CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-02-12 22:53:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
CVEs-PoC/docs/api/v1/kev.json

3512 lines
234 KiB
JSON
Raw Permalink Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
"generated": "2025-12-17",
"items": [
{
"cve": "CVE-2025-7775",
"date_added": "2025-08-26",
"due_date": "2025-08-28",
"epss": 0.17354,
"notes": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938 ; https://nvd.nist.gov/vuln/detail/CVE-2025-7775",
"percentile": 0.9482,
"poc_count": 15,
"product": "NetScaler",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that could allow for remote code execution and/or denial of service.",
"summary": "Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) o...",
"vendor": "Citrix"
},
{
"cve": "CVE-2025-9377",
"date_added": "2025-09-03",
"due_date": "2025-09-24",
"epss": 0.14589,
"notes": "https://www.tp-link.com/us/support/faq/4308/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-9377",
"percentile": 0.94221,
"poc_count": 4,
"product": "Multiple Routers",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "TP-Link Archer C7(EU) and TL-WR841N/ND(MS) contain an OS command injection vulnerability that exists in the Parental Control page. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.",
"summary": "The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9.This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/N...",
"vendor": "TP-Link"
},
{
"cve": "CVE-2025-8876",
"date_added": "2025-08-13",
"due_date": "2025-08-20",
"epss": 0.13881,
"notes": "https://status.n-able.com/2025/08/13/announcing-the-ga-of-n-central-2025-3-1/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-8876",
"percentile": 0.94063,
"poc_count": 6,
"product": "N-Central",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "N-able N-Central contains a command injection vulnerability via improper sanitization of user input.",
"summary": "Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1.",
"vendor": "N-able"
},
{
"cve": "CVE-2025-8875",
"date_added": "2025-08-13",
"due_date": "2025-08-20",
"epss": 0.05085,
"notes": "https://status.n-able.com/2025/08/13/announcing-the-ga-of-n-central-2025-3-1/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-8875",
"percentile": 0.89429,
"poc_count": 7,
"product": "N-Central",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "N-able N-Central contains an insecure deserialization vulnerability that could lead to command execution.",
"summary": "Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-central: before 2025.3.1.",
"vendor": "N-able"
},
{
"cve": "CVE-2025-8088",
"date_added": "2025-08-12",
"due_date": "2025-09-02",
"epss": 0.03156,
"notes": "https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=283&cHash=a64b4a8f662d3639dec8d65f47bc93c5 ; https://nvd.nist.gov/vuln/detail/CVE-2025-8088",
"percentile": 0.86473,
"poc_count": 45,
"product": "WinRAR",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "RARLAB WinRAR contains a path traversal vulnerability affecting the Windows version of WinRAR. This vulnerability could allow an attacker to execute arbitrary code by crafting malicious archive files.",
"summary": "A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovere...",
"vendor": "RARLAB"
},
{
"cve": "CVE-2024-0012",
"date_added": "2024-11-18",
"due_date": "2024-12-09",
"epss": null,
"notes": "https://security.paloaltonetworks.com/CVE-2024-0012 ; https://nvd.nist.gov/vuln/detail/CVE-2024-0012",
"percentile": null,
"poc_count": 29,
"product": "PAN-OS",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, management interface for affected devices should not be exposed to untrusted networks, including the internet.",
"short_description": "Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in the web-based management interface for several PAN-OS products, including firewalls and VPN concentrators.",
"summary": "An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative...",
"vendor": "Palo Alto Networks"
},
{
"cve": "CVE-2024-0519",
"date_added": "2024-01-17",
"due_date": "2024-02-07",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html; https://nvd.nist.gov/vuln/detail/CVE-2024-0519",
"percentile": null,
"poc_count": 5,
"product": "Chromium V8",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",
"summary": "Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"vendor": "Google"
},
{
"cve": "CVE-2024-0769",
"date_added": "2025-06-25",
"due_date": "2025-07-16",
"epss": null,
"notes": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10371 ; https://nvd.nist.gov/vuln/detail/CVE-2024-0769",
"percentile": null,
"poc_count": 4,
"product": "DIR-859 Router",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "D-Link DIR-859 routers contain a path traversal vulnerability in the file /hedwig.cgi of the component HTTP POST Request Handler. Manipulation of the argument service with the input ../../../../htdocs/webinc/getcfg/DHCPS6.BRIDGE-1.xml allows for the leakage of session data potentially enabling privilege escalation and unauthorized control of the device. This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.",
"summary": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06B01. It has been rated as critical. Affected by this issue is some unknown functionality of the file /hedwig.cgi of the component HTTP PO...",
"vendor": "D-Link"
},
{
"cve": "CVE-2024-1086",
"date_added": "2024-05-30",
"due_date": "2024-06-20",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f342de4e2f33e0e39165d8639387aa6c19dff660; https://nvd.nist.gov/vuln/detail/CVE-2024-1086",
"percentile": null,
"poc_count": 86,
"product": "Kernel",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation.",
"summary": "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.The nft_verdict_init() function allows positive values as drop error within th...",
"vendor": "Linux"
},
{
"cve": "CVE-2024-11120",
"date_added": "2025-05-07",
"due_date": "2025-05-28",
"epss": null,
"notes": "https://dlcdn.geovision.com.tw/TechNotice/CyberSecurity/Security_Advisory_IP_Device_2024-11.pdf ; https://nvd.nist.gov/vuln/detail/CVE-2024-11120",
"percentile": null,
"poc_count": 3,
"product": "Multiple Devices",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Multiple GeoVision devices contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to inject and execute arbitrary system commands. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.",
"summary": "Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this v...",
"vendor": "GeoVision"
},
{
"cve": "CVE-2024-11182",
"date_added": "2025-05-19",
"due_date": "2025-06-09",
"epss": null,
"notes": "https://files.mdaemon.com/mdaemon/beta/RelNotes_en.html ; https://mdaemon.com/pages/downloads-critical-updates ; https://nvd.nist.gov/vuln/detail/CVE-2024-11182",
"percentile": null,
"poc_count": 4,
"product": "Email Server",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "MDaemon Email Server contains a cross-site scripting (XSS) vulnerability that allows a remote attacker to load arbitrary JavaScript code via an HTML e-mail message.",
"summary": "An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attackerto load arbitrary JavaScript cod...",
"vendor": "MDaemon"
},
{
"cve": "CVE-2024-11667",
"date_added": "2024-12-03",
"due_date": "2024-12-24",
"epss": null,
"notes": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-21-2024 ; https://nvd.nist.gov/vuln/detail/CVE-2024-11667",
"percentile": null,
"poc_count": 3,
"product": "Multiple Firewalls",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Multiple Zyxel firewalls contain a path traversal vulnerability in the web management interface that could allow an attacker to download or upload files via a crafted URL.",
"summary": "A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware vers...",
"vendor": "Zyxel"
},
{
"cve": "CVE-2024-11680",
"date_added": "2024-12-03",
"due_date": "2024-12-24",
"epss": null,
"notes": "https://github.com/projectsend/projectsend/commit/193367d937b1a59ed5b68dd4e60bd53317473744 ; https://nvd.nist.gov/vuln/detail/CVE-2024-11680",
"percentile": null,
"poc_count": 10,
"product": "ProjectSend",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "ProjectSend contains an improper authentication vulnerability that allows a remote, unauthenticated attacker to enable unauthorized modification of the application's configuration via crafted HTTP requests to options.php. Successful exploitation allows attackers to create accounts, upload webshells, and embed malicious JavaScript.",
"summary": "ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Remote, unauthenticated attackers can exploit this flaw by sending crafted HTTP requests to options.php, enabling unauthori...",
"vendor": "ProjectSend"
},
{
"cve": "CVE-2024-1212",
"date_added": "2024-11-18",
"due_date": "2024-12-09",
"epss": null,
"notes": "https://community.progress.com/s/article/Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212 ; https://nvd.nist.gov/vuln/detail/CVE-2024-1212",
"percentile": null,
"poc_count": 10,
"product": "Kemp LoadMaster",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution.",
"summary": "Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.",
"vendor": "Progress"
},
{
"cve": "CVE-2024-12356",
"date_added": "2024-12-19",
"due_date": "2024-12-27",
"epss": null,
"notes": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-10 ; https://nvd.nist.gov/vuln/detail/CVE-2024-12356",
"percentile": null,
"poc_count": 6,
"product": "Privileged Remote Access (PRA) and Remote Support (RS)",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain a command injection vulnerability, which can allow an unauthenticated attacker to inject commands that are run as a site user.",
"summary": "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.",
"vendor": "BeyondTrust"
},
{
"cve": "CVE-2024-12686",
"date_added": "2025-01-13",
"due_date": "2025-02-03",
"epss": null,
"notes": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-11 ; https://nvd.nist.gov/vuln/detail/CVE-2024-12686",
"percentile": null,
"poc_count": 4,
"product": "Privileged Remote Access (PRA) and Remote Support (RS)",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain an OS command injection vulnerability that can be exploited by an attacker with existing administrative privileges to upload a malicious file. Successful exploitation of this vulnerability can allow a remote attacker to execute underlying operating system commands within the context of the site user.",
"summary": "A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.",
"vendor": "BeyondTrust"
},
{
"cve": "CVE-2024-12987",
"date_added": "2025-05-15",
"due_date": "2025-06-05",
"epss": null,
"notes": "https://fw.draytek.com.tw/Vigor2960/Firmware/v1.5.1.5/DrayTek_Vigor2960_V1.5.1.5_01release-note.pdf ; https://fw.draytek.com.tw/Vigor300B/Firmware/v1.5.1.5/DrayTek_Vigor300B_V1.5.1.5_01release-note.pdf ; https://fw.draytek.com.tw/Vigor3900/Firmware/v1.5.1.5/DrayTek_Vigor3900_V1.5.1.5_01release-note.pdf ; https://nvd.nist.gov/vuln/detail/CVE-2024-12987",
"percentile": null,
"poc_count": 3,
"product": "Vigor Routers",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "DrayTek Vigor2960, Vigor300B, and Vigor3900 routers contain an OS command injection vulnerability due to an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component web management interface.",
"summary": "A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1.5.1.4. Affected is an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component Web Manageme...",
"vendor": "DrayTek"
},
{
"cve": "CVE-2024-13159",
"date_added": "2025-03-10",
"due_date": "2025-03-31",
"epss": null,
"notes": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2024-13159",
"percentile": null,
"poc_count": 9,
"product": "Endpoint Manager (EPM)",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.",
"summary": "Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.",
"vendor": "Ivanti"
},
{
"cve": "CVE-2024-13160",
"date_added": "2025-03-10",
"due_date": "2025-03-31",
"epss": null,
"notes": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2024-13160",
"percentile": null,
"poc_count": 8,
"product": "Endpoint Manager (EPM)",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.",
"summary": "Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.",
"vendor": "Ivanti"
},
{
"cve": "CVE-2024-13161",
"date_added": "2025-03-10",
"due_date": "2025-03-31",
"epss": null,
"notes": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2024-13161",
"percentile": null,
"poc_count": 8,
"product": "Endpoint Manager (EPM)",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.",
"summary": "Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.",
"vendor": "Ivanti"
},
{
"cve": "CVE-2024-1709",
"date_added": "2024-02-22",
"due_date": "2024-02-29",
"epss": null,
"notes": "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8; https://nvd.nist.gov/vuln/detail/CVE-2024-1709",
"percentile": null,
"poc_count": 35,
"product": "ScreenConnect",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "ConnectWise ScreenConnect contains an authentication bypass vulnerability that allows an attacker with network access to the management interface to create a new, administrator-level account on affected devices.",
"summary": "ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical s...",
"vendor": "ConnectWise"
},
{
"cve": "CVE-2024-20353",
"date_added": "2024-04-24",
"due_date": "2024-05-01",
"epss": null,
"notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2; https://nvd.nist.gov/vuln/detail/CVE-2024-20353",
"percentile": null,
"poc_count": 5,
"product": "Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that can lead to remote denial of service condition.",
"summary": "A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the...",
"vendor": "Cisco"
},
{
"cve": "CVE-2024-20359",
"date_added": "2024-04-24",
"due_date": "2024-05-01",
"epss": null,
"notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h; https://nvd.nist.gov/vuln/detail/CVE-2024-20359",
"percentile": null,
"poc_count": 4,
"product": "Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability that can allow local privilege escalation from Administrator to root.",
"summary": "A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FT...",
"vendor": "Cisco"
},
{
"cve": "CVE-2024-20399",
"date_added": "2024-07-02",
"due_date": "2024-07-23",
"epss": null,
"notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP; https://nvd.nist.gov/vuln/detail/CVE-2024-20399",
"percentile": null,
"poc_count": 2,
"product": "NX-OS",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Cisco NX-OS contains a command injection vulnerability in the command line interface (CLI) that could allow an authenticated, local attacker to execute commands as root on the underlying operating system of an affected device.",
"summary": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected d...",
"vendor": "Cisco"
},
{
"cve": "CVE-2024-20439",
"date_added": "2025-03-31",
"due_date": "2025-04-21",
"epss": null,
"notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw ; https://nvd.nist.gov/vuln/detail/CVE-2024-20439",
"percentile": null,
"poc_count": 7,
"product": "Smart Licensing Utility",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Cisco Smart Licensing Utility contains a static credential vulnerability that allows an unauthenticated, remote attacker to log in to an affected system and gain administrative credentials.",
"summary": "A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by using a static administrative credential. This vulnerability is due to an undoc...",
"vendor": "Cisco"
},
{
"cve": "CVE-2024-20481",
"date_added": "2024-10-24",
"due_date": "2024-11-14",
"epss": null,
"notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-bf-dos-vDZhLqrW ; https://nvd.nist.gov/vuln/detail/CVE-2024-20481",
"percentile": null,
"poc_count": 1,
"product": "Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) of the RAVPN service.",
"summary": "A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a...",
"vendor": "Cisco"
},
{
"cve": "CVE-2024-20767",
"date_added": "2024-12-16",
"due_date": "2025-01-06",
"epss": null,
"notes": "https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-20767",
"percentile": null,
"poc_count": 30,
"product": "ColdFusion",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify restricted files via an internet-exposed admin panel.",
"summary": "ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. An attacker could leverage this vulnerability to access or modi...",
"vendor": "Adobe"
},
{
"cve": "CVE-2024-20953",
"date_added": "2025-02-24",
"due_date": "2025-03-17",
"epss": null,
"notes": "https://www.oracle.com/security-alerts/cpujan2024.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-20953",
"percentile": null,
"poc_count": 2,
"product": "Agile Product Lifecycle Management (PLM)",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Oracle Agile Product Lifecycle Management (PLM) contains a deserialization vulnerability that allows a low-privileged attacker with network access via HTTP to compromise the system.",
"summary": "Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Export). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network a...",
"vendor": "Oracle"
},
{
"cve": "CVE-2024-21287",
"date_added": "2024-11-21",
"due_date": "2024-12-12",
"epss": null,
"notes": "https://www.oracle.com/security-alerts/alert-cve-2024-21287.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-21287",
"percentile": null,
"poc_count": 2,
"product": "Agile Product Lifecycle Management (PLM)",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Oracle Agile Product Lifecycle Management (PLM) contains an incorrect authorization vulnerability in the Process Extension component of the Software Development Kit. Successful exploitation of this vulnerability may result in unauthenticated file disclosure.",
"summary": "Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The supported version that is affected is 9.3.6. Easily exploitable vulnerabilit...",
"vendor": "Oracle"
},
{
"cve": "CVE-2024-21338",
"date_added": "2024-03-04",
"due_date": "2024-03-25",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21338; https://nvd.nist.gov/vuln/detail/CVE-2024-21338",
"percentile": null,
"poc_count": 28,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.",
"summary": "Windows Kernel Elevation of Privilege Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-21351",
"date_added": "2024-02-13",
"due_date": "2024-03-05",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-21351; https://nvd.nist.gov/vuln/detail/CVE-2024-21351",
"percentile": null,
"poc_count": 1,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience and inject code to potentially gain code execution, which could lead to some data exposure, lack of system availability, or both.",
"summary": "Windows SmartScreen Security Feature Bypass Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-21410",
"date_added": "2024-02-15",
"due_date": "2024-03-07",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21410; https://nvd.nist.gov/vuln/detail/CVE-2024-21410",
"percentile": null,
"poc_count": 3,
"product": "Exchange Server",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.",
"summary": "Microsoft Exchange Server Elevation of Privilege Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-21412",
"date_added": "2024-02-13",
"due_date": "2024-03-05",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-21412; https://nvd.nist.gov/vuln/detail/CVE-2024-21412",
"percentile": null,
"poc_count": 7,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypass.",
"summary": "Internet Shortcut Files Security Feature Bypass Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-21413",
"date_added": "2025-02-06",
"due_date": "2025-02-27",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413 ; https://nvd.nist.gov/vuln/detail/CVE-2024-21413",
"percentile": null,
"poc_count": 104,
"product": "Office Outlook",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Outlook contains an improper input validation vulnerability that allows for remote code execution. Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.",
"summary": "Microsoft Outlook Remote Code Execution Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-21762",
"date_added": "2024-02-09",
"due_date": "2024-02-16",
"epss": null,
"notes": "https://fortiguard.fortinet.com/psirt/FG-IR-24-015 ; https://nvd.nist.gov/vuln/detail/CVE-2024-21762",
"percentile": null,
"poc_count": 60,
"product": "FortiOS",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute code or commands via specially crafted HTTP requests.",
"summary": "A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7....",
"vendor": "Fortinet"
},
{
"cve": "CVE-2024-21887",
"date_added": "2024-01-10",
"due_date": "2024-01-22",
"epss": null,
"notes": "Please apply mitigations per vendor instructions. For more information, please see: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2024-21887",
"percentile": null,
"poc_count": 54,
"product": "Connect Secure and Policy Secure",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure contain a command injection vulnerability in the web components of these products, which can allow an authenticated administrator to send crafted requests to execute code on affected appliances. This vulnerability can be leveraged in conjunction with CVE-2023-46805, an authenticated bypass issue.",
"summary": "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitr...",
"vendor": "Ivanti"
},
{
"cve": "CVE-2024-21893",
"date_added": "2024-01-31",
"due_date": "2024-02-02",
"epss": null,
"notes": "https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2024-21893",
"percentile": null,
"poc_count": 17,
"product": "Connect Secure, Policy Secure, and Neurons",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons contain a server-side request forgery (SSRF) vulnerability in the SAML component that allows an attacker to access certain restricted resources without authentication.",
"summary": "A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted re...",
"vendor": "Ivanti"
},
{
"cve": "CVE-2024-23113",
"date_added": "2024-10-09",
"due_date": "2024-10-30",
"epss": null,
"notes": "https://www.fortiguard.com/psirt/FG-IR-24-029 ; https://nvd.nist.gov/vuln/detail/CVE-2024-23113",
"percentile": null,
"poc_count": 28,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb contain a format string vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.",
"summary": "A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0...",
"vendor": "Fortinet"
},
{
"cve": "CVE-2024-23222",
"date_added": "2024-01-23",
"due_date": "2024-02-13",
"epss": null,
"notes": "https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214056, https://support.apple.com/en-us/HT214057, https://support.apple.com/en-us/HT214058, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214061, https://support.apple.com/en-us/HT214063 ; https://nvd.nist.gov/vuln/detail/CVE-2024-23222",
"percentile": null,
"poc_count": 2,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",
"summary": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution...",
"vendor": "Apple"
},
{
"cve": "CVE-2024-23296",
"date_added": "2024-03-06",
"due_date": "2024-03-27",
"epss": null,
"notes": "https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214082, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214086, https://support.apple.com/en-us/HT214088 ; https://nvd.nist.gov/vuln/detail/CVE-2024-23296",
"percentile": null,
"poc_count": 1,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apple iOS, iPadOS, macOS, tvOS, and watchOS RTKit contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.",
"summary": "A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protec...",
"vendor": "Apple"
},
{
"cve": "CVE-2024-23692",
"date_added": "2024-07-09",
"due_date": "2024-07-30",
"epss": null,
"notes": "The patched Rejetto HTTP File Server (HFS) is version 3: https://github.com/rejetto/hfs?tab=readme-ov-file#installation, https://www.rejetto.com/hfs/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-23692",
"percentile": null,
"poc_count": 43,
"product": "HTTP File Server",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Rejetto HTTP File Server contains an improper neutralization of special elements used in a template engine vulnerability. This allows a remote, unauthenticated attacker to execute commands on the affected system by sending a specially crafted HTTP request.",
"summary": "Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affect...",
"vendor": "Rejetto"
},
{
"cve": "CVE-2024-23897",
"date_added": "2024-08-19",
"due_date": "2024-09-09",
"epss": null,
"notes": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314; https://nvd.nist.gov/vuln/detail/CVE-2024-23897",
"percentile": null,
"poc_count": 137,
"product": "Jenkins Command Line Interface (CLI)",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Jenkins Command Line Interface (CLI) contains a path traversal vulnerability that allows attackers limited read access to certain files, which can lead to code execution.",
"summary": "Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthen...",
"vendor": "Jenkins"
},
{
"cve": "CVE-2024-24919",
"date_added": "2024-05-30",
"due_date": "2024-06-20",
"epss": null,
"notes": "https://support.checkpoint.com/results/sk/sk182336 ; https://nvd.nist.gov/vuln/detail/CVE-2024-24919",
"percentile": null,
"poc_count": 116,
"product": "Quantum Security Gateways",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability potentially allows an attacker to access information on Gateways connected to the internet, with IPSec VPN, Remote Access VPN or Mobile Access enabled. This issue affects several product lines from Check Point, including CloudGuard Network, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark Appliances.",
"summary": "Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mit...",
"vendor": "Check Point"
},
{
"cve": "CVE-2024-26169",
"date_added": "2024-06-13",
"due_date": "2024-07-04",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26169; https://nvd.nist.gov/vuln/detail/CVE-2024-26169",
"percentile": null,
"poc_count": 2,
"product": "Windows",
"required_action": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.",
"short_description": "Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.",
"summary": "Windows Error Reporting Service Elevation of Privilege Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-27198",
"date_added": "2024-03-07",
"due_date": "2024-03-28",
"epss": null,
"notes": "https://www.jetbrains.com/help/teamcity/teamcity-2023-11-4-release-notes.html; https://nvd.nist.gov/vuln/detail/CVE-2024-27198",
"percentile": null,
"poc_count": 69,
"product": "TeamCity",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions.",
"summary": "In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible",
"vendor": "JetBrains"
},
{
"cve": "CVE-2024-27348",
"date_added": "2024-09-18",
"due_date": "2024-10-09",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9 ; https://nvd.nist.gov/vuln/detail/CVE-2024-27348",
"percentile": null,
"poc_count": 29,
"product": "HugeGraph-Server",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apache HugeGraph-Server contains an improper access control vulnerability that could allow a remote attacker to execute arbitrary code.",
"summary": "RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11Users are recommended to upgrade to version 1.3.0 with Java11...",
"vendor": "Apache"
},
{
"cve": "CVE-2024-27443",
"date_added": "2025-05-19",
"due_date": "2025-06-09",
"epss": null,
"notes": "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P46#Security_Fixes ; https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P39#Security_Fixes ; https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.7#Security_Fixes ; https://nvd.nist.gov/vuln/detail/CVE-2024-27443",
"percentile": null,
"poc_count": 3,
"product": "Zimbra Collaboration Suite (ZCS)",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Zimbra Collaboration contains a cross-site scripting (XSS) vulnerability in the CalendarInvite feature of the Zimbra webmail classic user interface. An attacker can exploit this vulnerability via an email message containing a crafted calendar header, leading to the execution of arbitrary JavaScript code.",
"summary": "An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. A Cross-Site Scripting (XSS) vulnerability exists in the CalendarInvite feature of the Zimbra webmail classic user interface, because of improper inp...",
"vendor": "Synacor"
},
{
"cve": "CVE-2024-28986",
"date_added": "2024-08-15",
"due_date": "2024-09-05",
"epss": null,
"notes": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28986; https://nvd.nist.gov/vuln/detail/CVE-2024-28986",
"percentile": null,
"poc_count": 1,
"product": "Web Help Desk",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could allow for remote code execution.",
"summary": "SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. While it was reported...",
"vendor": "SolarWinds"
},
{
"cve": "CVE-2024-28987",
"date_added": "2024-10-15",
"due_date": "2024-11-05",
"epss": null,
"notes": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28987 ; https://nvd.nist.gov/vuln/detail/CVE-2024-28987",
"percentile": null,
"poc_count": 9,
"product": "Web Help Desk",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "SolarWinds Web Help Desk contains a hardcoded credential vulnerability that could allow a remote, unauthenticated user to access internal functionality and modify data.",
"summary": "The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.",
"vendor": "SolarWinds"
},
{
"cve": "CVE-2024-28995",
"date_added": "2024-07-17",
"due_date": "2024-08-07",
"epss": null,
"notes": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995; https://nvd.nist.gov/vuln/detail/CVE-2024-28995",
"percentile": null,
"poc_count": 36,
"product": "Serv-U",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the host machine.",
"summary": "SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.",
"vendor": "SolarWinds"
},
{
"cve": "CVE-2024-29059",
"date_added": "2025-02-04",
"due_date": "2025-02-25",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059 ; https://nvd.nist.gov/vuln/detail/CVE-2024-29059",
"percentile": null,
"poc_count": 7,
"product": ".NET Framework",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft .NET Framework contains an information disclosure vulnerability that exposes the ObjRef URI to an attacker, ultimately enabling remote code execution.",
"summary": ".NET Framework Information Disclosure Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-29745",
"date_added": "2024-04-04",
"due_date": "2024-04-25",
"epss": null,
"notes": "https://source.android.com/docs/security/bulletin/pixel/2024-04-01 ; https://nvd.nist.gov/vuln/detail/CVE-2024-29745",
"percentile": null,
"poc_count": 2,
"product": "Pixel",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Android Pixel contains an information disclosure vulnerability in the fastboot firmware used to support unlocking, flashing, and locking affected devices.",
"summary": "there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.",
"vendor": "Android"
},
{
"cve": "CVE-2024-29748",
"date_added": "2024-04-04",
"due_date": "2024-04-25",
"epss": null,
"notes": "https://source.android.com/docs/security/bulletin/pixel/2024-04-01; https://nvd.nist.gov/vuln/detail/CVE-2024-29748",
"percentile": null,
"poc_count": 2,
"product": "Pixel",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Android Pixel contains a privilege escalation vulnerability that allows an attacker to interrupt a factory reset triggered by a device admin app.",
"summary": "there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.",
"vendor": "Android"
},
{
"cve": "CVE-2024-29824",
"date_added": "2024-10-02",
"due_date": "2024-10-23",
"epss": null,
"notes": "https://forums.ivanti.com/s/article/Security-Advisory-May-2024 ; https://nvd.nist.gov/vuln/detail/CVE-2024-29824",
"percentile": null,
"poc_count": 32,
"product": "Endpoint Manager (EPM)",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Ivanti Endpoint Manager (EPM) contains a SQL injection vulnerability in Core server that allows an unauthenticated attacker within the same network to execute arbitrary code.",
"summary": "An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.",
"vendor": "Ivanti"
},
{
"cve": "CVE-2024-29988",
"date_added": "2024-04-30",
"due_date": "2024-05-21",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988; https://nvd.nist.gov/vuln/detail/CVE-2024-29988",
"percentile": null,
"poc_count": 5,
"product": "SmartScreen Prompt",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web (MotW) feature. This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file.",
"summary": "SmartScreen Prompt Security Feature Bypass Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-30040",
"date_added": "2024-05-14",
"due_date": "2024-06-04",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040; https://nvd.nist.gov/vuln/detail/CVE-2024-30040",
"percentile": null,
"poc_count": 2,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for a security feature bypass.",
"summary": "Windows MSHTML Platform Security Feature Bypass Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-30051",
"date_added": "2024-05-14",
"due_date": "2024-06-04",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30051; https://nvd.nist.gov/vuln/detail/CVE-2024-30051",
"percentile": null,
"poc_count": 8,
"product": "DWM Core Library",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft DWM Core Library contains a privilege escalation vulnerability that allows an attacker to gain SYSTEM privileges.",
"summary": "Windows DWM Core Library Elevation of Privilege Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-30088",
"date_added": "2024-10-15",
"due_date": "2024-11-05",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-30088 ; https://nvd.nist.gov/vuln/detail/CVE-2024-30088",
"percentile": null,
"poc_count": 24,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Kernel contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that could allow for privilege escalation.",
"summary": "Windows Kernel Elevation of Privilege Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-32113",
"date_added": "2024-08-07",
"due_date": "2024-08-28",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://lists.apache.org/thread/w6s60okgkxp2th1sr8vx0ndmgk68fqrd; https://nvd.nist.gov/vuln/detail/CVE-2024-32113",
"percentile": null,
"poc_count": 12,
"product": "OFBiz",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apache OFBiz contains a path traversal vulnerability that could allow for remote code execution.",
"summary": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz.This issue affects Apache OFBiz: before 18.12.13.Users are recommended to upgrade to version 18.12.13, which...",
"vendor": "Apache"
},
{
"cve": "CVE-2024-3272",
"date_added": "2024-04-11",
"due_date": "2024-05-02",
"epss": null,
"notes": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383; https://nvd.nist.gov/vuln/detail/CVE-2024-3272",
"percentile": null,
"poc_count": 21,
"product": "Multiple NAS Devices",
"required_action": "This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.",
"short_description": "D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contains a hard-coded credential that allows an attacker to conduct authenticated command injection, leading to remote, unauthorized code execution.",
"summary": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of t...",
"vendor": "D-Link"
},
{
"cve": "CVE-2024-3273",
"date_added": "2024-04-11",
"due_date": "2024-05-02",
"epss": null,
"notes": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383; https://nvd.nist.gov/vuln/detail/CVE-2024-3273",
"percentile": null,
"poc_count": 37,
"product": "Multiple NAS Devices",
"required_action": "This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.",
"short_description": "D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contain a command injection vulnerability. When combined with CVE-2024-3272, this can lead to remote, unauthorized code execution.",
"summary": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_...",
"vendor": "D-Link"
},
{
"cve": "CVE-2024-32896",
"date_added": "2024-06-13",
"due_date": "2024-07-04",
"epss": null,
"notes": "https://source.android.com/docs/security/bulletin/pixel/2024-06-01; https://nvd.nist.gov/vuln/detail/CVE-2024-32896",
"percentile": null,
"poc_count": 1,
"product": "Pixel",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Android Pixel contains an unspecified vulnerability in the firmware that allows for privilege escalation.",
"summary": "there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.",
"vendor": "Android"
},
{
"cve": "CVE-2024-3393",
"date_added": "2024-12-30",
"due_date": "2025-01-20",
"epss": null,
"notes": "https://security.paloaltonetworks.com/CVE-2024-3393 ; https://nvd.nist.gov/vuln/detail/CVE-2024-3393",
"percentile": null,
"poc_count": 4,
"product": "PAN-OS",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malicious DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.",
"summary": "A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the...",
"vendor": "Palo Alto Networks"
},
{
"cve": "CVE-2024-3400",
"date_added": "2024-04-12",
"due_date": "2024-04-19",
"epss": null,
"notes": "https://security.paloaltonetworks.com/CVE-2024-3400 ; https://nvd.nist.gov/vuln/detail/CVE-2024-3400",
"percentile": null,
"poc_count": 108,
"product": "PAN-OS",
"required_action": "Apply mitigations per vendor instructions as they become available. Otherwise, users with vulnerable versions of affected devices should enable Threat Prevention IDs available from the vendor. See the vendor bulletin for more details and a patch release schedule.",
"short_description": "Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the firewall.",
"summary": "A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable a...",
"vendor": "Palo Alto Networks"
},
{
"cve": "CVE-2024-34102",
"date_added": "2024-07-17",
"due_date": "2024-08-07",
"epss": null,
"notes": "https://helpx.adobe.com/security/products/magento/apsb24-40.html; https://nvd.nist.gov/vuln/detail/CVE-2024-34102",
"percentile": null,
"poc_count": 53,
"product": "Commerce and Magento Open Source",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Adobe Commerce and Magento Open Source contain an improper restriction of XML external entity reference (XXE) vulnerability that allows for remote code execution.",
"summary": "Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An...",
"vendor": "Adobe"
},
{
"cve": "CVE-2024-35250",
"date_added": "2024-12-16",
"due_date": "2025-01-06",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35250 ; https://nvd.nist.gov/vuln/detail/CVE-2024-35250",
"percentile": null,
"poc_count": 22,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Kernel-Mode Driver contains an untrusted pointer dereference vulnerability that allows a local attacker to escalate privileges.",
"summary": "Windows Kernel-Mode Driver Elevation of Privilege Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-36401",
"date_added": "2024-07-15",
"due_date": "2024-08-05",
"epss": null,
"notes": "This vulnerability affects an open-source component, third-party library, or a protocol used by different products. For more information, please see: https://github.com/geoserver/geoserver/security/advisories/GHSA-6jj6-gm7p-fcvv, https://github.com/geotools/geotools/pull/4797 ; https://nvd.nist.gov/vuln/detail/CVE-2024-36401",
"percentile": null,
"poc_count": 74,
"product": "GeoServer",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "OSGeo GeoServer GeoTools contains an improper neutralization of directives in dynamically evaluated code vulnerability due to unsafely evaluating property names as XPath expressions. This allows unauthenticated attackers to conduct remote code execution via specially crafted input.",
"summary": "GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.22.6, 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution (RCE) by unauth...",
"vendor": "OSGeo"
},
{
"cve": "CVE-2024-36971",
"date_added": "2024-08-07",
"due_date": "2024-08-28",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://source.android.com/docs/security/bulletin/2024-08-01, https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T/#u ; https://nvd.nist.gov/vuln/detail/CVE-2024-36971",
"percentile": null,
"poc_count": 2,
"product": "Kernel",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Android contains an unspecified vulnerability in the kernel that allows for remote code execution. This vulnerability resides in Linux Kernel and could impact other products, including but not limited to Android OS.",
"summary": "In the Linux kernel, the following vulnerability has been resolved:net: fix __dst_negative_advice() race__dst_negative_advice() does not enforce proper RCU rules whensk->dst_cache must be cleared, leading to possible...",
"vendor": "Android"
},
{
"cve": "CVE-2024-37085",
"date_added": "2024-07-30",
"due_date": "2024-08-20",
"epss": null,
"notes": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505; https://nvd.nist.gov/vuln/detail/CVE-2024-37085",
"percentile": null,
"poc_count": 6,
"product": "ESXi",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.",
"summary": "VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user m...",
"vendor": "VMware"
},
{
"cve": "CVE-2024-37383",
"date_added": "2024-10-24",
"due_date": "2024-11-14",
"epss": null,
"notes": "https://github.com/roundcube/roundcubemail/releases/tag/1.5.7, https://github.com/roundcube/roundcubemail/releases/tag/1.6.7 ; https://nvd.nist.gov/vuln/detail/CVE-2024-37383",
"percentile": null,
"poc_count": 2,
"product": "Webmail",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "RoundCube Webmail contains a cross-site scripting (XSS) vulnerability in the handling of SVG animate attributes that allows a remote attacker to run malicious JavaScript code.",
"summary": "Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.",
"vendor": "Roundcube"
},
{
"cve": "CVE-2024-38014",
"date_added": "2024-09-10",
"due_date": "2024-10-01",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38014; https://nvd.nist.gov/vuln/detail/CVE-2024-38014",
"percentile": null,
"poc_count": 2,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges.",
"summary": "Windows Installer Elevation of Privilege Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-38080",
"date_added": "2024-07-09",
"due_date": "2024-07-30",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38080; https://nvd.nist.gov/vuln/detail/CVE-2024-38080",
"percentile": null,
"poc_count": 2,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Hyper-V contains a privilege escalation vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.",
"summary": "Windows Hyper-V Elevation of Privilege Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-38094",
"date_added": "2024-10-22",
"due_date": "2024-11-12",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094 ; https://nvd.nist.gov/vuln/detail/CVE-2024-38094",
"percentile": null,
"poc_count": 3,
"product": "SharePoint",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft SharePoint contains a deserialization vulnerability that allows for remote code execution.",
"summary": "Microsoft SharePoint Remote Code Execution Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-38112",
"date_added": "2024-07-09",
"due_date": "2024-07-30",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38112; https://nvd.nist.gov/vuln/detail/CVE-2024-38112",
"percentile": null,
"poc_count": 6,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows MSHTML Platform contains a spoofing vulnerability that has a high impact to confidentiality, integrity, and availability.",
"summary": "Windows MSHTML Platform Spoofing Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-38178",
"date_added": "2024-08-13",
"due_date": "2024-09-03",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38178; https://nvd.nist.gov/vuln/detail/CVE-2024-38178",
"percentile": null,
"poc_count": 1,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to initiate remote code execution via a specially crafted URL.",
"summary": "Scripting Engine Memory Corruption Vulnerability",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-38189",
"date_added": "2024-08-13",
"due_date": "2024-09-03",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38189; https://nvd.nist.gov/vuln/detail/CVE-2024-38189",
"percentile": null,
"poc_count": 1,
"product": "Project",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Project contains an unspecified vulnerability that allows for remote code execution via a malicious file.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-38193",
"date_added": "2024-08-13",
"due_date": "2024-09-03",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38193; https://nvd.nist.gov/vuln/detail/CVE-2024-38193",
"percentile": null,
"poc_count": 3,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Ancillary Function Driver for WinSock contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-38213",
"date_added": "2024-08-13",
"due_date": "2024-09-03",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38213; https://nvd.nist.gov/vuln/detail/CVE-2024-38213",
"percentile": null,
"poc_count": 4,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience via a malicious file.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-38217",
"date_added": "2024-09-10",
"due_date": "2024-10-01",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38217; https://nvd.nist.gov/vuln/detail/CVE-2024-38217",
"percentile": null,
"poc_count": 1,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Mark of the Web (MOTW) contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-38475",
"date_added": "2025-05-01",
"due_date": "2025-05-22",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://httpd.apache.org/security/vulnerabilities_24.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-38475",
"percentile": null,
"poc_count": 15,
"product": "HTTP Server",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apache HTTP Server contains an improper escaping of output vulnerability in mod_rewrite that allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure.",
"vendor": "Apache"
},
{
"cve": "CVE-2024-38812",
"date_added": "2024-11-20",
"due_date": "2024-12-11",
"epss": null,
"notes": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968 ; https://nvd.nist.gov/vuln/detail/CVE-2024-38812",
"percentile": null,
"poc_count": 6,
"product": "vCenter Server",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "VMware vCenter Server contains a heap-based buffer overflow vulnerability in the implementation of the DCERPC protocol. This vulnerability could allow an attacker with network access to the vCenter Server to execute remote code by sending a specially crafted packet.",
"vendor": "VMware"
},
{
"cve": "CVE-2024-38813",
"date_added": "2024-11-20",
"due_date": "2024-12-11",
"epss": null,
"notes": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968 ; https://nvd.nist.gov/vuln/detail/CVE-2024-38813",
"percentile": null,
"poc_count": 2,
"product": "vCenter Server",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "VMware vCenter contains an improper check for dropped privileges vulnerability. This vulnerability could allow an attacker with network access to the vCenter Server to escalate privileges to root by sending a specially crafted packet.",
"vendor": "VMware"
},
{
"cve": "CVE-2024-38856",
"date_added": "2024-08-27",
"due_date": "2024-09-17",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://lists.apache.org/thread/olxxjk6b13sl3wh9cmp0k2dscvp24l7w; https://nvd.nist.gov/vuln/detail/CVE-2024-38856",
"percentile": null,
"poc_count": 41,
"product": "OFBiz",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apache OFBiz contains an incorrect authorization vulnerability that could allow remote code execution via a Groovy payload in the context of the OFBiz user process by an unauthenticated attacker.",
"vendor": "Apache"
},
{
"cve": "CVE-2024-39717",
"date_added": "2024-08-23",
"due_date": "2024-09-13",
"epss": null,
"notes": "https://versa-networks.com/blog/versa-security-bulletin-update-on-cve-2024-39717-versa-director-dangerous-file-type-upload-vulnerability/; https://nvd.nist.gov/vuln/detail/CVE-2024-39717",
"percentile": null,
"poc_count": 4,
"product": "Director",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "The Versa Director GUI contains an unrestricted upload of file with dangerous type vulnerability that allows administrators with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin privileges to customize the user interface. The “Change Favicon” (Favorite Icon) enables the upload of a .png file, which can be exploited to upload a malicious file with a .png extension disguised as an image.",
"vendor": "Versa"
},
{
"cve": "CVE-2024-4040",
"date_added": "2024-04-24",
"due_date": "2024-05-01",
"epss": null,
"notes": "https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update&version=34; https://nvd.nist.gov/vuln/detail/CVE-2024-4040",
"percentile": null,
"poc_count": 52,
"product": "CrushFTP",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "CrushFTP contains an unspecified sandbox escape vulnerability that allows a remote attacker to escape the CrushFTP virtual file system (VFS).",
"vendor": "CrushFTP"
},
{
"cve": "CVE-2024-40711",
"date_added": "2024-10-17",
"due_date": "2024-11-07",
"epss": null,
"notes": "https://www.veeam.com/kb4649 ; https://nvd.nist.gov/vuln/detail/CVE-2024-40711",
"percentile": null,
"poc_count": 10,
"product": "Backup & Replication",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Veeam Backup and Replication contains a deserialization vulnerability allowing an unauthenticated user to perform remote code execution.",
"vendor": "Veeam"
},
{
"cve": "CVE-2024-40766",
"date_added": "2024-09-09",
"due_date": "2024-09-30",
"epss": null,
"notes": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015; https://www.sonicwall.com/support/notices/gen-7-and-newer-sonicwall-firewalls-sslvpn-recent-threat-activity/kA1VN0000000RDG0A2 ; https://nvd.nist.gov/vuln/detail/CVE-2024-40766",
"percentile": null,
"poc_count": 1,
"product": "SonicOS",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the firewall to crash.",
"vendor": "SonicWall"
},
{
"cve": "CVE-2024-40890",
"date_added": "2025-02-11",
"due_date": "2025-03-04",
"epss": null,
"notes": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-insecure-default-credentials-vulnerabilities-in-certain-legacy-dsl-cpe-02-04-2025 ; https://www.zyxel.com/service-provider/global/en/security-advisories/zyxel-security-advisory-command-injection-insecure-in-certain-legacy-dsl-cpe-02-04-2025 ; https://nvd.nist.gov/vuln/detail/CVE-2024-40890",
"percentile": null,
"poc_count": 2,
"product": "DSL CPE Devices",
"required_action": "The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization if a current mitigation is unavailable.",
"short_description": "Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the CGI program that could allow an authenticated attacker to execute OS commands via a crafted HTTP request.",
"vendor": "Zyxel"
},
{
"cve": "CVE-2024-40891",
"date_added": "2025-02-11",
"due_date": "2025-03-04",
"epss": null,
"notes": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-insecure-default-credentials-vulnerabilities-in-certain-legacy-dsl-cpe-02-04-2025 ; https://www.zyxel.com/service-provider/global/en/security-advisories/zyxel-security-advisory-command-injection-insecure-in-certain-legacy-dsl-cpe-02-04-2025 ; https://nvd.nist.gov/vuln/detail/CVE-2024-40891",
"percentile": null,
"poc_count": 2,
"product": "DSL CPE Devices",
"required_action": "The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization if a current mitigation is unavailable.",
"short_description": "Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the management commands that could allow an authenticated attacker to execute OS commands via Telnet.",
"vendor": "Zyxel"
},
{
"cve": "CVE-2024-41710",
"date_added": "2025-02-12",
"due_date": "2025-03-05",
"epss": null,
"notes": "https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin_24-0019-001-v2.pdf ; https://nvd.nist.gov/vuln/detail/CVE-2024-41710",
"percentile": null,
"poc_count": 5,
"product": "SIP Phones",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, contain an argument injection vulnerability due to insufficient parameter sanitization during the boot process. Successful exploitation may allow an attacker to execute arbitrary commands within the context of the system.",
"vendor": "Mitel"
},
{
"cve": "CVE-2024-41713",
"date_added": "2025-01-07",
"due_date": "2025-01-28",
"epss": null,
"notes": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029 ; https://nvd.nist.gov/vuln/detail/CVE-2024-41713",
"percentile": null,
"poc_count": 14,
"product": "MiCollab",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Mitel MiCollab contains a path traversal vulnerability that could allow an attacker to gain unauthorized and unauthenticated access. This vulnerability can be chained with CVE-2024-55550, which allows an unauthenticated, remote attacker to read arbitrary files on the server.",
"vendor": "Mitel"
},
{
"cve": "CVE-2024-42009",
"date_added": "2025-06-09",
"due_date": "2025-06-30",
"epss": null,
"notes": "https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8 ; https://nvd.nist.gov/vuln/detail/CVE-2024-42009",
"percentile": null,
"poc_count": 11,
"product": "Webmail",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "RoundCube Webmail contains a cross-site scripting vulnerability. This vulnerability could allow a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in message_body() in program/actions/mail/show.php.",
"vendor": "Roundcube"
},
{
"cve": "CVE-2024-43047",
"date_added": "2024-10-08",
"due_date": "2024-10-29",
"epss": null,
"notes": "https://git.codelinaro.org/clo/la/platform/vendor/qcom/opensource/dsp-kernel/-/commit/0e27b6c7d2bd8d0453e4465ac2ca49a8f8c440e2 ; https://nvd.nist.gov/vuln/detail/CVE-2024-43047",
"percentile": null,
"poc_count": 3,
"product": "Multiple Chipsets",
"required_action": "Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.",
"short_description": "Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services while maintaining memory maps of HLOS memory.",
"vendor": "Qualcomm"
},
{
"cve": "CVE-2024-43093",
"date_added": "2024-11-07",
"due_date": "2024-11-28",
"epss": null,
"notes": "https://source.android.com/docs/security/bulletin/2024-11-01 ; https://nvd.nist.gov/vuln/detail/CVE-2024-43093",
"percentile": null,
"poc_count": 5,
"product": "Framework",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Android Framework contains an unspecified vulnerability that allows for privilege escalation.",
"vendor": "Android"
},
{
"cve": "CVE-2024-43451",
"date_added": "2024-11-12",
"due_date": "2024-12-03",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43451 ; https://nvd.nist.gov/vuln/detail/CVE-2024-43451",
"percentile": null,
"poc_count": 4,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows contains an NTLMv2 hash spoofing vulnerability that could result in disclosing a user's NTLMv2 hash to an attacker via a file open operation. The attacker could then leverage this hash to impersonate that user.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-43572",
"date_added": "2024-10-08",
"due_date": "2024-10-29",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/advisory/CVE-2024-43572 ; https://nvd.nist.gov/vuln/detail/CVE-2024-43572",
"percentile": null,
"poc_count": 1,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Management Console contains unspecified vulnerability that allows for remote code execution.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-4358",
"date_added": "2024-06-13",
"due_date": "2024-07-04",
"epss": null,
"notes": "https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358; https://nvd.nist.gov/vuln/detail/CVE-2024-4358",
"percentile": null,
"poc_count": 24,
"product": "Telerik Report Server",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Progress Telerik Report Server contains an authorization bypass by spoofing vulnerability that allows an attacker to obtain unauthorized access.",
"vendor": "Progress"
},
{
"cve": "CVE-2024-44308",
"date_added": "2024-11-21",
"due_date": "2024-12-12",
"epss": null,
"notes": "https://support.apple.com/en-us/121752, https://support.apple.com/en-us/121753, https://support.apple.com/en-us/121754, https://support.apple.com/en-us/121755, https://support.apple.com/en-us/121756 ; https://nvd.nist.gov/vuln/detail/CVE-2024-44308",
"percentile": null,
"poc_count": 4,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to arbitrary code execution.",
"vendor": "Apple"
},
{
"cve": "CVE-2024-44309",
"date_added": "2024-11-21",
"due_date": "2024-12-12",
"epss": null,
"notes": "https://support.apple.com/en-us/121752, https://support.apple.com/en-us/121753, https://support.apple.com/en-us/121754, https://support.apple.com/en-us/121755, https://support.apple.com/en-us/121756 ; https://nvd.nist.gov/vuln/detail/CVE-2024-44309",
"percentile": null,
"poc_count": 3,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to a cross-site scripting (XSS) attack.",
"vendor": "Apple"
},
{
"cve": "CVE-2024-45195",
"date_added": "2025-02-04",
"due_date": "2025-02-25",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://ofbiz.apache.org/security.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-45195",
"percentile": null,
"poc_count": 21,
"product": "OFBiz",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apache OFBiz contains a forced browsing vulnerability that allows a remote attacker to obtain unauthorized access.",
"vendor": "Apache"
},
{
"cve": "CVE-2024-45519",
"date_added": "2024-10-03",
"due_date": "2024-10-24",
"epss": null,
"notes": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories ; https://nvd.nist.gov/vuln/detail/CVE-2024-45519",
"percentile": null,
"poc_count": 22,
"product": "Zimbra Collaboration Suite (ZCS)",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Synacor Zimbra Collaboration Suite (ZCS) contains an unspecified vulnerability in the postjournal service that may allow an unauthenticated user to execute commands.",
"vendor": "Synacor"
},
{
"cve": "CVE-2024-4577",
"date_added": "2024-06-12",
"due_date": "2024-07-03",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://www.php.net/ChangeLog-8.php#; https://nvd.nist.gov/vuln/detail/CVE-2024-4577",
"percentile": null,
"poc_count": 160,
"product": "PHP",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "PHP, specifically Windows-based PHP used in CGI mode, contains an OS command injection vulnerability that allows for arbitrary code execution. This vulnerability is a patch bypass for CVE-2012-1823.",
"vendor": "PHP Group"
},
{
"cve": "CVE-2024-4610",
"date_added": "2024-06-12",
"due_date": "2024-07-03",
"epss": null,
"notes": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities; https://nvd.nist.gov/vuln/detail/CVE-2024-4610",
"percentile": null,
"poc_count": 4,
"product": "Mali GPU Kernel Driver",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Arm Bifrost and Valhall GPU kernel drivers contain a use-after-free vulnerability that allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.",
"vendor": "Arm"
},
{
"cve": "CVE-2024-4671",
"date_added": "2024-05-13",
"due_date": "2024-06-03",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html?m=1; https://nvd.nist.gov/vuln/detail/CVE-2024-4671",
"percentile": null,
"poc_count": 5,
"product": "Chromium",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium Visuals contains a use-after-free vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",
"vendor": "Google"
},
{
"cve": "CVE-2024-47575",
"date_added": "2024-10-23",
"due_date": "2024-11-13",
"epss": null,
"notes": "https://fortiguard.fortinet.com/psirt/FG-IR-24-423 ; https://nvd.nist.gov/vuln/detail/CVE-2024-47575",
"percentile": null,
"poc_count": 28,
"product": "FortiManager",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Fortinet FortiManager contains a missing authentication vulnerability in the fgfmd daemon that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.",
"vendor": "Fortinet"
},
{
"cve": "CVE-2024-4761",
"date_added": "2024-05-16",
"due_date": "2024-06-06",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_13.html; https://nvd.nist.gov/vuln/detail/CVE-2024-4761",
"percentile": null,
"poc_count": 6,
"product": "Chromium V8",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium V8 Engine contains an unspecified out-of-bounds memory write vulnerability via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",
"vendor": "Google"
},
{
"cve": "CVE-2024-48248",
"date_added": "2025-03-19",
"due_date": "2025-04-09",
"epss": null,
"notes": "https://helpcenter.nakivo.com/Release-Notes/Content/Release-Notes.htm ; https://nvd.nist.gov/vuln/detail/CVE-2024-48248",
"percentile": null,
"poc_count": 6,
"product": "Backup and Replication",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "NAKIVO Backup and Replication contains an absolute path traversal vulnerability that enables an attacker to read arbitrary files.",
"vendor": "NAKIVO"
},
{
"cve": "CVE-2024-4879",
"date_added": "2024-07-29",
"due_date": "2024-08-19",
"epss": null,
"notes": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1645154; https://nvd.nist.gov/vuln/detail/CVE-2024-4879",
"percentile": null,
"poc_count": 32,
"product": "Utah, Vancouver, and Washington DC Now Platform",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "ServiceNow Utah, Vancouver, and Washington DC Now Platform releases contain a jelly template injection vulnerability in UI macros. An unauthenticated user could exploit this vulnerability to execute code remotely.",
"vendor": "ServiceNow"
},
{
"cve": "CVE-2024-4885",
"date_added": "2025-03-03",
"due_date": "2025-03-24",
"epss": null,
"notes": "https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 ; https://nvd.nist.gov/vuln/detail/CVE-2024-4885",
"percentile": null,
"poc_count": 7,
"product": "WhatsUp Gold",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Progress WhatsUp Gold contains a path traversal vulnerability that allows an unauthenticated attacker to achieve remote code execution.",
"vendor": "Progress"
},
{
"cve": "CVE-2024-49035",
"date_added": "2025-02-25",
"due_date": "2025-03-18",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49035 ; https://nvd.nist.gov/vuln/detail/CVE-2024-49035",
"percentile": null,
"poc_count": 5,
"product": "Partner Center",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Partner Center contains an improper access control vulnerability that allows an attacker to escalate privileges.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-49039",
"date_added": "2024-11-12",
"due_date": "2024-12-03",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039 ; https://nvd.nist.gov/vuln/detail/CVE-2024-49039",
"percentile": null,
"poc_count": 5,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Task Scheduler contains a privilege escalation vulnerability that can allow an attacker-provided, local application to escalate privileges outside of its AppContainer, and access privileged RPC functions.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-49138",
"date_added": "2024-12-10",
"due_date": "2024-12-31",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49138 ; https://nvd.nist.gov/vuln/detail/CVE-2024-49138",
"percentile": null,
"poc_count": 30,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2024-4947",
"date_added": "2024-05-20",
"due_date": "2024-06-10",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html; https://nvd.nist.gov/vuln/detail/CVE-2024-4947",
"percentile": null,
"poc_count": 6,
"product": "Chromium V8",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page.",
"vendor": "Google"
},
{
"cve": "CVE-2024-50302",
"date_added": "2025-03-04",
"due_date": "2025-03-25",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lore.kernel.org/linux-cve-announce/2024111908-CVE-2024-50302-f677@gregkh/ ; https://source.android.com/docs/security/bulletin/2025-03-01 ; https://nvd.nist.gov/vuln/detail/CVE-2024-50302",
"percentile": null,
"poc_count": 9,
"product": "Kernel",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "The Linux kernel contains a use of uninitialized resource vulnerability that allows an attacker to leak kernel memory via a specially crafted HID report.",
"vendor": "Linux"
},
{
"cve": "CVE-2024-50603",
"date_added": "2025-01-16",
"due_date": "2025-02-06",
"epss": null,
"notes": "https://docs.aviatrix.com/documentation/latest/release-notices/psirt-advisories/psirt-advisories.html?expand=true ; https://nvd.nist.gov/vuln/detail/CVE-2024-50603",
"percentile": null,
"poc_count": 15,
"product": "Controllers",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Aviatrix Controllers contain an OS command injection vulnerability that could allow an unauthenticated attacker to execute arbitrary code. Shell metacharacters can be sent to /v1/api in cloud_type for list_flightpath_destination_instances, or src_cloud_type for flightpath_connection_test.",
"vendor": "Aviatrix"
},
{
"cve": "CVE-2024-50623",
"date_added": "2024-12-13",
"due_date": "2025-01-03",
"epss": null,
"notes": "https://support.cleo.com/hc/en-us/articles/28408134019735-Cleo-Product-Security-Update ; https://nvd.nist.gov/vuln/detail/CVE-2024-50623",
"percentile": null,
"poc_count": 11,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload and download vulnerability that can lead to remote code execution with elevated privileges.",
"vendor": "Cleo"
},
{
"cve": "CVE-2024-51378",
"date_added": "2024-12-04",
"due_date": "2024-12-25",
"epss": null,
"notes": "https://cyberpanel.net/KnowledgeBase/home/change-logs/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-51378",
"percentile": null,
"poc_count": 9,
"product": "CyberPanel",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "CyberPanel contains an incorrect default permissions vulnerability that allows for authentication bypass and the execution of arbitrary commands using shell metacharacters in the statusfile property.",
"vendor": "CyberPersons"
},
{
"cve": "CVE-2024-51567",
"date_added": "2024-11-07",
"due_date": "2024-11-28",
"epss": null,
"notes": "https://cyberpanel.net/blog/detials-and-fix-of-recent-security-issue-and-patch-of-cyberpanel ; https://nvd.nist.gov/vuln/detail/CVE-2024-51567",
"percentile": null,
"poc_count": 7,
"product": "CyberPanel",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "CyberPanel contains an incorrect default permissions vulnerability that allows a remote, unauthenticated attacker to execute commands as root.",
"vendor": "CyberPersons"
},
{
"cve": "CVE-2024-5217",
"date_added": "2024-07-29",
"due_date": "2024-08-19",
"epss": null,
"notes": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1648313; https://nvd.nist.gov/vuln/detail/CVE-2024-5217",
"percentile": null,
"poc_count": 8,
"product": "Utah, Vancouver, and Washington DC Now Platform",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "ServiceNow Washington DC, Vancouver, and earlier Now Platform releases contain an incomplete list of disallowed inputs vulnerability in the GlideExpression script. An unauthenticated user could exploit this vulnerability to execute code remotely.",
"vendor": "ServiceNow"
},
{
"cve": "CVE-2024-5274",
"date_added": "2024-05-28",
"due_date": "2024-06-18",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.html?m=1; https://nvd.nist.gov/vuln/detail/CVE-2024-5274",
"percentile": null,
"poc_count": 12,
"product": "Chromium V8",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",
"vendor": "Google"
},
{
"cve": "CVE-2024-53104",
"date_added": "2025-02-05",
"due_date": "2025-02-26",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lore.kernel.org/linux-cve-announce/2024120232-CVE-2024-53104-d781@gregkh/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-53104",
"percentile": null,
"poc_count": 8,
"product": "Kernel",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Linux kernel contains an out-of-bounds write vulnerability in the uvc_parse_streaming component of the USB Video Class (UVC) driver that could allow for physical escalation of privilege.",
"vendor": "Linux"
},
{
"cve": "CVE-2024-53150",
"date_added": "2025-04-09",
"due_date": "2025-04-30",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lore.kernel.org/linux-cve-announce/2024122427-CVE-2024-53150-3a7d@gregkh/ ; https://source.android.com/docs/security/bulletin/2025-04-01 ; https://nvd.nist.gov/vuln/detail/CVE-2024-53150",
"percentile": null,
"poc_count": 5,
"product": "Kernel",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Linux Kernel contains an out-of-bounds read vulnerability in the USB-audio driver that allows a local, privileged attacker to obtain potentially sensitive information.",
"vendor": "Linux"
},
{
"cve": "CVE-2024-53197",
"date_added": "2025-04-09",
"due_date": "2025-04-30",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lore.kernel.org/linux-cve-announce/2024122725-CVE-2024-53197-6aef@gregkh/ ; https://source.android.com/docs/security/bulletin/2025-04-01 ; https://nvd.nist.gov/vuln/detail/CVE-2024-53197",
"percentile": null,
"poc_count": 8,
"product": "Kernel",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Linux Kernel contains an out-of-bounds access vulnerability in the USB-audio driver that allows an attacker with physical access to the system to use a malicious USB device to potentially manipulate system memory, escalate privileges, or execute arbitrary code.",
"vendor": "Linux"
},
{
"cve": "CVE-2024-53704",
"date_added": "2025-02-18",
"due_date": "2025-03-11",
"epss": null,
"notes": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003 ; https://nvd.nist.gov/vuln/detail/CVE-2024-53704",
"percentile": null,
"poc_count": 12,
"product": "SonicOS",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "SonicWall SonicOS contains an improper authentication vulnerability in the SSLVPN authentication mechanism that allows a remote attacker to bypass authentication.",
"vendor": "SonicWall"
},
{
"cve": "CVE-2024-54085",
"date_added": "2025-06-25",
"due_date": "2025-07-16",
"epss": null,
"notes": "This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025003.pdf ; https://security.netapp.com/advisory/ntap-20250328-0003/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-54085",
"percentile": null,
"poc_count": 7,
"product": "MegaRAC SPx",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "AMI MegaRAC SPx contains an authentication bypass by spoofing vulnerability in the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.",
"vendor": "AMI"
},
{
"cve": "CVE-2024-55550",
"date_added": "2025-01-07",
"due_date": "2025-01-28",
"epss": null,
"notes": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029 ; https://nvd.nist.gov/vuln/detail/CVE-2024-55550",
"percentile": null,
"poc_count": 6,
"product": "MiCollab",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Mitel MiCollab contains a path traversal vulnerability that could allow an authenticated attacker with administrative privileges to read local files within the system due to insufficient input sanitization. This vulnerability can be chained with CVE-2024-41713, which allows an unauthenticated, remote attacker to read arbitrary files on the server.",
"vendor": "Mitel"
},
{
"cve": "CVE-2024-55591",
"date_added": "2025-01-14",
"due_date": "2025-01-21",
"epss": null,
"notes": "https://fortiguard.fortinet.com/psirt/FG-IR-24-535 ; https://nvd.nist.gov/vuln/detail/CVE-2024-55591",
"percentile": null,
"poc_count": 19,
"product": "FortiOS and FortiProxy",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.",
"vendor": "Fortinet"
},
{
"cve": "CVE-2024-55956",
"date_added": "2024-12-17",
"due_date": "2025-01-07",
"epss": null,
"notes": "https://support.cleo.com/hc/en-us/articles/28408134019735-Cleo-Product-Security-Update-CVE-2024-55956 ; https://nvd.nist.gov/vuln/detail/CVE-2024-55956",
"percentile": null,
"poc_count": 6,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload vulnerability that could allow an unauthenticated user to import and execute arbitrary bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory.",
"vendor": "Cleo"
},
{
"cve": "CVE-2024-56145",
"date_added": "2025-06-02",
"due_date": "2025-06-23",
"epss": null,
"notes": "https://github.com/craftcms/cms/security/advisories/GHSA-2p6p-9rc9-62j9 ; https://nvd.nist.gov/vuln/detail/CVE-2024-56145",
"percentile": null,
"poc_count": 13,
"product": "Craft CMS",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Craft CMS contains a code injection vulnerability. Users with affected versions are vulnerable to remote code execution if their php.ini configuration has `register_argc_argv` enabled.",
"vendor": "Craft CMS"
},
{
"cve": "CVE-2024-57727",
"date_added": "2025-02-13",
"due_date": "2025-03-06",
"epss": null,
"notes": "https://simple-help.com/kb---security-vulnerabilities-01-2025 ; Additional CISA Mitigation Instructions: https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-163a ; https://nvd.nist.gov/vuln/detail/CVE-2024-57727",
"percentile": null,
"poc_count": 12,
"product": "SimpleHelp",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "SimpleHelp remote support software contains multiple path traversal vulnerabilities that allow unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files may include server configuration files and hashed user passwords.",
"vendor": "SimpleHelp"
},
{
"cve": "CVE-2024-57968",
"date_added": "2025-03-10",
"due_date": "2025-03-31",
"epss": null,
"notes": "https://advantive.my.site.com/support/s/article/VeraCore-Release-Notes-2024-4-2-1 ; https://nvd.nist.gov/vuln/detail/CVE-2024-57968",
"percentile": null,
"poc_count": 3,
"product": "VeraCore",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Advantive VeraCore contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to upload files to unintended folders via upload.apsx.",
"vendor": "Advantive"
},
{
"cve": "CVE-2024-58136",
"date_added": "2025-05-02",
"due_date": "2025-05-23",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://www.yiiframework.com/news/709/please-upgrade-to-yii-2-0-52 ; https://nvd.nist.gov/vuln/detail/CVE-2024-58136",
"percentile": null,
"poc_count": 4,
"product": "Yii",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Yii Framework contains an improper protection of alternate path vulnerability that may allow a remote attacker to execute arbitrary code. This vulnerability could affect other products that implement Yii, including—but not limited to—Craft CMS, as represented by CVE-2025-32432.",
"vendor": "Yiiframework"
},
{
"cve": "CVE-2024-5910",
"date_added": "2024-11-07",
"due_date": "2024-11-28",
"epss": null,
"notes": "https://security.paloaltonetworks.com/CVE-2024-5910 ; https://nvd.nist.gov/vuln/detail/CVE-2024-5910",
"percentile": null,
"poc_count": 7,
"product": "Expedition",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Palo Alto Networks Expedition contains a missing authentication vulnerability that allows an attacker with network access to takeover an Expedition admin account and potentially access configuration secrets, credentials, and other data.",
"vendor": "Palo Alto Networks"
},
{
"cve": "CVE-2024-6047",
"date_added": "2025-05-07",
"due_date": "2025-05-28",
"epss": null,
"notes": "https://dlcdn.geovision.com.tw/TechNotice/CyberSecurity/Security_Advisory_IP_Device_2024-11.pdf ; https://nvd.nist.gov/vuln/detail/CVE-2024-6047",
"percentile": null,
"poc_count": 3,
"product": "Multiple Devices",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Multiple GeoVision devices contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to inject and execute arbitrary system commands. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.",
"vendor": "GeoVision"
},
{
"cve": "CVE-2024-6670",
"date_added": "2024-09-16",
"due_date": "2024-10-07",
"epss": null,
"notes": "https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-August-2024 ; https://nvd.nist.gov/vuln/detail/CVE-2024-6670",
"percentile": null,
"poc_count": 4,
"product": "WhatsUp Gold",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user.",
"vendor": "Progress"
},
{
"cve": "CVE-2024-7262",
"date_added": "2024-09-03",
"due_date": "2024-09-24",
"epss": null,
"notes": "While CISA cannot confirm the effectiveness of patches at this time, it is recommended that mitigations be applied per vendor instructions if available. If these instructions cannot be located or if mitigations are unavailable, discontinue the use of the product.; https://nvd.nist.gov/vuln/detail/CVE-2024-7262",
"percentile": null,
"poc_count": 1,
"product": "WPS Office",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Kingsoft WPS Office contains a path traversal vulnerability in promecefpluginhost.exe on Windows that allows an attacker to load an arbitrary Windows library.",
"vendor": "Kingsoft"
},
{
"cve": "CVE-2024-7593",
"date_added": "2024-09-24",
"due_date": "2024-10-15",
"epss": null,
"notes": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Virtual-Traffic-Manager-vTM-CVE-2024-7593 ; https://nvd.nist.gov/vuln/detail/CVE-2024-7593",
"percentile": null,
"poc_count": 20,
"product": "Virtual Traffic Manager",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Ivanti Virtual Traffic Manager contains an authentication bypass vulnerability that allows a remote, unauthenticated attacker to create a chosen administrator account.",
"vendor": "Ivanti"
},
{
"cve": "CVE-2024-7965",
"date_added": "2024-08-28",
"due_date": "2024-09-18",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html; https://nvd.nist.gov/vuln/detail/CVE-2024-7965",
"percentile": null,
"poc_count": 6,
"product": "Chromium V8",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium V8 contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",
"vendor": "Google"
},
{
"cve": "CVE-2024-7971",
"date_added": "2024-08-26",
"due_date": "2024-09-16",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html; https://nvd.nist.gov/vuln/detail/CVE-2024-7971",
"percentile": null,
"poc_count": 4,
"product": "Chromium V8",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",
"vendor": "Google"
},
{
"cve": "CVE-2024-8068",
"date_added": "2025-08-25",
"due_date": "2025-09-15",
"epss": null,
"notes": "https://support.citrix.com/external/article/691941/citrix-session-recording-security-bullet.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-8068",
"percentile": null,
"poc_count": 7,
"product": "Session Recording",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Citrix Session Recording contains an improper privilege management vulnerability that could allow for privilege escalation to NetworkService Account access. An attacker must be an authenticated user in the same Windows Active Directory domain as the session recording server domain.",
"vendor": "Citrix"
},
{
"cve": "CVE-2024-8069",
"date_added": "2025-08-25",
"due_date": "2025-09-15",
"epss": null,
"notes": "https://support.citrix.com/external/article/691941/citrix-session-recording-security-bullet.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-8069",
"percentile": null,
"poc_count": 9,
"product": "Session Recording",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Citrix Session Recording contains a deserialization of untrusted data vulnerability that allows limited remote code execution with privilege of a NetworkService Account access. Attacker must be an authenticated user on the same intranet as the session recording server.",
"vendor": "Citrix"
},
{
"cve": "CVE-2024-8190",
"date_added": "2024-09-13",
"due_date": "2024-10-04",
"epss": null,
"notes": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190; https://nvd.nist.gov/vuln/detail/CVE-2024-8190",
"percentile": null,
"poc_count": 16,
"product": "Cloud Services Appliance",
"required_action": "As Ivanti CSA has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line of supported solutions, as future vulnerabilities on the 4.6.x version of CSA are unlikely to receive future security updates.",
"short_description": "Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to the underlying OS.",
"vendor": "Ivanti"
},
{
"cve": "CVE-2024-8956",
"date_added": "2024-11-04",
"due_date": "2024-11-25",
"epss": null,
"notes": "https://ptzoptics.com/firmware-changelog/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-8956",
"percentile": null,
"poc_count": 3,
"product": "PT30X-SDI/NDI Cameras",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference (IDOR) vulnerability that allows a remote, attacker to bypass authentication for the /cgi-bin/param.cgi CGI script. If combined with CVE-2024-8957, this can lead to remote code execution as root.",
"vendor": "PTZOptics"
},
{
"cve": "CVE-2024-8957",
"date_added": "2024-11-04",
"due_date": "2024-11-25",
"epss": null,
"notes": "https://ptzoptics.com/firmware-changelog/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-8957",
"percentile": null,
"poc_count": 3,
"product": "PT30X-SDI/NDI Cameras",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "PTZOptics PT30X-SDI/NDI cameras contain an OS command injection vulnerability that allows a remote, authenticated attacker to escalate privileges to root via a crafted payload with the ntp_addr parameter of the /cgi-bin/param.cgi CGI script.",
"vendor": "PTZOptics"
},
{
"cve": "CVE-2024-8963",
"date_added": "2024-09-19",
"due_date": "2024-10-10",
"epss": null,
"notes": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-4-6-Cloud-Services-Appliance-CVE-2024-8963 ; https://nvd.nist.gov/vuln/detail/CVE-2024-8963",
"percentile": null,
"poc_count": 5,
"product": "Cloud Services Appliance (CSA)",
"required_action": "As Ivanti CSA has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line of supported solutions, as future vulnerabilities on the 4.6.x version of CSA are unlikely to receive security updates.",
"short_description": "Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If CVE-2024-8963 is used in conjunction with CVE-2024-8190, an attacker could bypass admin authentication and execute arbitrary commands on the appliance.",
"vendor": "Ivanti"
},
{
"cve": "CVE-2024-9379",
"date_added": "2024-10-09",
"due_date": "2024-10-30",
"epss": null,
"notes": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9379",
"percentile": null,
"poc_count": 2,
"product": "Cloud Services Appliance (CSA)",
"required_action": "As Ivanti CSA 4.6.x has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line, or later, of supported solution.",
"short_description": "Ivanti Cloud Services Appliance (CSA) contains a SQL injection vulnerability in the admin web console in versions prior to 5.0.2, which can allow a remote attacker authenticated as administrator to run arbitrary SQL statements.",
"vendor": "Ivanti"
},
{
"cve": "CVE-2024-9380",
"date_added": "2024-10-09",
"due_date": "2024-10-30",
"epss": null,
"notes": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9380",
"percentile": null,
"poc_count": 1,
"product": "Cloud Services Appliance (CSA)",
"required_action": "As Ivanti CSA 4.6.x has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line, or later, of supported solution.",
"short_description": "Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to the underlying OS.",
"vendor": "Ivanti"
},
{
"cve": "CVE-2024-9463",
"date_added": "2024-11-14",
"due_date": "2024-12-05",
"epss": null,
"notes": "https://security.paloaltonetworks.com/PAN-SA-2024-0010 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9463",
"percentile": null,
"poc_count": 7,
"product": "Expedition",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Palo Alto Networks Expedition contains an OS command injection vulnerability that allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.",
"vendor": "Palo Alto Networks"
},
{
"cve": "CVE-2024-9465",
"date_added": "2024-11-14",
"due_date": "2024-12-05",
"epss": null,
"notes": "https://security.paloaltonetworks.com/PAN-SA-2024-0010 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9465",
"percentile": null,
"poc_count": 18,
"product": "Expedition",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Palo Alto Networks Expedition contains a SQL injection vulnerability that allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.",
"vendor": "Palo Alto Networks"
},
{
"cve": "CVE-2024-9474",
"date_added": "2024-11-18",
"due_date": "2024-12-09",
"epss": null,
"notes": "https://security.paloaltonetworks.com/CVE-2024-9474 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9474",
"percentile": null,
"poc_count": 27,
"product": "PAN-OS",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, the management interfaces for affected devices should not be exposed to untrusted networks, including the internet.",
"short_description": "Palo Alto Networks PAN-OS contains an OS command injection vulnerability that allows for privilege escalation through the web-based management interface for several PAN products, including firewalls and VPN concentrators.",
"vendor": "Palo Alto Networks"
},
{
"cve": "CVE-2024-9537",
"date_added": "2024-10-21",
"due_date": "2024-11-11",
"epss": null,
"notes": "https://support.sciencelogic.com/s/article/15527 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9537",
"percentile": null,
"poc_count": 3,
"product": "SL1",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component.",
"vendor": "ScienceLogic"
},
{
"cve": "CVE-2024-9680",
"date_added": "2024-10-15",
"due_date": "2024-11-05",
"epss": null,
"notes": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-9680",
"percentile": null,
"poc_count": 7,
"product": "Firefox",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Mozilla Firefox and Firefox ESR contain a use-after-free vulnerability in Animation timelines that allows for code execution in the content process.",
"vendor": "Mozilla"
},
{
"cve": "CVE-2025-0108",
"date_added": "2025-02-18",
"due_date": "2025-03-11",
"epss": null,
"notes": "https://security.paloaltonetworks.com/CVE-2025-0108 ; https://nvd.nist.gov/vuln/detail/CVE-2025-0108",
"percentile": null,
"poc_count": 23,
"product": "PAN-OS",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network access to the management web interface to bypass the authentication normally required and invoke certain PHP scripts.",
"vendor": "Palo Alto Networks"
},
{
"cve": "CVE-2025-0111",
"date_added": "2025-02-20",
"due_date": "2025-03-13",
"epss": null,
"notes": "https://security.paloaltonetworks.com/CVE-2025-0111 ; https://nvd.nist.gov/vuln/detail/CVE-2025-0111",
"percentile": null,
"poc_count": 5,
"product": "PAN-OS",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.",
"vendor": "Palo Alto Networks"
},
{
"cve": "CVE-2025-0282",
"date_added": "2025-01-08",
"due_date": "2025-01-15",
"epss": null,
"notes": "CISA Mitigation Instructions: https://www.cisa.gov/cisa-mitigation-instructions-CVE-2025-0282 Additional References: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283 ; https://nvd.nist.gov/vuln/detail/CVE-2025-0282",
"percentile": null,
"poc_count": 30,
"product": "Connect Secure, Policy Secure, and ZTA Gateways",
"required_action": "Apply mitigations as set forth in the CISA instructions linked below to include conducting hunt activities, taking remediation actions if applicable, and applying updates prior to returning a device to service.",
"short_description": "Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.",
"vendor": "Ivanti"
},
{
"cve": "CVE-2025-0411",
"date_added": "2025-02-06",
"due_date": "2025-02-27",
"epss": null,
"notes": "https://www.7-zip.org/history.txt ; https://nvd.nist.gov/vuln/detail/CVE-2025-0411",
"percentile": null,
"poc_count": 19,
"product": "7-Zip",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "7-Zip contains a protection mechanism failure vulnerability that allows remote attackers to bypass the Mark-of-the-Web security feature to execute arbitrary code in the context of the current user.",
"vendor": "7-Zip"
},
{
"cve": "CVE-2025-0994",
"date_added": "2025-02-07",
"due_date": "2025-02-28",
"epss": null,
"notes": "https://learn.assetlifecycle.trimble.com/i/1532182-cityworks-customer-communication-2025-02-05-docx/0?; https://www.cisa.gov/news-events/ics-advisories/icsa-25-037-04 ; https://nvd.nist.gov/vuln/detail/CVE-2025-0994",
"percentile": null,
"poc_count": 5,
"product": "Cityworks",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services (IIS) web server.",
"vendor": "Trimble"
},
{
"cve": "CVE-2025-10035",
"date_added": "2025-09-29",
"due_date": "2025-10-20",
"epss": null,
"notes": "https://www.fortra.com/security/advisories/product-security/fi-2025-012 ; https://nvd.nist.gov/vuln/detail/CVE-2025-10035",
"percentile": null,
"poc_count": 8,
"product": "GoAnywhere MFT",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Fortra GoAnywhere MFT contains a deserialization of untrusted data vulnerability allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.",
"vendor": "Fortra"
},
{
"cve": "CVE-2025-10585",
"date_added": "2025-09-23",
"due_date": "2025-10-14",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-10585",
"percentile": null,
"poc_count": 11,
"product": "Chromium V8",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium contains a type confusion vulnerability in the V8 JavaScript and WebAssembly engine.",
"vendor": "Google"
},
{
"cve": "CVE-2025-1316",
"date_added": "2025-03-19",
"due_date": "2025-04-09",
"epss": null,
"notes": "https://www.edimax.com/edimax/post/post/data/edimax/global/press_releases/4801/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-1316",
"percentile": null,
"poc_count": 2,
"product": "IC-7100 IP Camera",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Edimax IC-7100 IP camera contains an OS command injection vulnerability due to improper input sanitization that allows an attacker to achieve remote code execution via specially crafted requests. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.",
"vendor": "Edimax"
},
{
"cve": "CVE-2025-1976",
"date_added": "2025-04-28",
"due_date": "2025-05-19",
"epss": null,
"notes": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25602 ; https://nvd.nist.gov/vuln/detail/CVE-2025-1976",
"percentile": null,
"poc_count": 2,
"product": "Brocade Fabric OS",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Broadcom Brocade Fabric OS contains a code injection vulnerability that allows a local user with administrative privileges to execute arbitrary code with full root privileges.",
"vendor": "Broadcom"
},
{
"cve": "CVE-2025-20281",
"date_added": "2025-07-28",
"due_date": "2025-08-18",
"epss": null,
"notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6 ; https://nvd.nist.gov/vuln/detail/CVE-2025-20281",
"percentile": null,
"poc_count": 10,
"product": "Identity Services Engine",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input allowing an attacker to exploit this vulnerability by submitting a crafted API request. Successful exploitation could allow an attacker to perform remote code execution and obtaining root privileges on an affected device.",
"vendor": "Cisco"
},
{
"cve": "CVE-2025-20333",
"date_added": "2025-09-25",
"due_date": "2025-09-26",
"epss": null,
"notes": "CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-25-03-core-dump-and-hunt-instructions ; https://www.cisa.gov/eviction-strategies-tool/create-from-template ; https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks ; https://sec.cloudapps.cisco.com/security/center/private/resources/asa_ftd_continued_attacks#Details ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB ; https://nvd.nist.gov/vuln/detail/CVE-2025-20333",
"percentile": null,
"poc_count": 4,
"product": "Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense",
"required_action": "The KEV due date refers to the deadline by which FCEB agencies are expected to review and begin implementing the guidance outlined in Emergency Directive (ED) 25-03 (URL listed below in Notes). Agencies must follow the mitigation steps provided by CISA (URL listed below in Notes) and vendors instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.",
"short_description": "Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a buffer overflow vulnerability that allows for remote code execution. This vulnerability could be chained with CVE-2025-20362.",
"vendor": "Cisco"
},
{
"cve": "CVE-2025-20337",
"date_added": "2025-07-28",
"due_date": "2025-08-18",
"epss": null,
"notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6 ; https://nvd.nist.gov/vuln/detail/CVE-2025-20337",
"percentile": null,
"poc_count": 5,
"product": "Identity Services Engine",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input allowing an attacker to exploit this vulnerability by submitting a crafted API request. Successful exploitation could allow an attacker to perform remote code execution and obtaining root privileges on an affected device.",
"vendor": "Cisco"
},
{
"cve": "CVE-2025-20352",
"date_added": "2025-09-29",
"due_date": "2025-10-20",
"epss": null,
"notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte ; https://nvd.nist.gov/vuln/detail/CVE-2025-20352",
"percentile": null,
"poc_count": 2,
"product": "IOS and IOS XE",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Cisco IOS and IOS XE contains a stack-based buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) subsystem that could allow for denial of service or remote code execution. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system.",
"vendor": "Cisco"
},
{
"cve": "CVE-2025-20362",
"date_added": "2025-09-25",
"due_date": "2025-09-26",
"epss": null,
"notes": "CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-25-03-core-dump-and-hunt-instructions ; https://www.cisa.gov/eviction-strategies-tool/create-from-template ; https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks ; https://sec.cloudapps.cisco.com/security/center/private/resources/asa_ftd_continued_attacks#Details ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW ; https://nvd.nist.gov/vuln/detail/CVE-2025-20362",
"percentile": null,
"poc_count": 3,
"product": "Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense",
"required_action": "The KEV due date refers to the deadline by which FCEB agencies are expected to review and begin implementing the guidance outlined in Emergency Directive (ED) 25-03 (URL listed below in Notes). Agencies must follow the mitigation steps provided by CISA (URL listed below in Notes) and vendors instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.",
"short_description": "Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a missing authorization vulnerability. This vulnerability could be chained with CVE-2025-20333.",
"vendor": "Cisco"
},
{
"cve": "CVE-2025-21043",
"date_added": "2025-10-02",
"due_date": "2025-10-23",
"epss": null,
"notes": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=09 ; https://nvd.nist.gov/vuln/detail/CVE-2025-21043",
"percentile": null,
"poc_count": 4,
"product": "Mobile Devices",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so which allows remote attackers to execute arbitrary code.",
"vendor": "Samsung"
},
{
"cve": "CVE-2025-21333",
"date_added": "2025-01-14",
"due_date": "2025-02-04",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21333 ; https://nvd.nist.gov/vuln/detail/CVE-2025-21333",
"percentile": null,
"poc_count": 14,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Hyper-V NT Kernel Integration VSP contains a heap-based buffer overflow vulnerability that allows a local attacker to gain SYSTEM privileges.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-21334",
"date_added": "2025-01-14",
"due_date": "2025-02-04",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21334 ; https://nvd.nist.gov/vuln/detail/CVE-2025-21334",
"percentile": null,
"poc_count": 2,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-21335",
"date_added": "2025-01-14",
"due_date": "2025-02-04",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21335 ; https://nvd.nist.gov/vuln/detail/CVE-2025-21335",
"percentile": null,
"poc_count": 2,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-21391",
"date_added": "2025-02-11",
"due_date": "2025-03-04",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21391 ; https://nvd.nist.gov/vuln/detail/CVE-2025-21391",
"percentile": null,
"poc_count": 3,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including data that results in the service being unavailable.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-21418",
"date_added": "2025-02-11",
"due_date": "2025-03-04",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21418 ; https://nvd.nist.gov/vuln/detail/CVE-2025-21418",
"percentile": null,
"poc_count": 2,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-21479",
"date_added": "2025-06-03",
"due_date": "2025-06-24",
"epss": null,
"notes": "Please check with specific vendors (OEMs,) for information on patching status. For more information, please see: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-21479",
"percentile": null,
"poc_count": 10,
"product": "Multiple Chipsets",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.",
"vendor": "Qualcomm"
},
{
"cve": "CVE-2025-21480",
"date_added": "2025-06-03",
"due_date": "2025-06-24",
"epss": null,
"notes": "Please check with specific vendors (OEMs,) for information on patching status. For more information, please see: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-21480",
"percentile": null,
"poc_count": 2,
"product": "Multiple Chipsets",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.",
"vendor": "Qualcomm"
},
{
"cve": "CVE-2025-21590",
"date_added": "2025-03-13",
"due_date": "2025-04-03",
"epss": null,
"notes": "https://supportportal.juniper.net/s/article/2025-03-Out-of-Cycle-Security-Bulletin-Junos-OS-A-local-attacker-with-shell-access-can-execute-arbitrary-code-CVE-2025-21590?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2025-21590",
"percentile": null,
"poc_count": 3,
"product": "Junos OS",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to inject arbitrary code.",
"vendor": "Juniper"
},
{
"cve": "CVE-2025-22224",
"date_added": "2025-03-04",
"due_date": "2025-03-25",
"epss": null,
"notes": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390 ; https://nvd.nist.gov/vuln/detail/CVE-2025-22224",
"percentile": null,
"poc_count": 10,
"product": "ESXi and Workstation",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "VMware ESXi and Workstation contain a time-of-check time-of-use (TOCTOU) race condition vulnerability that leads to an out-of-bounds write. Successful exploitation enables an attacker with local administrative privileges on a virtual machine to execute code as the virtual machine's VMX process running on the host.",
"vendor": "VMware"
},
{
"cve": "CVE-2025-22225",
"date_added": "2025-03-04",
"due_date": "2025-03-25",
"epss": null,
"notes": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390 ; https://nvd.nist.gov/vuln/detail/CVE-2025-22225",
"percentile": null,
"poc_count": 4,
"product": "ESXi",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of the sandbox.",
"vendor": "VMware"
},
{
"cve": "CVE-2025-22226",
"date_added": "2025-03-04",
"due_date": "2025-03-25",
"epss": null,
"notes": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390 ; https://nvd.nist.gov/vuln/detail/CVE-2025-22226",
"percentile": null,
"poc_count": 4,
"product": "ESXi, Workstation, and Fusion",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. Successful exploitation allows an attacker with administrative privileges to a virtual machine to leak memory from the vmx process.",
"vendor": "VMware"
},
{
"cve": "CVE-2025-22457",
"date_added": "2025-04-04",
"due_date": "2025-04-11",
"epss": null,
"notes": "CISA Mitigation Instructions: https://www.cisa.gov/cisa-mitigation-instructions-cve-2025-22457 ; Additional References: https://forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457 ; https://nvd.nist.gov/vuln/detail/CVE-2025-22457",
"percentile": null,
"poc_count": 11,
"product": "Connect Secure, Policy Secure, and ZTA Gateways",
"required_action": "Apply mitigations as set forth in the CISA instructions linked below.",
"short_description": "Ivanti Connect Secure, Policy Secure, and ZTA Gateways contains a stack-based buffer overflow vulnerability that allows a remote unauthenticated attacker to achieve remote code execution.",
"vendor": "Ivanti"
},
{
"cve": "CVE-2025-23006",
"date_added": "2025-01-24",
"due_date": "2025-02-14",
"epss": null,
"notes": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002 ; https://nvd.nist.gov/vuln/detail/CVE-2025-23006",
"percentile": null,
"poc_count": 2,
"product": "SMA1000 Appliances",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacker to execute arbitrary OS commands.",
"vendor": "SonicWall"
},
{
"cve": "CVE-2025-23209",
"date_added": "2025-02-20",
"due_date": "2025-03-13",
"epss": null,
"notes": "https://github.com/craftcms/cms/security/advisories/GHSA-x684-96hh-833x ; https://nvd.nist.gov/vuln/detail/CVE-2025-23209",
"percentile": null,
"poc_count": 3,
"product": "Craft CMS",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Craft CMS contains a code injection vulnerability caused by improper validation of the database backup path, ultimately enabling remote code execution.",
"vendor": "Craft CMS"
},
{
"cve": "CVE-2025-24016",
"date_added": "2025-06-10",
"due_date": "2025-07-01",
"epss": null,
"notes": "https://wazuh.com/blog/addressing-the-cve-2025-24016-vulnerability/ ; https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh ; https://nvd.nist.gov/vuln/detail/CVE-2025-24016",
"percentile": null,
"poc_count": 19,
"product": "Wazuh Server",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Wazuh contains a deserialization of untrusted data vulnerability that allows for remote code execution on Wazuh servers.",
"vendor": "Wazuh"
},
{
"cve": "CVE-2025-24054",
"date_added": "2025-04-17",
"due_date": "2025-05-08",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24054 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24054",
"percentile": null,
"poc_count": 25,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows NTLM contains an external control of file name or path vulnerability that allows an unauthorized attacker to perform spoofing over a network.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-24085",
"date_added": "2025-01-29",
"due_date": "2025-02-19",
"epss": null,
"notes": "https://support.apple.com/en-us/122066 ; https://support.apple.com/en-us/122068 ; https://support.apple.com/en-us/122071 ; https://support.apple.com/en-us/122072 ; https://support.apple.com/en-us/122073 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24085",
"percentile": null,
"poc_count": 10,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apple iOS, macOS, and other Apple products contain a user-after-free vulnerability that could allow a malicious application to elevate privileges.",
"vendor": "Apple"
},
{
"cve": "CVE-2025-24200",
"date_added": "2025-02-12",
"due_date": "2025-03-05",
"epss": null,
"notes": "https://support.apple.com/en-us/122173 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24200",
"percentile": null,
"poc_count": 10,
"product": "iOS and iPadOS",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apple iOS and iPadOS contains an incorrect authorization vulnerability that allows a physical attacker to disable USB Restricted Mode on a locked device.",
"vendor": "Apple"
},
{
"cve": "CVE-2025-24201",
"date_added": "2025-03-13",
"due_date": "2025-04-03",
"epss": null,
"notes": "https://support.apple.com/en-us/122281 ; https://support.apple.com/en-us/122283 ; https://support.apple.com/en-us/122284 ; https://support.apple.com/en-us/122285 ; ; https://nvd.nist.gov/vuln/detail/CVE-2025-24201",
"percentile": null,
"poc_count": 11,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apple iOS, iPadOS, macOS, and other Apple products contain an out-of-bounds write vulnerability in WebKit that may allow maliciously crafted web content to break out of Web Content sandbox. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",
"vendor": "Apple"
},
{
"cve": "CVE-2025-24472",
"date_added": "2025-03-18",
"due_date": "2025-04-08",
"epss": null,
"notes": "https://fortiguard.fortinet.com/psirt/FG-IR-24-535 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24472",
"percentile": null,
"poc_count": 4,
"product": "FortiOS and FortiProxy",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests.",
"vendor": "Fortinet"
},
{
"cve": "CVE-2025-24813",
"date_added": "2025-04-01",
"due_date": "2025-04-22",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq ; https://nvd.nist.gov/vuln/detail/CVE-2025-24813",
"percentile": null,
"poc_count": 87,
"product": "Tomcat",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apache Tomcat contains a path equivalence vulnerability that allows a remote attacker to execute code, disclose information, or inject malicious content via a partial PUT request.",
"vendor": "Apache"
},
{
"cve": "CVE-2025-24893",
"date_added": "2025-10-30",
"due_date": "2025-11-20",
"epss": null,
"notes": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rr6p-3pfg-562j ; https://nvd.nist.gov/vuln/detail/CVE-2025-24893",
"percentile": null,
"poc_count": 42,
"product": "Platform",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "XWiki Platform contains an eval injection vulnerability that could allow any guest to perform arbitrary remote code execution through a request to SolrSearch.",
"vendor": "XWiki"
},
{
"cve": "CVE-2025-24983",
"date_added": "2025-03-11",
"due_date": "2025-04-01",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-24983 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24983",
"percentile": null,
"poc_count": 6,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-24984",
"date_added": "2025-03-11",
"due_date": "2025-04-01",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-24984 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24984",
"percentile": null,
"poc_count": 3,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized attacker to disclose information with a physical attack. An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-24985",
"date_added": "2025-03-11",
"due_date": "2025-04-01",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-24985 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24985",
"percentile": null,
"poc_count": 5,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code locally.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-24989",
"date_added": "2025-02-21",
"due_date": "2025-03-14",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24989 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24989",
"percentile": null,
"poc_count": 4,
"product": "Power Pages",
"required_action": "Apply mitigations per vendor instructions, follow BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Power Pages contains an improper access control vulnerability that allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-24991",
"date_added": "2025-03-11",
"due_date": "2025-04-01",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-24991 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24991",
"percentile": null,
"poc_count": 3,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability that allows an authorized attacker to disclose information locally.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-24993",
"date_added": "2025-03-11",
"due_date": "2025-04-01",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-24993 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24993",
"percentile": null,
"poc_count": 3,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows New Technology File System (NTFS) contains a heap-based buffer overflow vulnerability that allows an unauthorized attacker to execute code locally.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-25181",
"date_added": "2025-03-10",
"due_date": "2025-03-31",
"epss": null,
"notes": "https://advantive.my.site.com/support/s/article/Veracore-Release-Notes-2025-1-1-3 ; https://nvd.nist.gov/vuln/detail/CVE-2025-25181",
"percentile": null,
"poc_count": 5,
"product": "VeraCore",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Advantive VeraCore contains a SQL injection vulnerability in timeoutWarning.asp that allows a remote attacker to execute arbitrary SQL commands via the PmSess1 parameter.",
"vendor": "Advantive"
},
{
"cve": "CVE-2025-25257",
"date_added": "2025-07-18",
"due_date": "2025-08-08",
"epss": null,
"notes": "https://fortiguard.fortinet.com/psirt/FG-IR-25-151 ; https://nvd.nist.gov/vuln/detail/CVE-2025-25257",
"percentile": null,
"poc_count": 19,
"product": "FortiWeb",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Fortinet FortiWeb contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.",
"vendor": "Fortinet"
},
{
"cve": "CVE-2025-26633",
"date_added": "2025-03-11",
"due_date": "2025-04-01",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-26633 ; https://nvd.nist.gov/vuln/detail/CVE-2025-26633",
"percentile": null,
"poc_count": 9,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Management Console (MMC) contains an improper neutralization vulnerability that allows an unauthorized attacker to bypass a security feature locally.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-27038",
"date_added": "2025-06-03",
"due_date": "2025-06-24",
"epss": null,
"notes": "Please check with specific vendors (OEMs,) for information on patching status. For more information, please see: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-27038",
"percentile": null,
"poc_count": 2,
"product": "Multiple Chipsets",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Multiple Qualcomm chipsets contain a use-after-free vulnerability. This vulnerability allows for memory corruption while rendering graphics using Adreno GPU drivers in Chrome.",
"vendor": "Qualcomm"
},
{
"cve": "CVE-2025-27363",
"date_added": "2025-05-06",
"due_date": "2025-05-27",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://source.android.com/docs/security/bulletin/2025-05-01 ; https://nvd.nist.gov/vuln/detail/CVE-2025-27363",
"percentile": null,
"poc_count": 14,
"product": "FreeType",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "FreeType contains an out-of-bounds write vulnerability when attempting to parse font subglyph structures related to TrueType GX and variable font files that may allow for arbitrary code execution.",
"vendor": "FreeType"
},
{
"cve": "CVE-2025-2746",
"date_added": "2025-10-20",
"due_date": "2025-11-10",
"epss": null,
"notes": "https://devnet.kentico.com/download/hotfixes ; https://nvd.nist.gov/vuln/detail/CVE-2025-2746",
"percentile": null,
"poc_count": 1,
"product": "Xperience CMS",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Kentico Xperience CMS contains an authentication bypass using an alternate path or channel vulnerability that could allow an attacker to control administrative objects.",
"vendor": "Kentico"
},
{
"cve": "CVE-2025-2747",
"date_added": "2025-10-20",
"due_date": "2025-11-10",
"epss": null,
"notes": "https://devnet.kentico.com/download/hotfixes ; https://nvd.nist.gov/vuln/detail/CVE-2025-2747",
"percentile": null,
"poc_count": 1,
"product": "Xperience CMS",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Kentico Xperience CMS contains an authentication bypass using an alternate path or channel vulnerability that could allow an attacker to control administrative objects.",
"vendor": "Kentico"
},
{
"cve": "CVE-2025-2775",
"date_added": "2025-07-22",
"due_date": "2025-08-12",
"epss": null,
"notes": "https://documentation.sysaid.com/docs/24-40-60 ; https://nvd.nist.gov/vuln/detail/CVE-2025-2775",
"percentile": null,
"poc_count": 6,
"product": "SysAid On-Prem",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives.",
"vendor": "SysAid"
},
{
"cve": "CVE-2025-2776",
"date_added": "2025-07-22",
"due_date": "2025-08-12",
"epss": null,
"notes": "https://documentation.sysaid.com/docs/24-40-60 ; https://nvd.nist.gov/vuln/detail/CVE-2025-2776",
"percentile": null,
"poc_count": 7,
"product": "SysAid On-Prem",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives.",
"vendor": "SysAid"
},
{
"cve": "CVE-2025-2783",
"date_added": "2025-03-27",
"due_date": "2025-04-17",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-2783",
"percentile": null,
"poc_count": 7,
"product": "Chromium Mojo",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium Mojo on Windows contains a sandbox escape vulnerability caused by a logic error, which results from an incorrect handle being provided in unspecified circumstances. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",
"vendor": "Google"
},
{
"cve": "CVE-2025-27915",
"date_added": "2025-10-07",
"due_date": "2025-10-28",
"epss": null,
"notes": "https://wiki.zimbra.com/wiki/Security_Center ; https://nvd.nist.gov/vuln/detail/CVE-2025-27915",
"percentile": null,
"poc_count": 1,
"product": "Zimbra Collaboration Suite (ZCS)",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that exists in the Classic Web Client due to insufficient sanitization of HTML content in ICS files. When a user views an e-mail message containing a malicious ICS entry, its embedded JavaScript executes via an ontoggle event inside a tag. This allows an attacker to run arbitrary JavaScript within the victim's session, potentially leading to unauthorized actions such as setting e-mail filters to redirect messages to an attacker-controlled address. As a result, an attacker can perform unauthorized actions on the victim's account, including e-mail redirection and data exfiltration.",
"vendor": "Synacor"
},
{
"cve": "CVE-2025-27920",
"date_added": "2025-05-19",
"due_date": "2025-06-09",
"epss": null,
"notes": "https://www.outputmessenger.com/cve-2025-27920/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-27920",
"percentile": null,
"poc_count": 2,
"product": "Output Messenger",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Srimax Output Messenger contains a directory traversal vulnerability that allows an attacker to access sensitive files outside the intended directory, potentially leading to configuration leakage or arbitrary file access.",
"vendor": "Srimax"
},
{
"cve": "CVE-2025-29824",
"date_added": "2025-04-08",
"due_date": "2025-04-29",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-29824 ; https://nvd.nist.gov/vuln/detail/CVE-2025-29824",
"percentile": null,
"poc_count": 12,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-30066",
"date_added": "2025-03-18",
"due_date": "2025-04-08",
"epss": null,
"notes": "This vulnerability affects a common open-source project, third-party library, or a protocol used by different products. For more information, please see: CISA Mitigation Instructions: https://www.cisa.gov/news-events/alerts/2025/03/18/supply-chain-compromise-third-party-tj-actionschanged-files-cve-2025-30066-and-reviewdogaction ; Additional References: https://github.com/tj-actions/changed-files/blob/45fb12d7a8bedb4da42342e52fe054c6c2c3fd73/README.md?plain=1#L20-L28 ; https://nvd.nist.gov/vuln/detail/CVE-2025-30066",
"percentile": null,
"poc_count": 14,
"product": "changed-files GitHub Action",
"required_action": "Apply mitigations as set forth in the CISA instructions linked below. Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "tj-actions/changed-files GitHub Action contains an embedded malicious code vulnerability that allows a remote attacker to discover secrets by reading Github Actions Workflow Logs. These secrets may include, but are not limited to, valid AWS access keys, GitHub personal access tokens (PATs), npm tokens, and private RSA keys.",
"vendor": "tj-actions"
},
{
"cve": "CVE-2025-30154",
"date_added": "2025-03-24",
"due_date": "2025-04-14",
"epss": null,
"notes": "This vulnerability affects a common open-source project, third-party library, or a protocol used by different products. For more information, please see: CISA Mitigation Instructions: https://www.cisa.gov/news-events/alerts/2025/03/18/supply-chain-compromise-third-party-tj-actionschanged-files-cve-2025-30066-and-reviewdogaction ; Additional References: https://github.com/reviewdog/reviewdog/security/advisories/GHSA-qmg3-hpqr-gqvc ; https://nvd.nist.gov/vuln/detail/CVE-2025-30154",
"percentile": null,
"poc_count": 4,
"product": "action-setup GitHub Action",
"required_action": "Apply mitigations as set forth in the CISA instructions linked below. Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "reviewdog action-setup GitHub Action contains an embedded malicious code vulnerability that dumps exposed secrets to Github Actions Workflow Logs.",
"vendor": "reviewdog"
},
{
"cve": "CVE-2025-30397",
"date_added": "2025-05-13",
"due_date": "2025-06-03",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-30397 ; https://nvd.nist.gov/vuln/detail/CVE-2025-30397",
"percentile": null,
"poc_count": 18,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Scripting Engine contains a type confusion vulnerability that allows an unauthorized attacker to execute code over a network via a specially crafted URL.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-30400",
"date_added": "2025-05-13",
"due_date": "2025-06-03",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-30400 ; https://nvd.nist.gov/vuln/detail/CVE-2025-30400",
"percentile": null,
"poc_count": 7,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows DWM Core Library contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-30406",
"date_added": "2025-04-08",
"due_date": "2025-04-29",
"epss": null,
"notes": "https://gladinetsupport.s3.us-east-1.amazonaws.com/gladinet/securityadvisory-cve-2005.pdf ; https://gladinetsupport.s3.us-east-1.amazonaws.com/gladinet/securityadvisory-cve-2025-triofox.pdf ; https://nvd.nist.gov/vuln/detail/CVE-2025-30406",
"percentile": null,
"poc_count": 11,
"product": "CentreStack",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Gladinet CentreStack and Triofox contains a use of hard-coded cryptographic key vulnerability in the way that the application manages keys used for ViewState integrity verification. Successful exploitation allows an attacker to forge ViewState payloads for server-side deserialization, allowing for remote code execution.",
"vendor": "Gladinet"
},
{
"cve": "CVE-2025-31161",
"date_added": "2025-04-07",
"due_date": "2025-04-28",
"epss": null,
"notes": "https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update ; https://nvd.nist.gov/vuln/detail/CVE-2025-31161",
"percentile": null,
"poc_count": 28,
"product": "CrushFTP",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "CrushFTP contains an authentication bypass vulnerability in the HTTP authorization header that allows a remote unauthenticated attacker to authenticate to any known or guessable user account (e.g., crushadmin), potentially leading to a full compromise.",
"vendor": "CrushFTP"
},
{
"cve": "CVE-2025-31200",
"date_added": "2025-04-17",
"due_date": "2025-05-08",
"epss": null,
"notes": "https://support.apple.com/en-us/122282 ; https://support.apple.com/en-us/122400 ; https://support.apple.com/en-us/122401 ; https://support.apple.com/en-us/122402 ; https://nvd.nist.gov/vuln/detail/CVE-2025-31200",
"percentile": null,
"poc_count": 14,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apple iOS, iPadOS, macOS, and other Apple products contain a memory corruption vulnerability that allows for code execution when processing an audio stream in a maliciously crafted media file.",
"vendor": "Apple"
},
{
"cve": "CVE-2025-31201",
"date_added": "2025-04-17",
"due_date": "2025-05-08",
"epss": null,
"notes": "https://support.apple.com/en-us/122282 ; https://support.apple.com/en-us/122400 ; https://support.apple.com/en-us/122401 ; https://support.apple.com/en-us/122402 ; https://nvd.nist.gov/vuln/detail/CVE-2025-31201",
"percentile": null,
"poc_count": 5,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apple iOS, iPadOS, macOS, and other Apple products contain an arbitrary read and write vulnerability that allows an attacker to bypass Pointer Authentication.",
"vendor": "Apple"
},
{
"cve": "CVE-2025-31324",
"date_added": "2025-04-29",
"due_date": "2025-05-20",
"epss": null,
"notes": "https://me.sap.com/notes/3594142 ; https://nvd.nist.gov/vuln/detail/CVE-2025-31324",
"percentile": null,
"poc_count": 30,
"product": "NetWeaver",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries.",
"vendor": "SAP"
},
{
"cve": "CVE-2025-32433",
"date_added": "2025-06-09",
"due_date": "2025-06-30",
"epss": null,
"notes": "This vulnerability affects a common open-source project, third-party library, or a protocol used by different products. For more information, please see: https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2 ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-erlang-otp-ssh-xyZZy ; https://nvd.nist.gov/vuln/detail/CVE-2025-32433",
"percentile": null,
"poc_count": 64,
"product": "Erlang/OTP",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Erlang Erlang/OTP SSH server contains a missing authentication for critical function vulnerability. This could allow an attacker to execute arbitrary commands without valid credentials, potentially leading to unauthenticated remote code execution (RCE). By exploiting a flaw in how SSH protocol messages are handled, a malicious actor could gain unauthorized access to affected systems. This vulnerability could affect various products that implement Erlang/OTP SSH server, including—but not limited to—Cisco, NetApp, and SUSE.",
"vendor": "Erlang"
},
{
"cve": "CVE-2025-32463",
"date_added": "2025-09-29",
"due_date": "2025-10-20",
"epss": null,
"notes": "This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://www.sudo.ws/security/advisories/chroot_bug/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-32463",
"percentile": null,
"poc_count": 97,
"product": "Sudo",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Sudo contains an inclusion of functionality from untrusted control sphere vulnerability. This vulnerability could allow local attacker to leverage sudos -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.",
"vendor": "Sudo"
},
{
"cve": "CVE-2025-3248",
"date_added": "2025-05-05",
"due_date": "2025-05-26",
"epss": null,
"notes": "This vulnerability affects a common open-source project, third-party library, or a protocol used by different products. For more information, please see: https://github.com/advisories/GHSA-c995-4fw3-j39m ; https://nvd.nist.gov/vuln/detail/CVE-2025-3248",
"percentile": null,
"poc_count": 62,
"product": "Langflow",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Langflow contains a missing authentication vulnerability in the /api/v1/validate/code endpoint that allows a remote, unauthenticated attacker to execute arbitrary code via crafted HTTP requests.",
"vendor": "Langflow"
},
{
"cve": "CVE-2025-32701",
"date_added": "2025-05-13",
"due_date": "2025-06-03",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-32701 ; https://nvd.nist.gov/vuln/detail/CVE-2025-32701",
"percentile": null,
"poc_count": 2,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-32706",
"date_added": "2025-05-13",
"due_date": "2025-06-03",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-32706 ; https://nvd.nist.gov/vuln/detail/CVE-2025-32706",
"percentile": null,
"poc_count": 4,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Common Log File System (CLFS) Driver contains a heap-based buffer overflow vulnerability that allows an authorized attacker to elevate privileges locally.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-32709",
"date_added": "2025-05-13",
"due_date": "2025-06-03",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-32709 ; https://nvd.nist.gov/vuln/detail/CVE-2025-32709",
"percentile": null,
"poc_count": 5,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Ancillary Function Driver for WinSock contains a use-after-free vulnerability that allows an authorized attacker to escalate privileges to administrator.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-32756",
"date_added": "2025-05-14",
"due_date": "2025-06-04",
"epss": null,
"notes": "https://fortiguard.fortinet.com/psirt/FG-IR-25-254 ; https://nvd.nist.gov/vuln/detail/CVE-2025-32756",
"percentile": null,
"poc_count": 15,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Fortinet FortiFone, FortiVoice, FortiNDR and FortiMail contain a stack-based overflow vulnerability that may allow a remote unauthenticated attacker to execute arbitrary code or commands via crafted HTTP requests.",
"vendor": "Fortinet"
},
{
"cve": "CVE-2025-33053",
"date_added": "2025-06-10",
"due_date": "2025-07-01",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-33053 ; https://nvd.nist.gov/vuln/detail/CVE-2025-33053",
"percentile": null,
"poc_count": 18,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execute code from a remote WebDAV location specified by the WorkingDirectory attribute of Internet Shortcut files.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-33073",
"date_added": "2025-10-20",
"due_date": "2025-11-10",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-33073 ; https://nvd.nist.gov/vuln/detail/CVE-2025-33073",
"percentile": null,
"poc_count": 49,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows SMB Client contains an improper access control vulnerability that could allow for privilege escalation. An attacker could execute a specially crafted malicious script to coerce the victim machine to connect back to the attack system using SMB and authenticate.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-34028",
"date_added": "2025-05-02",
"due_date": "2025-05-23",
"epss": null,
"notes": "https://documentation.commvault.com/securityadvisories/CV_2025_04_1.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-34028",
"percentile": null,
"poc_count": 10,
"product": "Command Center",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Commvault Command Center contains a path traversal vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code.",
"vendor": "Commvault"
},
{
"cve": "CVE-2025-35939",
"date_added": "2025-06-02",
"due_date": "2025-06-23",
"epss": null,
"notes": "https://github.com/craftcms/cms/pull/17220 ; https://nvd.nist.gov/vuln/detail/CVE-2025-35939",
"percentile": null,
"poc_count": 2,
"product": "Craft CMS",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Craft CMS contains an external control of assumed-immutable web parameter vulnerability. This vulnerability could allow an unauthenticated client to introduce arbitrary values, such as PHP code, to a known local file location on the server. This vulnerability could be chained with CVE-2024-58136 as represented by CVE-2025-32432.",
"vendor": "Craft CMS"
},
{
"cve": "CVE-2025-38352",
"date_added": "2025-09-04",
"due_date": "2025-09-25",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=2c72fe18cc5f9f1750f5bc148cf1c94c29e106ff ; https://source.android.com/docs/security/bulletin/2025-09-01 ; https://nvd.nist.gov/vuln/detail/CVE-2025-38352",
"percentile": null,
"poc_count": 5,
"product": "Kernel",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Linux kernel contains a time-of-check time-of-use (TOCTOU) race condition vulnerability that has a high impact on confidentiality, integrity, and availability.",
"vendor": "Linux"
},
{
"cve": "CVE-2025-3928",
"date_added": "2025-04-28",
"due_date": "2025-05-19",
"epss": null,
"notes": "https://documentation.commvault.com/securityadvisories/CV_2025_03_1.html; https://www.commvault.com/blogs/notice-security-advisory-update; https://nvd.nist.gov/vuln/detail/CVE-2025-3928",
"percentile": null,
"poc_count": 2,
"product": "Web Server",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Commvault Web Server contains an unspecified vulnerability that allows a remote, authenticated attacker to create and execute webshells.",
"vendor": "Commvault"
},
{
"cve": "CVE-2025-3935",
"date_added": "2025-06-02",
"due_date": "2025-06-23",
"epss": null,
"notes": "https://www.connectwise.com/company/trust/security-bulletins/screenconnect-security-patch-2025.4 ; https://nvd.nist.gov/vuln/detail/CVE-2025-3935",
"percentile": null,
"poc_count": 2,
"product": "ScreenConnect",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "ConnectWise ScreenConnect contains an improper authentication vulnerability. This vulnerability could allow a ViewState code injection attack, which could allow remote code execution if machine keys are compromised.",
"vendor": "ConnectWise"
},
{
"cve": "CVE-2025-4008",
"date_added": "2025-10-02",
"due_date": "2025-10-23",
"epss": null,
"notes": "https://forum.meteohub.de/viewtopic.php?t=18687 ; https://nvd.nist.gov/vuln/detail/CVE-2025-4008",
"percentile": null,
"poc_count": 2,
"product": "Meteobridge",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Smartbedded Meteobridge contains a command injection vulnerability that could allow remote unauthenticated attackers to gain arbitrary command execution with elevated privileges (root) on affected devices.",
"vendor": "Smartbedded"
},
{
"cve": "CVE-2025-42599",
"date_added": "2025-04-28",
"due_date": "2025-05-19",
"epss": null,
"notes": "https://www.qualitia.com/jp/news/2025/04/18_1030.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-42599",
"percentile": null,
"poc_count": 3,
"product": "Active! Mail",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Qualitia Active! Mail contains a stack-based buffer overflow vulnerability that allows a remote, unauthenticated attacker to execute arbitrary or trigger a denial-of-service via a specially crafted request.",
"vendor": "Qualitia"
},
{
"cve": "CVE-2025-42999",
"date_added": "2025-05-15",
"due_date": "2025-06-05",
"epss": null,
"notes": "SAP users must have an account to log in and access the patch: https://me.sap.com/notes/3604119 ; https://nvd.nist.gov/vuln/detail/CVE-2025-42999",
"percentile": null,
"poc_count": 4,
"product": "NetWeaver",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "SAP NetWeaver Visual Composer Metadata Uploader contains a deserialization vulnerability that allows a privileged attacker to compromise the confidentiality, integrity, and availability of the host system by deserializing untrusted or malicious content.",
"vendor": "SAP"
},
{
"cve": "CVE-2025-43200",
"date_added": "2025-06-16",
"due_date": "2025-07-07",
"epss": null,
"notes": "https://support.apple.com/en-us/122174 ; https://support.apple.com/en-us/122173 ; https://support.apple.com/en-us/122900 ; https://support.apple.com/en-us/122901 ; https://support.apple.com/en-us/122902 ; https://support.apple.com/en-us/122903 ; https://support.apple.com/en-us/122904 ; https://nvd.nist.gov/vuln/detail/CVE-2025-43200",
"percentile": null,
"poc_count": 4,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apple iOS, iPadOS, macOS, watchOS, and visionOS, contain an unspecified vulnerability when processing a maliciously crafted photo or video shared via an iCloud Link.",
"vendor": "Apple"
},
{
"cve": "CVE-2025-43300",
"date_added": "2025-08-21",
"due_date": "2025-09-11",
"epss": null,
"notes": "https://support.apple.com/en-us/124925 ; https://support.apple.com/en-us/124926 ; https://support.apple.com/en-us/124927 ; https://support.apple.com/en-us/124928 ; https://support.apple.com/en-us/124929 ; https://nvd.nist.gov/vuln/detail/CVE-2025-43300",
"percentile": null,
"poc_count": 19,
"product": "iOS, iPadOS, and macOS",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apple iOS, iPadOS, and macOS contain an out-of-bounds write vulnerability in the Image I/O framework.",
"vendor": "Apple"
},
{
"cve": "CVE-2025-4427",
"date_added": "2025-05-19",
"due_date": "2025-06-09",
"epss": null,
"notes": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM ; https://nvd.nist.gov/vuln/detail/CVE-2025-4427",
"percentile": null,
"poc_count": 7,
"product": "Endpoint Manager Mobile (EPMM)",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Ivanti Endpoint Manager Mobile (EPMM) contains an authentication bypass vulnerability in the API component that allows an attacker to access protected resources without proper credentials via crafted API requests. This vulnerability results from an insecure implementation of the Spring Framework open-source library.",
"vendor": "Ivanti"
},
{
"cve": "CVE-2025-4428",
"date_added": "2025-05-19",
"due_date": "2025-06-09",
"epss": null,
"notes": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM ; https://nvd.nist.gov/vuln/detail/CVE-2025-4428",
"percentile": null,
"poc_count": 8,
"product": "Endpoint Manager Mobile (EPMM)",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability in the API component that allows an authenticated attacker to remotely execute arbitrary code via crafted API requests. This vulnerability results from an insecure implementation of the Hibernate Validator open-source library, as represented by CVE-2025-35036.",
"vendor": "Ivanti"
},
{
"cve": "CVE-2025-4632",
"date_added": "2025-05-22",
"due_date": "2025-06-12",
"epss": null,
"notes": "https://security.samsungtv.com/securityUpdates#SVP-MAY-2025 ; https://nvd.nist.gov/vuln/detail/CVE-2025-4632",
"percentile": null,
"poc_count": 5,
"product": "MagicINFO 9 Server",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Samsung MagicINFO 9 Server contains a path traversal vulnerability that allows an attacker to write arbitrary file as system authority.",
"vendor": "Samsung"
},
{
"cve": "CVE-2025-47729",
"date_added": "2025-05-12",
"due_date": "2025-06-02",
"epss": null,
"notes": "Apply mitigations per vendor instructions. Absent mitigating instructions from the vendor, discontinue use of the product. ; https://nvd.nist.gov/vuln/detail/CVE-2025-47729",
"percentile": null,
"poc_count": 3,
"product": "TM SGNL",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "TeleMessage TM SGNL contains a hidden functionality vulnerability in which the archiving backend holds cleartext copies of messages from TM SGNL application users.",
"vendor": "TeleMessage"
},
{
"cve": "CVE-2025-47812",
"date_added": "2025-07-14",
"due_date": "2025-08-04",
"epss": null,
"notes": "https://www.wftpserver.com/serverhistory.htm ; https://nvd.nist.gov/vuln/detail/CVE-2025-47812",
"percentile": null,
"poc_count": 20,
"product": "Wing FTP Server",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Wing FTP Server contains an improper neutralization of null byte or NUL character vulnerability that can allow injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default).",
"vendor": "Wing FTP Server"
},
{
"cve": "CVE-2025-47827",
"date_added": "2025-10-14",
"due_date": "2025-11-04",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-47827 ; https://nvd.nist.gov/vuln/detail/CVE-2025-47827",
"percentile": null,
"poc_count": 2,
"product": "IGEL OS",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "IGEL OS contains a use of a key past its expiration date vulnerability that allows for Secure Boot bypass. The igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image.",
"vendor": "IGEL"
},
{
"cve": "CVE-2025-48384",
"date_added": "2025-08-25",
"due_date": "2025-09-15",
"epss": null,
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9 ; https://access.redhat.com/errata/RHSA-2025:13933 ; https://alas.aws.amazon.com/AL2/ALAS2-2025-2941.html ; https://linux.oracle.com/errata/ELSA-2025-11534.html ; https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48384 ; https://nvd.nist.gov/vuln/detail/CVE-2025-48384",
"percentile": null,
"poc_count": 54,
"product": "Git",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Git contains a link following vulnerability that stems from Gits inconsistent handling of carriage return characters in configuration files.",
"vendor": "Git"
},
{
"cve": "CVE-2025-48543",
"date_added": "2025-09-04",
"due_date": "2025-09-25",
"epss": null,
"notes": "https://source.android.com/docs/security/bulletin/2025-09-01 ; https://nvd.nist.gov/vuln/detail/CVE-2025-48543",
"percentile": null,
"poc_count": 5,
"product": "Runtime",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Android Runtime contains a use-after-free vulnerability potentially allowing a chrome sandbox escape leading to local privilege escalation.",
"vendor": "Android"
},
{
"cve": "CVE-2025-48703",
"date_added": "2025-11-04",
"due_date": "2025-11-25",
"epss": null,
"notes": "https://control-webpanel.com/changelog ; https://nvd.nist.gov/vuln/detail/CVE-2025-48703",
"percentile": null,
"poc_count": 7,
"product": "Control Web Panel",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command Injection vulnerability that allows unauthenticated remote code execution via shell metacharacters in the t_total parameter in a filemanager changePerm request. A valid non-root username must be known.",
"vendor": "CWP"
},
{
"cve": "CVE-2025-48927",
"date_added": "2025-07-01",
"due_date": "2025-07-22",
"epss": null,
"notes": "It is recommended that mitigations be applied per vendor instructions if available. If these instructions cannot be located or if mitigations are unavailable, discontinue use of the product. ; https://nvd.nist.gov/vuln/detail/CVE-2025-48927",
"percentile": null,
"poc_count": 2,
"product": "TM SGNL",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability. This vulnerability relies on how the Spring Boot Actuator is configured with an exposed heap dump endpoint at a /heapdump URI.",
"vendor": "TeleMessage"
},
{
"cve": "CVE-2025-48928",
"date_added": "2025-07-01",
"due_date": "2025-07-22",
"epss": null,
"notes": "It is recommended that mitigations be applied per vendor instructions if available. If these instructions cannot be located or if mitigations are unavailable, discontinue use of the product. ; https://nvd.nist.gov/vuln/detail/CVE-2025-48928",
"percentile": null,
"poc_count": 2,
"product": "TM SGNL",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "TeleMessage TM SGNL contains an exposure of core dump file to an unauthorized control sphere Vulnerability. This vulnerability is based on a JSP application in which the heap content is roughly equivalent to a \"core dump\" in which a password previously sent over HTTP would be included in this dump.",
"vendor": "TeleMessage"
},
{
"cve": "CVE-2025-49704",
"date_added": "2025-07-22",
"due_date": "2025-07-23",
"epss": null,
"notes": "CISA Mitigation Instructions: https://www.cisa.gov/news-events/alerts/2025/07/20/microsoft-releases-guidance-exploitation-sharepoint-vulnerability-cve-2025-53770; https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/ ; https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49704 ; https://nvd.nist.gov/vuln/detail/CVE-2025-49704",
"percentile": null,
"poc_count": 16,
"product": "SharePoint",
"required_action": "Disconnect public-facing versions of SharePoint Server that have reached their end-of-life (EOL) or end-of-service (EOS) to include SharePoint Server 2013 and earlier versions. For supported versions, please follow the mitigations according to CISA (URL listed below in Notes) and vendor instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.",
"short_description": "Microsoft SharePoint contains a code injection vulnerability that could allow an authorized attacker to execute code over a network. This vulnerability could be chained with CVE-2025-49706. CVE-2025-53770 is a patch bypass for CVE-2025-49704, and the updates for CVE-2025-53770 include more robust protection than those for CVE-2025-49704.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-49706",
"date_added": "2025-07-22",
"due_date": "2025-07-23",
"epss": null,
"notes": "CISA Mitigation Instructions: https://www.cisa.gov/news-events/alerts/2025/07/20/microsoft-releases-guidance-exploitation-sharepoint-vulnerability-cve-2025-53770 ; https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/ ; https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49706 ; https://nvd.nist.gov/vuln/detail/CVE-2025-49706",
"percentile": null,
"poc_count": 21,
"product": "SharePoint",
"required_action": "Disconnect public-facing versions of SharePoint Server that have reached their end-of-life (EOL) or end-of-service (EOS) to include SharePoint Server 2013 and earlier versions. For supported versions, please follow the mitigations according to CISA (URL listed below in Notes) and vendor instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.",
"short_description": "Microsoft SharePoint contains an improper authentication vulnerability that allows an authorized attacker to perform spoofing over a network. Successfully exploitation could allow an attacker to view sensitive information and make some changes to disclosed information. This vulnerability could be chained with CVE-2025-49704. CVE-2025-53771 is a patch bypass for CVE-2025-49706, and the updates for CVE-2025-53771 include more robust protection than those for CVE-2025-49706.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-5086",
"date_added": "2025-09-11",
"due_date": "2025-10-02",
"epss": null,
"notes": "https://www.3ds.com/trust-center/security/security-advisories/cve-2025-5086 ; https://nvd.nist.gov/vuln/detail/CVE-2025-5086",
"percentile": null,
"poc_count": 7,
"product": "DELMIA Apriso",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Dassault Systèmes DELMIA Apriso contains a deserialization of untrusted data vulnerability that could lead to a remote code execution.",
"vendor": "Dassault Systèmes"
},
{
"cve": "CVE-2025-53690",
"date_added": "2025-09-04",
"due_date": "2025-09-25",
"epss": null,
"notes": "https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1003865 ; https://nvd.nist.gov/vuln/detail/CVE-2025-53690",
"percentile": null,
"poc_count": 9,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud contain a deserialization of untrusted data vulnerability involving the use of default machine keys. This flaw allows attackers to exploit exposed ASP.NET machine keys to achieve remote code execution.",
"vendor": "Sitecore"
},
{
"cve": "CVE-2025-53770",
"date_added": "2025-07-20",
"due_date": "2025-07-21",
"epss": null,
"notes": "CISA Mitigation Instructions: https://www.cisa.gov/news-events/alerts/2025/07/20/microsoft-releases-guidance-exploitation-sharepoint-vulnerability-cve-2025-53770; https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/ ; https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53770 ; https://nvd.nist.gov/vuln/detail/CVE-2025-53770",
"percentile": null,
"poc_count": 84,
"product": "SharePoint",
"required_action": "Disconnect public-facing versions of SharePoint Server that have reached their end-of-life (EOL) or end-of-service (EOS) to include SharePoint Server 2013 and earlier versions. For supported versions, please follow the mitigations according to CISA (URL listed below in Notes) and vendor instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.",
"short_description": "Microsoft SharePoint Server on-premises contains a deserialization of untrusted data vulnerability that could allow an unauthorized attacker to execute code over a network. This vulnerability could be chained with CVE-2025-53771. CVE-2025-53770 is a patch bypass for CVE-2025-49704, and the updates for CVE-2025-53770 include more robust protection than those for CVE-2025-49704.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2025-5419",
"date_added": "2025-06-05",
"due_date": "2025-06-26",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop.html; https://nvd.nist.gov/vuln/detail/CVE-2025-5419\",",
"percentile": null,
"poc_count": 16,
"product": "Chromium V8",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium V8 contains an out-of-bounds read and write vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",
"vendor": "Google"
},
{
"cve": "CVE-2025-54236",
"date_added": "2025-10-24",
"due_date": "2025-11-14",
"epss": null,
"notes": "https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397 ; https://nvd.nist.gov/vuln/detail/CVE-2025-54236",
"percentile": null,
"poc_count": 3,
"product": "Commerce andMagento",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Adobe Commerce and Magento Open Source contain an improper input validation vulnerability that could allow an attacker to take over customer accounts through the Commerce REST API.",
"vendor": "Adobe"
},
{
"cve": "CVE-2025-54253",
"date_added": "2025-10-15",
"due_date": "2025-11-05",
"epss": null,
"notes": "https://helpx.adobe.com/security/products/aem-forms/apsb25-82.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-54253",
"percentile": null,
"poc_count": 7,
"product": "Experience Manager (AEM) Forms",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Adobe Experience Manager Forms in JEE contains an unspecified vulnerability that allows for arbitrary code execution.",
"vendor": "Adobe"
},
{
"cve": "CVE-2025-54309",
"date_added": "2025-07-22",
"due_date": "2025-08-12",
"epss": null,
"notes": "https://www.crushftp.com/crush11wiki/Wiki.jsp?page=CompromiseJuly2025 ; https://nvd.nist.gov/vuln/detail/CVE-2025-54309",
"percentile": null,
"poc_count": 15,
"product": "CrushFTP",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "CrushFTP contains an unprotected alternate channel vulnerability. When the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obtain admin access via HTTPS.",
"vendor": "CrushFTP"
},
{
"cve": "CVE-2025-54948",
"date_added": "2025-08-18",
"due_date": "2025-09-08",
"epss": null,
"notes": "https://success.trendmicro.com/en-US/solution/KA-0020652 ; N/A ; https://nvd.nist.gov/vuln/detail/CVE-2025-54948",
"percentile": null,
"poc_count": 5,
"product": "Apex One",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Trend Micro Apex One Management Console (on-premise) contains an OS command injection vulnerability that could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.",
"vendor": "Trend Micro"
},
{
"cve": "CVE-2025-55177",
"date_added": "2025-09-02",
"due_date": "2025-09-23",
"epss": null,
"notes": "https://www.whatsapp.com/security/advisories/2025/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-55177",
"percentile": null,
"poc_count": 3,
"product": "WhatsApp",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Meta Platforms WhatsApp contains an incorrect authorization vulnerability due to an incomplete authorization of linked device synchronization messages. This vulnerability could allow an unrelated user to trigger processing of content from an arbitrary URL on a targets device.",
"vendor": "Meta Platforms"
},
{
"cve": "CVE-2025-5777",
"date_added": "2025-07-10",
"due_date": "2025-07-11",
"epss": null,
"notes": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420 ; https://nvd.nist.gov/vuln/detail/CVE-2025-5777",
"percentile": null,
"poc_count": 37,
"product": "NetScaler ADC and Gateway",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.",
"vendor": "Citrix"
},
{
"cve": "CVE-2025-57819",
"date_added": "2025-08-29",
"due_date": "2025-09-19",
"epss": null,
"notes": "https://github.com/FreePBX/security-reporting/security/advisories/GHSA-m42g-xg4c-5f3h ; https://nvd.nist.gov/vuln/detail/CVE-2025-57819",
"percentile": null,
"poc_count": 16,
"product": "FreePBX",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Sangoma FreePBX contains an authentication bypass vulnerability due to insufficiently sanitized user-supplied data allows unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution.",
"vendor": "Sangoma"
},
{
"cve": "CVE-2025-6218",
"date_added": "2025-12-09",
"due_date": "2025-12-30",
"epss": null,
"notes": "https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=276&cHash=b5165454d983fc9717bc8748901a64f9 ; https://nvd.nist.gov/vuln/detail/CVE-2025-6218",
"percentile": null,
"poc_count": 10,
"product": "WinRAR",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the current user.",
"vendor": "RARLAB"
},
{
"cve": "CVE-2025-6543",
"date_added": "2025-06-30",
"due_date": "2025-07-21",
"epss": null,
"notes": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788 ; https://www.netscaler.com/blog/news/netscaler-critical-security-updates-for-cve-2025-6543-and-cve-2025-5777/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-6543",
"percentile": null,
"poc_count": 17,
"product": "NetScaler ADC and Gateway",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended control flow and Denial of Service. NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.",
"vendor": "Citrix"
},
{
"cve": "CVE-2025-6554",
"date_added": "2025-07-02",
"due_date": "2025-07-23",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_30.html?m=1 ; https://nvd.nist.gov/vuln/detail/CVE-2025-6554",
"percentile": null,
"poc_count": 12,
"product": "Chromium V8",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium V8 contains a type confusion vulnerability that could allow a remote attacker to perform arbitrary read/write via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",
"vendor": "Google"
},
{
"cve": "CVE-2025-6558",
"date_added": "2025-07-22",
"due_date": "2025-08-12",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-6558",
"percentile": null,
"poc_count": 9,
"product": "Chromium",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium contains an improper input validation vulnerability in ANGLE and GPU. This vulnerability could allow a remote attacker to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",
"vendor": "Google"
}
]
}
Reference in New Issue View Git Blame Copy Permalink