CVE-2019-1129 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -

Action Due Apr 05, 2022 Target Vendor : Microsoft

Description : A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1129

CVE-2022-26486 - Mozilla Firefox Use-After-Free Vulnerability -

Action Due Mar 21, 2022 Target Vendor : Mozilla

Description : Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-26486

CVE-2022-26485 - Mozilla Firefox Use-After-Free Vulnerability -

Action Due Mar 21, 2022 Target Vendor : Mozilla

Description : Mozilla Firefox contains a use-after-free vulnerability in XSLT parameter processing which can be exploited to perform arbitrary code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-26485

CVE-2021-21973 - VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability -

Action Due Mar 21, 2022 Target Vendor : VMware

Description : VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-21973

CVE-2020-8218 - Pulse Connect Secure Code Injection Vulnerability -

Action Due Sep 07, 2022 Target Vendor : Pulse Secure

Description : A code injection vulnerability exists in Pulse Connect Secure that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-8218

CVE-2019-11581 - Atlassian Jira Server and Data Center Server-Side Template Injection Vulnerability -

Action Due Sep 07, 2022 Target Vendor : Atlassian

Description : Atlassian Jira Server and Data Center contain a server-side template injection vulnerability which can allow for remote code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-11581

CVE-2017-6077 - NETGEAR DGN2200 Remote Code Execution Vulnerability -

Action Due Sep 07, 2022 Target Vendor : NETGEAR

Description : NETGEAR DGN2200 wireless routers contain a vulnerability that allows for remote code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-6077

CVE-2016-6277 - NETGEAR Multiple Routers Remote Code Execution Vulnerability -

Action Due Sep 07, 2022 Target Vendor : NETGEAR

Description : NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-6277

CVE-2013-0631 - Adobe ColdFusion Information Disclosure Vulnerability -

Action Due Sep 07, 2022 Target Vendor : Adobe

Description : Adobe Coldfusion contains an unspecified vulnerability, which could result in information disclosure from a compromised server.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2013-0631

CVE-2013-0629 - Adobe ColdFusion Directory Traversal Vulnerability -

Action Due Sep 07, 2022 Target Vendor : Adobe

Description : Adobe Coldfusion contains a directory traversal vulnerability, which could permit an unauthorized user access to restricted directories.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2013-0629

CVE-2009-3960 - Adobe BlazeDS Information Disclosure Vulnerability -

Action Due Sep 07, 2022 Target Vendor : Adobe

Description : Adobe BlazeDS, which is utilized in LifeCycle and Coldfusion, contains a vulnerability that allows for information disclosure.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2009-3960

CVE-2013-0625 - Adobe ColdFusion Authentication Bypass Vulnerability -

Action Due Sep 07, 2022 Target Vendor : Adobe

Description : Adobe Coldfusion contains an authentication bypass vulnerability, which could result in an unauthorized user gaining administrative access.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2013-0625

CVE-2022-20701 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -

Action Due Mar 17, 2022 Target Vendor : Cisco

Description : A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-20701

CVE-2022-20700 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -

Action Due Mar 17, 2022 Target Vendor : Cisco

Description : A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-20700

CVE-2022-20699 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -

Action Due Mar 17, 2022 Target Vendor : Cisco

Description : A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-20699

CVE-2021-41379 - Microsoft Windows Installer Privilege Escalation Vulnerability -

Action Due Mar 17, 2022 Target Vendor : Microsoft

Description : Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-41379

CVE-2020-1938 - Apache Tomcat Improper Privilege Management Vulnerability -

Action Due Mar 17, 2022 Target Vendor : Apache

Description : Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-1938

CVE-2020-11899 - Treck TCP/IP stack Out-of-Bounds Read Vulnerability -

Action Due Mar 17, 2022 Target Vendor : Treck TCP/IP stack

Description : The Treck TCP/IP stack contains an IPv6 out-of-bounds read vulnerability.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-11899

CVE-2019-16928 - Exim Out-of-bounds Write Vulnerability -

Action Due Mar 17, 2022 Target Vendor : Exim

Description : Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-16928

CVE-2019-1652 - Cisco Small Business Routers Improper Input Validation Vulnerability -

Action Due Mar 17, 2022 Target Vendor : Cisco

Description : A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1652