CVE-2017-9791 - Apache Struts 1 Improper Input Validation Vulnerability -

Action Due Aug 10, 2022 Target Vendor : Apache

Description : The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2017-8464 - Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability -

Action Due Aug 10, 2022 Target Vendor : Microsoft

Description : Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary code via a crafted .LNK file

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2017-10271 - Oracle Corporation WebLogic Server Remote Code Execution Vulnerability -

Action Due Aug 10, 2022 Target Vendor : Oracle

Description : Oracle Corporation WebLogic Server contains a vulnerability that allows for remote code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

CVE-2017-0263 - Microsoft Win32k Privilege Escalation Vulnerability -

Action Due Aug 10, 2022 Target Vendor : Microsoft

Description : Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2017-0262 - Microsoft Office Remote Code Execution Vulnerability -

Action Due Aug 10, 2022 Target Vendor : Microsoft

Description : A remote code execution vulnerability exists in Microsoft Office.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2017-0145 - Microsoft SMBv1 Remote Code Execution Vulnerability -

Action Due Aug 10, 2022 Target Vendor : Microsoft

Description : The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

CVE-2017-0144 - Microsoft SMBv1 Remote Code Execution Vulnerability -

Action Due Aug 10, 2022 Target Vendor : Microsoft

Description : The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

CVE-2016-3088 - Apache ActiveMQ Improper Input Validation Vulnerability -

Action Due Aug 10, 2022 Target Vendor : Apache

Description : The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2015-2051 - D-Link DIR-645 Router Remote Code Execution Vulnerability -

Action Due Aug 10, 2022 Target Vendor : D-Link

Description : D-Link DIR-645 Wired/Wireless Router allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.

Action : The impacted product is end-of-life and should be disconnected if still in use.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2015-1635 - Microsoft HTTP.sys Remote Code Execution Vulnerability -

Action Due Aug 10, 2022 Target Vendor : Microsoft

Description : Microsoft HTTP protocol stack (HTTP.sys) contains a vulnerability that allows for remote code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2015-1130 - Apple OS X Authentication Bypass Vulnerability -

Action Due Aug 10, 2022 Target Vendor : Apple

Description : The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2014-4404 - Apple OS X Heap-Based Buffer Overflow Vulnerability -

Action Due Aug 10, 2022 Target Vendor : Apple

Description : Heap-based buffer overflow in IOHIDFamily in Apple OS X, which affects, iOS before 8 and Apple TV before 7, allows attackers to execute arbitrary code in a privileged context.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2022-21882 - Microsoft Win32k Privilege Escalation Vulnerability -

Action Due Feb 18, 2022 Target Vendor : Microsoft

Description : Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2022-22587 - Apple Memory Corruption Vulnerability -

Action Due Feb 11, 2022 Target Vendor : Apple

Description : Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute arbitrary code with kernel privileges.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2021-20038 - SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability -

Action Due Feb 11, 2022 Target Vendor : SonicWall

Description : SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

CVE-2020-5722 - Grandstream Networks UCM6200 Series SQL Injection Vulnerability -

Action Due Jul 28, 2022 Target Vendor : Grandstream

Description : Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2020-0787 - Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability -

Action Due Jul 28, 2022 Target Vendor : Microsoft

Description : Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrary code with system-level privileges.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

CVE-2017-5689 - Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability -

Action Due Jul 28, 2022 Target Vendor : Intel

Description : Intel products contain a vulnerability which can allow attackers to perform privilege escalation.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2014-1776 - Microsoft Internet Explorer Memory Corruption Vulnerability -

Action Due Jul 28, 2022 Target Vendor : Microsoft

Description : Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code in the context of the current user.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://learn.microsoft.com/en-us/security-updates/SecurityBulletins/2014/ms14-021?redirectedfrom=MSDN

CVE-2014-6271 - GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability -

Action Due Jul 28, 2022 Target Vendor : GNU

Description : GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown