CVE-2020-8644 - PlaySMS Server-Side Template Injection Vulnerability -

Action Due May 03, 2022 Target Vendor : PlaySMS

Description : PlaySMS contains a server-side template injection vulnerability that allows for remote code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2019-18935 - Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability -

Action Due May 03, 2022 Target Vendor : Progress

Description : Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload which leads to code execution on the server in the context of the w3wp.exe process.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

CVE-2021-22893 - Ivanti Pulse Connect Secure Use-After-Free Vulnerability -

Action Due Apr 23, 2021 Target Vendor : Ivanti

Description : Ivanti Pulse Connect Secure contains a use-after-free vulnerability that allow a remote, unauthenticated attacker to execute code via license services.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : Reference CISA's ED 21-03 (https://www.cisa.gov/emergency-directive-21-03) for further guidance and requirements.

CVE-2020-8243 - Ivanti Pulse Connect Secure Code Execution Vulnerability -

Action Due Apr 23, 2021 Target Vendor : Ivanti

Description : Ivanti Pulse Connect Secure contains an unspecified vulnerability in the admin web interface that could allow an authenticated attacker to upload a custom template to perform code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : Reference CISA's ED 21-03 (https://www.cisa.gov/emergency-directive-21-03) for further guidance and requirements.

CVE-2021-22900 - Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability -

Action Due Apr 23, 2021 Target Vendor : Ivanti

Description : Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : Reference CISA's ED 21-03 (https://www.cisa.gov/emergency-directive-21-03) for further guidance and requirements.

CVE-2021-22894 - Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability -

Action Due Apr 23, 2021 Target Vendor : Ivanti

Description : Ivanti Pulse Connect Secure Collaboration Suite contains a buffer overflow vulnerabilities that allows a remote authenticated users to execute code as the root user via maliciously crafted meeting room.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : Reference CISA's ED 21-03 (https://www.cisa.gov/emergency-directive-21-03) for further guidance and requirements.

CVE-2020-8260 - Ivanti Pulse Connect Secure Code Execution Vulnerability -

Action Due Apr 23, 2021 Target Vendor : Ivanti

Description : Pulse Connect Secure contains an unspecified vulnerability that allows an authenticated attacker to perform code execution using uncontrolled gzip extraction.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : Reference CISA's ED 21-03 (https://www.cisa.gov/emergency-directive-21-03) for further guidance and requirements.

CVE-2021-22899 - Ivanti Pulse Connect Secure Command Injection Vulnerability -

Action Due Apr 23, 2021 Target Vendor : Ivanti

Description : Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : Reference CISA's ED 21-03 (https://www.cisa.gov/emergency-directive-21-03) for further guidance and requirements.

CVE-2019-11510 - Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability -

Action Due Apr 23, 2021 Target Vendor : Ivanti

Description : Ivanti Pulse Connect Secure contains an arbitrary file read vulnerability that allows an unauthenticated remote attacker with network access via HTTPS to send a specially crafted URI.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : Reference CISA's ED 21-03 (https://www.cisa.gov/emergency-directive-21-03) for further guidance and requirements.

CVE-2019-11539 - Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description : Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject and execute commands.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

CVE-2021-1906 - Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Qualcomm

Description : Multiple Qualcomm chipsets contain a detection of error condition without action vulnerability when improper handling of address deregistration on failure can lead to new GPU address allocation failure.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2021-1905 - Qualcomm Multiple Chipsets Use-After-Free Vulnerability -

Action Due May 03, 2022 Target Vendor : Qualcomm

Description : Multiple Qualcomm Chipsets contain a use after free vulnerability due to improper handling of memory mapping of multiple processes simultaneously.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2020-10221 - rConfig OS Command Injection Vulnerability -

Action Due May 03, 2022 Target Vendor : rConfig

Description : rConfig lib/ajaxHandlers/ajaxAddTemplate.php contains an OS command injection vulnerability that allows remote attackers to execute OS commands via shell metacharacters in the fileName POST parameter.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2021-35395 - Realtek AP-Router SDK Buffer Overflow Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Realtek

Description : Realtek AP-Router SDK HTTP web server �boa� contains a buffer overflow vulnerability due to unsafe copies of some overly long parameters submitted in the form that lead to denial-of-service (DoS).

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2017-16651 - Roundcube Webmail File Disclosure Vulnerability -

Action Due May 03, 2022 Target Vendor : Roundcube

Description : Roundcube Webmail contains a file disclosure vulnerability caused by insufficient input validation in conjunction with file-based attachment plugins, which are used by default.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2020-11652 - SaltStack Salt Path Traversal Vulnerability -

Action Due May 03, 2022 Target Vendor : SaltStack

Description : SaltStack Salt contains a path traversal vulnerability in the salt-master process ClearFuncs which allows directory access to authenticated users. Salt users who follow fundamental internet security guidelines and best practices are not affected by this vulnerability.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2020-11651 - SaltStack Salt Authentication Bypass Vulnerability -

Action Due May 03, 2022 Target Vendor : SaltStack

Description : SaltStack Salt contains an authentication bypass vulnerability in the salt-master process ClearFuncs due to improperly validating method calls. The vulnerability allows a remote user to access some methods without authentication, which can be used to retrieve user tokens from the salt master and/or run commands on salt minions. Salt users who follow fundamental internet security guidelines and best practices are not affected by this vulnerability.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2020-16846 - SaltStack Salt Shell Injection Vulnerability -

Action Due May 03, 2022 Target Vendor : SaltStack

Description : SaltStack Salt allows an unauthenticated user with network access to the Salt API to use shell injections to run code on the Salt API using the SSH client. This vulnerability affects any users running the Salt API.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

CVE-2018-2380 - SAP Customer Relationship Management (CRM) Path Traversal Vulnerability -

Action Due May 03, 2022 Target Vendor : SAP

Description : SAP Customer Relationship Management (CRM) contains a path traversal vulnerability that allows an attacker to exploit insufficient validation of path information provided by users.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

CVE-2010-5326 - SAP NetWeaver Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : SAP

Description : SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote code execution via a HTTP or HTTPS request.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown