Active threat advisories and known exploited vulnerabilities.

Critical CVE-2020-3153 Cisco · AnyConnect Secure Added Oct 24, 2022

Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability

Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2018-19323 GIGABYTE · Multiple Products Added Oct 24, 2022

GIGABYTE Multiple Products Privilege Escalation Vulnerability

The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2018-19322 GIGABYTE · Multiple Products Added Oct 24, 2022

GIGABYTE Multiple Products Code Execution Vulnerability

The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2018-19321 GIGABYTE · Multiple Products Added Oct 24, 2022

GIGABYTE Multiple Products Privilege Escalation Vulnerability

The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2018-19320 GIGABYTE · Multiple Products Added Oct 24, 2022

GIGABYTE Multiple Products Unspecified Vulnerability

The GDrv low-level driver in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2022-41352 Synacor · Zimbra Collaboration Suite (ZCS) Added Oct 20, 2022

Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability

Synacor Zimbra Collaboration Suite (ZCS) allows an attacker to upload arbitrary files using cpio package to gain incorrect access to any other user accounts.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2021-3493 Linux · Kernel Added Oct 20, 2022

Linux Kernel Privilege Escalation Vulnerability

The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalation.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2022-40684 Fortinet · Multiple Products Added Oct 11, 2022

Fortinet Multiple Products Authentication Bypass Vulnerability

Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2022-41033 Microsoft · Windows COM+ Event System Service Added Oct 11, 2022

Microsoft Windows COM+ Event System Service Privilege Escalation Vulnerability

Microsoft Windows COM+ Event System Service contains an unspecified vulnerability that allows for privilege escalation.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2022-41082 Microsoft · Exchange Server Added Sep 30, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server contains an unspecified vulnerability that allows for authenticated remote code execution. Dubbed "ProxyNotShell," this vulnerability is chainable with CVE-2022-41040 which allows for the remote code execution.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2022-41040 Microsoft · Exchange Server Added Sep 30, 2022

Microsoft Exchange Server Server-Side Request Forgery Vulnerability

Microsoft Exchange Server allows for server-side request forgery. Dubbed "ProxyNotShell," this vulnerability is chainable with CVE-2022-41082 which allows for remote code execution.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2022-36804 Atlassian · Bitbucket Server and Data Center Added Sep 30, 2022

Atlassian Bitbucket Server and Data Center Command Injection Vulnerability

Multiple API endpoints of Atlassian Bitbucket Server and Data Center contain a command injection vulnerability where an attacker with access to a public Bitbucket repository, or with read permissions to a private one, can execute code by sending a malicious HTTP request.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2022-3236 Sophos · Firewall Added Sep 23, 2022

Sophos Firewall Code Injection Vulnerability

A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2022-35405 Zoho · ManageEngine Added Sep 22, 2022

Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability

Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability that allows for remote code execution.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2022-40139 Trend Micro · Apex One and Apex One as a Service Added Sep 15, 2022

Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability

Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2013-6282 Linux · Kernel Added Sep 15, 2022

Linux Kernel Improper Input Validation Vulnerability

The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. This allows an application to read and write kernel memory which could lead to privilege escalation.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2013-2597 Code Aurora · ACDB Audio Driver Added Sep 15, 2022

Code Aurora ACDB Audio Driver Stack-based Buffer Overflow Vulnerability

The Code Aurora audio calibration database (acdb) audio driver contains a stack-based buffer overflow vulnerability that allows for privilege escalation. Code Aurora is used in third-party products such as Qualcomm and Android.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2013-2596 Linux · Kernel Added Sep 15, 2022

Linux Kernel Integer Overflow Vulnerability

Linux kernel fb_mmap function in drivers/video/fbmem.c contains an integer overflow vulnerability that allows for privilege escalation.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2013-2094 Linux · Kernel Added Sep 15, 2022

Linux Kernel Privilege Escalation Vulnerability

Linux kernel fails to check all 64 bits of attr.config passed by user space, resulting to out-of-bounds access of the perf_swevent_enabled array in sw_perf_event_destroy(). Explotation allows for privilege escalation.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2010-2568 Microsoft · Windows Added Sep 15, 2022

Microsoft Windows Remote Code Execution Vulnerability

Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attacker who successfully exploited this vulnerability could execute code as the logged-on user.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2022-37969 Microsoft · Windows Added Sep 14, 2022

Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability

Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2022-32917 Apple · iOS, iPadOS, and macOS Added Sep 14, 2022

Apple iOS, iPadOS, and macOS Remote Code Execution Vulnerability

Apple kernel, which is included in iOS, iPadOS, and macOS, contains an unspecified vulnerability where an application may be able to execute code with kernel privileges.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2022-3075 Google · Chromium Mojo Added Sep 8, 2022

Google Chromium Mojo Insufficient Data Validation Vulnerability

Google Chromium Mojo contains an insufficient data validation vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2022-27593 QNAP · Photo Station Added Sep 8, 2022

QNAP Photo Station Externally Controlled Reference Vulnerability

Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2022-26258 D-Link · DIR-820L Added Sep 8, 2022

D-Link DIR-820L Remote Code Execution Vulnerability

D-Link DIR-820L contains an unspecified vulnerability in Device Name parameter in /lan.asp which allows for remote code execution.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed