CVE-2021-32648 - October CMS Improper Authentication -

Action Due Feb 01, 2022 Target Vendor : October CMS

Description : In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-32648

CVE-2021-40870 - Aviatrix Controller Unrestricted Upload of File -

Action Due Feb 01, 2022 Target Vendor : Aviatrix

Description : Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-40870

CVE-2021-33766 - Microsoft Exchange Server Information Disclosure -

Action Due Feb 01, 2022 Target Vendor : Microsoft

Description : Microsoft Exchange Server contains an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-33766

CVE-2020-13927 - Apache Airflow's Experimental API Authentication Bypass -

Action Due Jul 18, 2022 Target Vendor : Apache

Description : The previous default setting for Airflow's Experimental API was to allow all API requests without authentication.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-13927

CVE-2021-22017 - VMware vCenter Server Improper Access Control -

Action Due Jan 24, 2022 Target Vendor : VMware

Description : Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-22017

CVE-2021-36260 - Hikvision Improper Input Validation -

Action Due Jan 24, 2022 Target Vendor : Hikvision

Description : A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-36260

CVE-2020-6572 - Google Chrome Media Prior to 81.0.4044.92 Use-After-Free Vulnerability -

Action Due Jul 10, 2022 Target Vendor : Google

Description : Google Chrome Media contains a use-after-free vulnerability that allows a remote attacker to execute code via a crafted HTML page.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-6572

CVE-2019-1458 - Microsoft Win32k Privilege Escalation Vulnerability -

Action Due Jul 10, 2022 Target Vendor : Microsoft

Description : A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1458

CVE-2013-3900 - Microsoft WinVerifyTrust function Remote Code Execution -

Action Due Jul 10, 2022 Target Vendor : Microsoft

Description : A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2013-3900

CVE-2019-2725 - Oracle WebLogic Server, Injection -

Action Due Jul 10, 2022 Target Vendor : Oracle

Description : Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-2725

CVE-2018-13382 - Fortinet FortiOS and FortiProxy Improper Authorization -

Action Due Jul 10, 2022 Target Vendor : Fortinet

Description : An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-13382

CVE-2018-13383 - Fortinet FortiOS and FortiProxy Out-of-bounds Write -

Action Due Jul 10, 2022 Target Vendor : Fortinet

Description : A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-13383

CVE-2019-1579 - Palo Alto Networks PAN-OS Remote Code Execution Vulnerability -

Action Due Jul 10, 2022 Target Vendor : Palo Alto Networks

Description : Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1579

CVE-2019-10149 - Exim Mail Transfer Agent (MTA) Improper Input Validation -

Action Due Jul 10, 2022 Target Vendor : Exim

Description : Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-10149

CVE-2017-1000486 - Primetek Primefaces Remote Code Execution Vulnerability -

Action Due Jul 10, 2022 Target Vendor : Primetek

Description : Primetek Primefaces is vulnerable to a weak encryption flaw resulting in remote code execution

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-1000486

CVE-2019-7609 - Kibana Arbitrary Code Execution -

Action Due Jul 10, 2022 Target Vendor : Elastic

Description : Kibana contain an arbitrary code execution flaw in the Timelion visualizer.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-7609

CVE-2021-27860 - FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit -

Action Due Jan 24, 2022 Target Vendor : FatPipe

Description : A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesystem.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-27860

CVE-2019-9670 - Synacor Zimbra Collaboration (ZCS) Improper Restriction of XML External Entity Reference -

Action Due Jul 10, 2022 Target Vendor : Synacor

Description : Improper Restriction of XML External Entity Reference vulnerability affecting Synacor Zimbra Collaboration (ZCS).

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-9670

CVE-2015-7450 - IBM WebSphere Application Server and Server Hypervisor Edition Code Injection. -

Action Due Jul 10, 2022 Target Vendor : IBM

Description : Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-7450

CVE-2021-43890 - Microsoft Windows AppX Installer Spoofing Vulnerability -

Action Due Dec 29, 2021 Target Vendor : Microsoft

Description : Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-43890