": "Agile Product Lifecycle Management (PLM)", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Oracle Agile Product Lifecycle Management (PLM) contains an incorrect authorization vulnerability in the Process Extension component of the Software Development Kit. Successful exploitation of this vulnerability may result in unauthenticated file disclosure.", "summary": "Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The supported version that is affected is 9.3.6. Easily exploitable vulnerabilit...", "vendor": "Oracle" }, { "cve": "CVE-2024-21338", "date_added": "2024-03-04", "due_date": "2024-03-25", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21338; https://nvd.nist.gov/vuln/detail/CVE-2024-21338", "percentile": null, "poc_count": 28, "product": "Windows", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.", "summary": "Windows Kernel Elevation of Privilege Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-21351", "date_added": "2024-02-13", "due_date": "2024-03-05", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-21351; https://nvd.nist.gov/vuln/detail/CVE-2024-21351", "percentile": null, "poc_count": 1, "product": "Windows", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience and inject code to potentially gain code execution, which could lead to some data exposure, lack of system availability, or both.", "summary": "Windows SmartScreen Security Feature Bypass Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-21410", "date_added": "2024-02-15", "due_date": "2024-03-07", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21410; https://nvd.nist.gov/vuln/detail/CVE-2024-21410", "percentile": null, "poc_count": 3, "product": "Exchange Server", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.", "summary": "Microsoft Exchange Server Elevation of Privilege Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-21412", "date_added": "2024-02-13", "due_date": "2024-03-05", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-21412; https://nvd.nist.gov/vuln/detail/CVE-2024-21412", "percentile": null, "poc_count": 7, "product": "Windows", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypass.", "summary": "Internet Shortcut Files Security Feature Bypass Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-21413", "date_added": "2025-02-06", "due_date": "2025-02-27", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413 ; https://nvd.nist.gov/vuln/detail/CVE-2024-21413", "percentile": null, "poc_count": 104, "product": "Office Outlook", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft Outlook contains an improper input validation vulnerability that allows for remote code execution. Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.", "summary": "Microsoft Outlook Remote Code Execution Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-21762", "date_added": "2024-02-09", "due_date": "2024-02-16", "epss": null, "notes": "https://fortiguard.fortinet.com/psirt/FG-IR-24-015 ; https://nvd.nist.gov/vuln/detail/CVE-2024-21762", "percentile": null, "poc_count": 60, "product": "FortiOS", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute code or commands via specially crafted HTTP requests.", "summary": "A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7....", "vendor": "Fortinet" }, { "cve": "CVE-2024-21887", "date_added": "2024-01-10", "due_date": "2024-01-22", "epss": null, "notes": "Please apply mitigations per vendor instructions. For more information, please see: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2024-21887", "percentile": null, "poc_count": 54, "product": "Connect Secure and Policy Secure", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure contain a command injection vulnerability in the web components of these products, which can allow an authenticated administrator to send crafted requests to execute code on affected appliances. This vulnerability can be leveraged in conjunction with CVE-2023-46805, an authenticated bypass issue.", "summary": "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitr...", "vendor": "Ivanti" }, { "cve": "CVE-2024-21893", "date_added": "2024-01-31", "due_date": "2024-02-02", "epss": null, "notes": "https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2024-21893", "percentile": null, "poc_count": 17, "product": "Connect Secure, Policy Secure, and Neurons", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons contain a server-side request forgery (SSRF) vulnerability in the SAML component that allows an attacker to access certain restricted resources without authentication.", "summary": "A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted re...", "vendor": "Ivanti" }, { "cve": "CVE-2024-23113", "date_added": "2024-10-09", "due_date": "2024-10-30", "epss": null, "notes": "https://www.fortiguard.com/psirt/FG-IR-24-029 ; https://nvd.nist.gov/vuln/detail/CVE-2024-23113", "percentile": null, "poc_count": 28, "product": "Multiple Products", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb contain a format string vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.", "summary": "A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0...", "vendor": "Fortinet" }, { "cve": "CVE-2024-23222", "date_added": "2024-01-23", "due_date": "2024-02-13", "epss": null, "notes": "https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214056, https://support.apple.com/en-us/HT214057, https://support.apple.com/en-us/HT214058, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214061, https://support.apple.com/en-us/HT214063 ; https://nvd.nist.gov/vuln/detail/CVE-2024-23222", "percentile": null, "poc_count": 2, "product": "Multiple Products", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.", "summary": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution...", "vendor": "Apple" }, { "cve": "CVE-2024-23296", "date_added": "2024-03-06", "due_date": "2024-03-27", "epss": null, "notes": "https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214082, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214086, https://support.apple.com/en-us/HT214088 ; https://nvd.nist.gov/vuln/detail/CVE-2024-23296", "percentile": null, "poc_count": 1, "product": "Multiple Products", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Apple iOS, iPadOS, macOS, tvOS, and watchOS RTKit contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.", "summary": "A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protec...", "vendor": "Apple" }, { "cve": "CVE-2024-23692", "date_added": "2024-07-09", "due_date": "2024-07-30", "epss": null, "notes": "The patched Rejetto HTTP File Server (HFS) is version 3: https://github.com/rejetto/hfs?tab=readme-ov-file#installation, https://www.rejetto.com/hfs/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-23692", "percentile": null, "poc_count": 43, "product": "HTTP File Server", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Rejetto HTTP File Server contains an improper neutralization of special elements used in a template engine vulnerability. This allows a remote, unauthenticated attacker to execute commands on the affected system by sending a specially crafted HTTP request.", "summary": "Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affect...", "vendor": "Rejetto" }, { "cve": "CVE-2024-23897", "date_added": "2024-08-19", "due_date": "2024-09-09", "epss": null, "notes": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314; https://nvd.nist.gov/vuln/detail/CVE-2024-23897", "percentile": null, "poc_count": 137, "product": "Jenkins Command Line Interface (CLI)", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Jenkins Command Line Interface (CLI) contains a path traversal vulnerability that allows attackers limited read access to certain files, which can lead to code execution.", "summary": "Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthen...", "vendor": "Jenkins" }, { "cve": "CVE-2024-24919", "date_added": "2024-05-30", "due_date": "2024-06-20", "epss": null, "notes": "https://support.checkpoint.com/results/sk/sk182336 ; https://nvd.nist.gov/vuln/detail/CVE-2024-24919", "percentile": null, "poc_count": 116, "product": "Quantum Security Gateways", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability potentially allows an attacker to access information on Gateways connected to the internet, with IPSec VPN, Remote Access VPN or Mobile Access enabled. This issue affects several product lines from Check Point, including CloudGuard Network, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark Appliances.", "summary": "Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mit...", "vendor": "Check Point" }, { "cve": "CVE-2024-26169", "date_added": "2024-06-13", "due_date": "2024-07-04", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26169; https://nvd.nist.gov/vuln/detail/CVE-2024-26169", "percentile": null, "poc_count": 2, "product": "Windows", "required_action": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "short_description": "Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.", "summary": "Windows Error Reporting Service Elevation of Privilege Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-27198", "date_added": "2024-03-07", "due_date": "2024-03-28", "epss": null, "notes": "https://www.jetbrains.com/help/teamcity/teamcity-2023-11-4-release-notes.html; https://nvd.nist.gov/vuln/detail/CVE-2024-27198", "percentile": null, "poc_count": 69, "product": "TeamCity", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions.", "summary": "In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible", "vendor": "JetBrains" }, { "cve": "CVE-2024-27348", "date_added": "2024-09-18", "due_date": "2024-10-09", "epss": null, "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9 ; https://nvd.nist.gov/vuln/detail/CVE-2024-27348", "percentile": null, "poc_count": 29, "product": "HugeGraph-Server", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Apache HugeGraph-Server contains an improper access control vulnerability that could allow a remote attacker to execute arbitrary code.", "summary": "RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11Users are recommended to upgrade to version 1.3.0 with Java11...", "vendor": "Apache" }, { "cve": "CVE-2024-27443", "date_added": "2025-05-19", "due_date": "2025-06-09", "epss": null, "notes": "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P46#Security_Fixes ; https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P39#Security_Fixes ; https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.7#Security_Fixes ; https://nvd.nist.gov/vuln/detail/CVE-2024-27443", "percentile": null, "poc_count": 3, "product": "Zimbra Collaboration Suite (ZCS)", "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "short_description": "Zimbra Collaboration contains a cross-site scripting (XSS) vulnerability in the CalendarInvite feature of the Zimbra webmail classic user interface. An attacker can exploit this vulnerability via an email message containing a crafted calendar header, leading to the execution of arbitrary JavaScript code.", "summary": "An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. A Cross-Site Scripting (XSS) vulnerability exists in the CalendarInvite feature of the Zimbra webmail classic user interface, because of improper inp...", "vendor": "Synacor" }, { "cve": "CVE-2024-28986", "date_added": "2024-08-15", "due_date": "2024-09-05", "epss": null, "notes": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28986; https://nvd.nist.gov/vuln/detail/CVE-2024-28986", "percentile": null, "poc_count": 1, "product": "Web Help Desk", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could allow for remote code execution.", "summary": "SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. While it was reported...", "vendor": "SolarWinds" }, { "cve": "CVE-2024-28987", "date_added": "2024-10-15", "due_date": "2024-11-05", "epss": null, "notes": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28987 ; https://nvd.nist.gov/vuln/detail/CVE-2024-28987", "percentile": null, "poc_count": 9, "product": "Web Help Desk", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "SolarWinds Web Help Desk contains a hardcoded credential vulnerability that could allow a remote, unauthenticated user to access internal functionality and modify data.", "summary": "The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.", "vendor": "SolarWinds" }, { "cve": "CVE-2024-28995", "date_added": "2024-07-17", "due_date": "2024-08-07", "epss": null, "notes": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995; https://nvd.nist.gov/vuln/detail/CVE-2024-28995", "percentile": null, "poc_count": 36, "product": "Serv-U", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the host machine.", "summary": "SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.", "vendor": "SolarWinds" }, { "cve": "CVE-2024-29059", "date_added": "2025-02-04", "due_date": "2025-02-25", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059 ; https://nvd.nist.gov/vuln/detail/CVE-2024-29059", "percentile": null, "poc_count": 7, "product": ".NET Framework", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft .NET Framework contains an information disclosure vulnerability that exposes the ObjRef URI to an attacker, ultimately enabling remote code execution.", "summary": ".NET Framework Information Disclosure Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-29745", "date_added": "2024-04-04", "due_date": "2024-04-25", "epss": null, "notes": "https://source.android.com/docs/security/bulletin/pixel/2024-04-01 ; https://nvd.nist.gov/vuln/detail/CVE-2024-29745", "percentile": null, "poc_count": 2, "product": "Pixel", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Android Pixel contains an information disclosure vulnerability in the fastboot firmware used to support unlocking, flashing, and locking affected devices.", "summary": "there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "vendor": "Android" }, { "cve": "CVE-2024-29748", "date_added": "2024-04-04", "due_date": "2024-04-25", "epss": null, "notes": "https://source.android.com/docs/security/bulletin/pixel/2024-04-01; https://nvd.nist.gov/vuln/detail/CVE-2024-29748", "percentile": null, "poc_count": 2, "product": "Pixel", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Android Pixel contains a privilege escalation vulnerability that allows an attacker to interrupt a factory reset triggered by a device admin app.", "summary": "there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.", "vendor": "Android" }, { "cve": "CVE-2024-29824", "date_added": "2024-10-02", "due_date": "2024-10-23", "epss": null, "notes": "https://forums.ivanti.com/s/article/Security-Advisory-May-2024 ; https://nvd.nist.gov/vuln/detail/CVE-2024-29824", "percentile": null, "poc_count": 32, "product": "Endpoint Manager (EPM)", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Ivanti Endpoint Manager (EPM) contains a SQL injection vulnerability in Core server that allows an unauthenticated attacker within the same network to execute arbitrary code.", "summary": "An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.", "vendor": "Ivanti" }, { "cve": "CVE-2024-29988", "date_added": "2024-04-30", "due_date": "2024-05-21", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988; https://nvd.nist.gov/vuln/detail/CVE-2024-29988", "percentile": null, "poc_count": 5, "product": "SmartScreen Prompt", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web (MotW) feature. This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file.", "summary": "SmartScreen Prompt Security Feature Bypass Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-30040", "date_added": "2024-05-14", "due_date": "2024-06-04", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040; https://nvd.nist.gov/vuln/detail/CVE-2024-30040", "percentile": null, "poc_count": 2, "product": "Windows", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for a security feature bypass.", "summary": "Windows MSHTML Platform Security Feature Bypass Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-30051", "date_added": "2024-05-14", "due_date": "2024-06-04", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30051; https://nvd.nist.gov/vuln/detail/CVE-2024-30051", "percentile": null, "poc_count": 8, "product": "DWM Core Library", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft DWM Core Library contains a privilege escalation vulnerability that allows an attacker to gain SYSTEM privileges.", "summary": "Windows DWM Core Library Elevation of Privilege Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-30088", "date_added": "2024-10-15", "due_date": "2024-11-05", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-30088 ; https://nvd.nist.gov/vuln/detail/CVE-2024-30088", "percentile": null, "poc_count": 24, "product": "Windows", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft Windows Kernel contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that could allow for privilege escalation.", "summary": "Windows Kernel Elevation of Privilege Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-32113", "date_added": "2024-08-07", "due_date": "2024-08-28", "epss": null, "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://lists.apache.org/thread/w6s60okgkxp2th1sr8vx0ndmgk68fqrd; https://nvd.nist.gov/vuln/detail/CVE-2024-32113", "percentile": null, "poc_count": 12, "product": "OFBiz", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Apache OFBiz contains a path traversal vulnerability that could allow for remote code execution.", "summary": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz.This issue affects Apache OFBiz: before 18.12.13.Users are recommended to upgrade to version 18.12.13, which...", "vendor": "Apache" }, { "cve": "CVE-2024-3272", "date_added": "2024-04-11", "due_date": "2024-05-02", "epss": null, "notes": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383; https://nvd.nist.gov/vuln/detail/CVE-2024-3272", "percentile": null, "poc_count": 21, "product": "Multiple NAS Devices", "required_action": "This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.", "short_description": "D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contains a hard-coded credential that allows an attacker to conduct authenticated command injection, leading to remote, unauthorized code execution.", "summary": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of t...", "vendor": "D-Link" }, { "cve": "CVE-2024-3273", "date_added": "2024-04-11", "due_date": "2024-05-02", "epss": null, "notes": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383; https://nvd.nist.gov/vuln/detail/CVE-2024-3273", "percentile": null, "poc_count": 37, "product": "Multiple NAS Devices", "required_action": "This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.", "short_description": "D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contain a command injection vulnerability. When combined with CVE-2024-3272, this can lead to remote, unauthorized code execution.", "summary": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_...", "vendor": "D-Link" }, { "cve": "CVE-2024-32896", "date_added": "2024-06-13", "due_date": "2024-07-04", "epss": null, "notes": "https://source.android.com/docs/security/bulletin/pixel/2024-06-01; https://nvd.nist.gov/vuln/detail/CVE-2024-32896", "percentile": null, "poc_count": 1, "product": "Pixel", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Android Pixel contains an unspecified vulnerability in the firmware that allows for privilege escalation.", "summary": "there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.", "vendor": "Android" }, { "cve": "CVE-2024-3393", "date_added": "2024-12-30", "due_date": "2025-01-20", "epss": null, "notes": "https://security.paloaltonetworks.com/CVE-2024-3393 ; https://nvd.nist.gov/vuln/detail/CVE-2024-3393", "percentile": null, "poc_count": 4, "product": "PAN-OS", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malicious DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.", "summary": "A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the...", "vendor": "Palo Alto Networks" }, { "cve": "CVE-2024-3400", "date_added": "2024-04-12", "due_date": "2024-04-19", "epss": null, "notes": "https://security.paloaltonetworks.com/CVE-2024-3400 ; https://nvd.nist.gov/vuln/detail/CVE-2024-3400", "percentile": null, "poc_count": 108, "product": "PAN-OS", "required_action": "Apply mitigations per vendor instructions as they become available. Otherwise, users with vulnerable versions of affected devices should enable Threat Prevention IDs available from the vendor. See the vendor bulletin for more details and a patch release schedule.", "short_description": "Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the firewall.", "summary": "A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable a...", "vendor": "Palo Alto Networks" }, { "cve": "CVE-2024-34102", "date_added": "2024-07-17", "due_date": "2024-08-07", "epss": null, "notes": "https://helpx.adobe.com/security/products/magento/apsb24-40.html; https://nvd.nist.gov/vuln/detail/CVE-2024-34102", "percentile": null, "poc_count": 53, "product": "Commerce and Magento Open Source", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Adobe Commerce and Magento Open Source contain an improper restriction of XML external entity reference (XXE) vulnerability that allows for remote code execution.", "summary": "Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An...", "vendor": "Adobe" }, { "cve": "CVE-2024-35250", "date_added": "2024-12-16", "due_date": "2025-01-06", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35250 ; https://nvd.nist.gov/vuln/detail/CVE-2024-35250", "percentile": null, "poc_count": 22, "product": "Windows", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft Windows Kernel-Mode Driver contains an untrusted pointer dereference vulnerability that allows a local attacker to escalate privileges.", "summary": "Windows Kernel-Mode Driver Elevation of Privilege Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-36401", "date_added": "2024-07-15", "due_date": "2024-08-05", "epss": null, "notes": "This vulnerability affects an open-source component, third-party library, or a protocol used by different products. For more information, please see: https://github.com/geoserver/geoserver/security/advisories/GHSA-6jj6-gm7p-fcvv, https://github.com/geotools/geotools/pull/4797 ; https://nvd.nist.gov/vuln/detail/CVE-2024-36401", "percentile": null, "poc_count": 74, "product": "GeoServer", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "OSGeo GeoServer GeoTools contains an improper neutralization of directives in dynamically evaluated code vulnerability due to unsafely evaluating property names as XPath expressions. This allows unauthenticated attackers to conduct remote code execution via specially crafted input.", "summary": "GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.22.6, 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution (RCE) by unauth...", "vendor": "OSGeo" }, { "cve": "CVE-2024-36971", "date_added": "2024-08-07", "due_date": "2024-08-28", "epss": null, "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://source.android.com/docs/security/bulletin/2024-08-01, https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T/#u ; https://nvd.nist.gov/vuln/detail/CVE-2024-36971", "percentile": null, "poc_count": 2, "product": "Kernel", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Android contains an unspecified vulnerability in the kernel that allows for remote code execution. This vulnerability resides in Linux Kernel and could impact other products, including but not limited to Android OS.", "summary": "In the Linux kernel, the following vulnerability has been resolved:net: fix __dst_negative_advice() race__dst_negative_advice() does not enforce proper RCU rules whensk->dst_cache must be cleared, leading to possible...", "vendor": "Android" }, { "cve": "CVE-2024-37085", "date_added": "2024-07-30", "due_date": "2024-08-20", "epss": null, "notes": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505; https://nvd.nist.gov/vuln/detail/CVE-2024-37085", "percentile": null, "poc_count": 6, "product": "ESXi", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.", "summary": "VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user m...", "vendor": "VMware" }, { "cve": "CVE-2024-37383", "date_added": "2024-10-24", "due_date": "2024-11-14", "epss": null, "notes": "https://github.com/roundcube/roundcubemail/releases/tag/1.5.7, https://github.com/roundcube/roundcubemail/releases/tag/1.6.7 ; https://nvd.nist.gov/vuln/detail/CVE-2024-37383", "percentile": null, "poc_count": 2, "product": "Webmail", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "RoundCube Webmail contains a cross-site scripting (XSS) vulnerability in the handling of SVG animate attributes that allows a remote attacker to run malicious JavaScript code.", "summary": "Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.", "vendor": "Roundcube" }, { "cve": "CVE-2024-38014", "date_added": "2024-09-10", "due_date": "2024-10-01", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38014; https://nvd.nist.gov/vuln/detail/CVE-2024-38014", "percentile": null, "poc_count": 2, "product": "Windows", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges.", "summary": "Windows Installer Elevation of Privilege Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-38080", "date_added": "2024-07-09", "due_date": "2024-07-30", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38080; https://nvd.nist.gov/vuln/detail/CVE-2024-38080", "percentile": null, "poc_count": 2, "product": "Windows", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft Windows Hyper-V contains a privilege escalation vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.", "summary": "Windows Hyper-V Elevation of Privilege Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-38094", "date_added": "2024-10-22", "due_date": "2024-11-12", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094 ; https://nvd.nist.gov/vuln/detail/CVE-2024-38094", "percentile": null, "poc_count": 3, "product": "SharePoint", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft SharePoint contains a deserialization vulnerability that allows for remote code execution.", "summary": "Microsoft SharePoint Remote Code Execution Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-38112", "date_added": "2024-07-09", "due_date": "2024-07-30", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38112; https://nvd.nist.gov/vuln/detail/CVE-2024-38112", "percentile": null, "poc_count": 6, "product": "Windows", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft Windows MSHTML Platform contains a spoofing vulnerability that has a high impact to confidentiality, integrity, and availability.", "summary": "Windows MSHTML Platform Spoofing Vulnerability", "vendor": "Microsoft" }, { "cve": "CVE-2024-38178", "date_added": "2024-08-13", "due_date": "2024-09-03", "epss": null, "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38178; https://nvd.nist.gov/vuln/detail/CVE-2024-38178", "percentile": null, "poc_count": 1, "product": "Windows", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "short_description": "Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to initiate remote code execution via a specially crafted URL.", "summary": "Scripting Engine Memory Corruption Vulnerability", "vendor": "Microsoft" } ] }