Cybersecurity Alerts

Actively Exploited Vulnerabilities

The vulnerabilities listed below are sourced from the CISA Known Exploited Vulnerabilities catalog and represent security flaws that are actively being exploited in the wild. This list is updated daily. If you are unsure whether your systems are affected, contact us and we will help you assess your exposure.

CVE-2022-21882
Microsoft | Win32k
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
Added 2022-02-04
Remediation Deadline 2022-02-18
CVE-2022-22587
Apple | iOS and macOS
Apple Memory Corruption Vulnerability
Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute arbitrary code with kernel privileges.
Added 2022-01-28
Remediation Deadline 2022-02-11
CVE-2021-20038Active Ransomware Campaign
SonicWall | SMA 100 Appliances
SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability
SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.
Added 2022-01-28
Remediation Deadline 2022-02-11
CVE-2020-5722
Grandstream | UCM6200
Grandstream Networks UCM6200 Series SQL Injection Vulnerability
Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root.
Added 2022-01-28
Remediation Deadline 2022-07-28
CVE-2020-0787Active Ransomware Campaign
Microsoft | Windows
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability
Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrary code with system-level privileges.
Added 2022-01-28
Remediation Deadline 2022-07-28
CVE-2017-5689
Intel | Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability
Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability
Intel products contain a vulnerability which can allow attackers to perform privilege escalation.
Added 2022-01-28
Remediation Deadline 2022-07-28
CVE-2014-7169
GNU | Bourne-Again Shell (Bash)
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271.
Added 2022-01-28
Remediation Deadline 2022-07-28
CVE-2014-6271
GNU | Bourne-Again Shell (Bash)
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.
Added 2022-01-28
Remediation Deadline 2022-07-28
CVE-2014-1776
Microsoft | Internet Explorer
Microsoft Internet Explorer Memory Corruption Vulnerability
Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code in the context of the current user.
Added 2022-01-28
Remediation Deadline 2022-07-28
CVE-2021-35247
SolarWinds | Serv-U
SolarWinds Serv-U Improper Input Validation Vulnerability
SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability that allows attackers to build and send queries without sanitization.
Added 2022-01-21
Remediation Deadline 2022-02-04
CVE-2018-8453Active Ransomware Campaign
Microsoft | Win32k
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Windows Win32k contains a vulnerability that allows an attacker to escalate privileges.
Added 2022-01-21
Remediation Deadline 2022-07-21
CVE-2012-0391
Apache | Struts 2
Apache Struts 2 Improper Input Validation Vulnerability
The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution.
Added 2022-01-21
Remediation Deadline 2022-07-21
CVE-2006-1547
Apache | Struts 1
Apache Struts 1 ActionForm Denial-of-Service Vulnerability
ActionForm in Apache Struts versions before 1.2.9 with BeanUtils 1.7 contains a vulnerability that allows for denial-of-service (DoS).
Added 2022-01-21
Remediation Deadline 2022-07-21
CVE-2021-40870
Aviatrix | Aviatrix Controller
Aviatrix Controller Unrestricted Upload of File
Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.
Added 2022-01-18
Remediation Deadline 2022-02-01
CVE-2021-33766
Microsoft | Exchange Server
Microsoft Exchange Server Information Disclosure
Microsoft Exchange Server contains an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target.
Added 2022-01-18
Remediation Deadline 2022-02-01
CVE-2021-32648
October CMS | October CMS
October CMS Improper Authentication
In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request.
Added 2022-01-18
Remediation Deadline 2022-02-01
CVE-2021-25298
Nagios | Nagios XI
Nagios XI OS Command Injection
Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.
Added 2022-01-18
Remediation Deadline 2022-02-01
CVE-2021-25297
Nagios | Nagios XI
Nagios XI OS Command Injection
Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.
Added 2022-01-18
Remediation Deadline 2022-02-01
CVE-2021-25296
Nagios | Nagios XI
Nagios XI OS Command Injection
Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.
Added 2022-01-18
Remediation Deadline 2022-02-01
CVE-2021-22991
F5 | BIG-IP Traffic Management Microkernel
F5 BIG-IP Traffic Management Microkernel Buffer Overflow
The Traffic Management Microkernel of BIG-IP ASM Risk Engine has a buffer overflow vulnerability, leading to a bypassing of URL-based access controls.
Added 2022-01-18
Remediation Deadline 2022-02-01
CVE-2021-21975Active Ransomware Campaign
VMware | vRealize Operations Manager API
VMware Server Side Request Forgery in vRealize Operations Manager API
Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perform a SSRF attack to steal administrative credentials.
Added 2022-01-18
Remediation Deadline 2022-02-01
CVE-2021-21315
Npm package | System Information Library for Node.JS
System Information Library for Node.JS Command Injection
In this vulnerability, an attacker can send a malicious payload that will exploit the name parameter. After successful exploitation, attackers can execute remote.
Added 2022-01-18
Remediation Deadline 2022-02-01
CVE-2020-14864
Oracle | Intelligence Enterprise Edition
Oracle Business Intelligence Enterprise Edition Path Transversal
Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.
Added 2022-01-18
Remediation Deadline 2022-07-18
CVE-2020-13927
Apache | Airflow's Experimental API
Apache Airflow's Experimental API Authentication Bypass
The previous default setting for Airflow's Experimental API was to allow all API requests without authentication.
Added 2022-01-18
Remediation Deadline 2022-07-18
CVE-2020-13671
Drupal | Drupal core
Drupal core Un-restricted Upload of File
Improper sanitization in the extension file names is present in Drupal core.
Added 2022-01-18
Remediation Deadline 2022-07-18
CVE-2020-11978
Apache | Airflow
Apache Airflow Command Injection
A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow.
Added 2022-01-18
Remediation Deadline 2022-07-18
CVE-2021-36260
Hikvision | Security cameras web server
Hikvision Improper Input Validation
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.
Added 2022-01-10
Remediation Deadline 2022-01-24
CVE-2021-27860
FatPipe | WARP, IPVPN, and MPVPN software
FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit
A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesystem.
Added 2022-01-10
Remediation Deadline 2022-01-24
CVE-2021-22017
VMware | vCenter Server
VMware vCenter Server Improper Access Control
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.
Added 2022-01-10
Remediation Deadline 2022-01-24
CVE-2020-6572
Google | Chrome Media
Google Chrome Media Use-After-Free Vulnerability
Google Chrome Media contains a use-after-free vulnerability that allows a remote attacker to execute code via a crafted HTML page.
Added 2022-01-10
Remediation Deadline 2022-07-10