CVE-2012-1823 - PHP-CGI Query String Parameter Vulnerability -

Action Due Apr 15, 2022 Target Vendor : PHP

Description : sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2012-1823

CVE-2010-4345 - Exim Privilege Escalation Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Exim

Description : Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2010-4345

CVE-2010-4344 - Exim Heap-Based Buffer Overflow Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Exim

Description : Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2010-4344

CVE-2010-3035 - Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Cisco

Description : Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2010-3035

CVE-2010-2861 - Adobe ColdFusion Directory Traversal Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Adobe

Description : A directory traversal vulnerability exists in the administrator console in Adobe ColdFusion which allows remote attackers to read arbitrary files.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2010-2861

CVE-2009-2055 - Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Cisco

Description : Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2009-2055

CVE-2009-1151 - phpMyAdmin Remote Code Execution Vulnerability -

Action Due Apr 15, 2022 Target Vendor : phpMyAdmin

Description : Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2009-1151

CVE-2009-0927 - Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Adobe

Description : Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2009-0927

CVE-2022-26318 - WatchGuard Firebox and XTM Appliances Arbitrary Code Execution -

Action Due Apr 15, 2022 Target Vendor : WatchGuard

Description : On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-26318

CVE-2020-9054 - Zyxel Multiple NAS Devices OS Command Injection Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Zyxel

Description : Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-9054

CVE-2020-1631 - Juniper Junos OS Path Traversal Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Juniper

Description : A path traversal vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform remote code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-1631

CVE-2019-2616 - Oracle BI Publisher Unauthorized Access Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Oracle

Description : Oracle BI Publisher, formerly XML Publisher, contains an unspecified vulnerability that allows for various unauthorized actions. Open-source reporting attributes this vulnerability to allowing for authentication bypass.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-2616

CVE-2019-11043 - PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability -

Action Due Apr 15, 2022 Target Vendor : PHP

Description : In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-11043

CVE-2018-11138 - Quest KACE System Management Appliance Remote Command Execution Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Quest

Description : The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance is accessible by anonymous users and can be abused to perform remote code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-11138

CVE-2017-12615 - Apache Tomcat on Windows Remote Code Execution Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Apache

Description : When running Apache Tomcat on Windows with HTTP PUTs enabled, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-12615

CVE-2016-0752 - Ruby on Rails Directory Traversal Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Rails

Description : Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-0752

CVE-2015-0666 - Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Cisco

Description : Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-0666

CVE-2013-4810 - HP Multiple Products Remote Code Execution Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Hewlett Packard (HP)

Description : HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2013-4810

CVE-2005-2773 - HP OpenView Network Node Manager Remote Code Execution Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Hewlett Packard (HP)

Description : HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2005-2773

CVE-2019-1405 - Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability -

Action Due Apr 05, 2022 Target Vendor : Microsoft

Description : A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1405