Posts tagged Vulnerability Disclosure

CVE-2022-4261: Rapid7 Nexpose Update Validation Issue (FIXED)

Vulnerabilities and Exploits

CVE-2022-4261: Rapid7 Nexpose Update Validation Issue (FIXED)

Tod Beardsley

CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures

Vulnerabilities and Exploits

CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures

Ron Bowes

FLEXlm and Citrix ADM Denial of Service Vulnerability

Threat Research

FLEXlm and Citrix ADM Denial of Service Vulnerability

Ron Bowes

Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)

Detection and Response

Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)

Deral Heiland

Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software

Vulnerabilities and Exploits

Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software

Jake Baines

CVE-2022-31660 and CVE-2022-31661 (FIXED): VMware Workspace ONE Access, Identity Manager, and vRealize Automation LPE

Threat Research

CVE-2022-31660 and CVE-2022-31661 (FIXED): VMware Workspace ONE Access, Identity Manager, and vRealize Automation LPE

Spencer McIntyre

QNAP Poisoned XML Command Injection (Silently Patched)

Exposure Management

QNAP Poisoned XML Command Injection (Silently Patched)

Jake Baines

Primary Arms PII Disclosure via IDOR (FIXED)

Threat Research

Primary Arms PII Disclosure via IDOR (FIXED)

Tod Beardsley

CVE-2022-35629..35632 Velociraptor Multiple Vulnerabilities (FIXED)

Products and Tools

CVE-2022-35629..35632 Velociraptor Multiple Vulnerabilities (FIXED)

Mike Cohen

CVE-2022-30526 (Fixed): Zyxel Firewall Local Privilege Escalation

Vulnerabilities and Exploits

CVE-2022-30526 (Fixed): Zyxel Firewall Local Privilege Escalation

Jake Baines

CVE-2021-3779: Ruby-MySQL Gem Client File Read (FIXED)

Exposure Management

CVE-2021-3779: Ruby-MySQL Gem Client File Read (FIXED)

Tod Beardsley

CVE-2022-31749: WatchGuard Authenticated Arbitrary File Read/Write (Fixed)

Exposure Management

CVE-2022-31749: WatchGuard Authenticated Arbitrary File Read/Write (Fixed)

Jake Baines

CVE-2022-32230: Windows SMB Denial-of-Service Vulnerability (FIXED)

Threat Research

CVE-2022-32230: Windows SMB Denial-of-Service Vulnerability (FIXED)

Spencer McIntyre

CVE-2022-22977: VMware Guest Authentication Service LPE (FIXED)

Exposure Management

CVE-2022-22977: VMware Guest Authentication Service LPE (FIXED)

Jake Baines

CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection

Vulnerabilities and Exploits

CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection

Jake Baines

CVE-2022-28810: ManageEngine ADSelfService Plus Authenticated Command Execution (Fixed)

Exposure Management

CVE-2022-28810: ManageEngine ADSelfService Plus Authenticated Command Execution (Fixed)

Jake Baines

CVE-2022-24527: Microsoft Connected Cache Local Privilege Escalation (Fixed)

Exposure Management

CVE-2022-24527: Microsoft Connected Cache Local Privilege Escalation (Fixed)

Jake Baines

CVE-2022-1026: Kyocera Net View Address Book Exposure

Threat Research

CVE-2022-1026: Kyocera Net View Address Book Exposure

Tod Beardsley

CVE-2021-4191: GitLab GraphQL API User Enumeration (FIXED)

Threat Research

CVE-2021-4191: GitLab GraphQL API User Enumeration (FIXED)

Jake Baines

CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED)

Exposure Management

CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED)

Jake Baines

CVE-2021-3546[78]: Akkadian Console Server Vulnerabilities (FIXED)

Vulnerabilities and Exploits

CVE-2021-3546[78]: Akkadian Console Server Vulnerabilities (FIXED)

Tod Beardsley