Cybersecurity Alerts

Actively Exploited Vulnerabilities

The vulnerabilities listed below are sourced from the CISA Known Exploited Vulnerabilities catalog and represent security flaws that are actively being exploited in the wild. This list is updated daily. If you are unsure whether your systems are affected, contact us and we will help you assess your exposure.

CVE-2017-5638Active Ransomware Campaign
Apache | Struts
Apache Struts Remote Code Execution Vulnerability
Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2017-16651
Roundcube | Roundcube Webmail
Roundcube Webmail File Disclosure Vulnerability
Roundcube Webmail contains a file disclosure vulnerability caused by insufficient input validation in conjunction with file-based attachment plugins, which are used by default.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2017-11882Active Ransomware Campaign
Microsoft | Office
Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability that allows remote code execution in the context of the current user.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2017-11774
Microsoft | Office
Microsoft Office Outlook Security Feature Bypass Vulnerability
Microsoft Office Outlook contains a security feature bypass vulnerability due to improperly handling objects in memory. Successful exploitation allows an attacker to execute commands.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2017-0199Active Ransomware Campaign
Microsoft | Office and WordPad
Microsoft Office and WordPad Remote Code Execution Vulnerability
Microsoft Office and WordPad contain an unspecified vulnerability due to the way the applications parse specially crafted files. Successful exploitation allows for remote code execution.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2017-0143Active Ransomware Campaign
Microsoft | Windows
Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability
Microsoft Windows Server Message Block 1.0 (SMBv1) contains an unspecified vulnerability that allows for remote code execution.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2016-9563
SAP | NetWeaver
SAP NetWeaver XML External Entity (XXE) Vulnerability
SAP NetWeaver Application Server Java Platforms contains an unspecified vulnerability in BC-BMT-BPM-DSK which allows remote, authenticated users to conduct XML External Entity (XXE) attacks.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2016-7255
Microsoft | Win32k
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k kernel-mode driver fails to properly handle objects in memory which allows for privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2016-4437
Apache | Shiro
Apache Shiro Code Execution Vulnerability
Apache Shiro contains a vulnerability which may allow remote attackers to execute code or bypass intended access restrictions via an unspecified request parameter when a cipher key has not been configured for the "remember me" feature.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2016-3976
SAP | NetWeaver
SAP NetWeaver Directory Traversal Vulnerability
SAP NetWeaver Application Server Java Platforms contains a directory traversal vulnerability via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet. This allows remote attackers to read files.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2016-3718
ImageMagick | ImageMagick
ImageMagick Server-Side Request Forgery (SSRF) Vulnerability
ImageMagick contains an unspecified vulnerability that allows attackers to perform server-side request forgery (SSRF) via a crafted image.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2016-3715
ImageMagick | ImageMagick
ImageMagick Arbitrary File Deletion Vulnerability
ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2016-3643
SolarWinds | Virtualization Manager
SolarWinds Virtualization Manager Privilege Escalation Vulnerability
SolarWinds Virtualization Manager allows for privilege escalation through leveraging a misconfiguration of sudo.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2016-3235
Microsoft | Office
Microsoft Office OLE DLL Side Loading Vulnerability
Microsoft Office Object Linking & Embedding (OLE) dynamic link library (DLL) contains a side loading vulnerability due to it improperly validating input before loading libraries. Successful exploitation allows for remote code execution.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2016-0185
Microsoft | Windows
Microsoft Windows Media Center Remote Code Execution Vulnerability
Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2016-0167Active Ransomware Campaign
Microsoft | Win32k
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2015-4852
Oracle | WebLogic Server
Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability
Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allow for for remote code execution.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2015-1641
Microsoft | Office
Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code execution in the context of the current user.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2014-1812Active Ransomware Campaign
Microsoft | Windows
Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability
Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An authenticated attacker who successfully exploits the vulnerability could decrypt the passwords and use them to elevate privileges on the domain.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2012-3152
Oracle | Fusion Middleware
Oracle Fusion Middleware Unspecified Vulnerability
Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity of affected systems.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2012-0158
Microsoft | MSCOMCTL.OCX
Microsoft MSCOMCTL.OCX Remote Code Execution Vulnerability
Microsoft MSCOMCTL.OCX contains an unspecified vulnerability that allows for remote code execution, allowing an attacker to take complete control of an affected system under the context of the current user.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2010-5326
SAP | NetWeaver
SAP NetWeaver Remote Code Execution Vulnerability
SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote code execution via a HTTP or HTTPS request.
Added 2021-11-03
Remediation Deadline 2022-05-03