CISA Known Exploited Vulnerabilities

Description:

Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that might allow remote attackers to inject arbitrary web script or HTML.

Description:

A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number.

Description:

Microsoft Windows Print Spooler contains an unspecified vulnerability which allow for privilege escalation.

Description:

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts.

Description:

Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Description:

Multiple Crestron products are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.

Description:

The login_mgr.cgi script in D-Link DNS-320 is vulnerable to remote code execution.

Description:

A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered.

Description:

The WAP interface in Trihedral VTScada (formerly VTS) allows remote attackers to cause a denial-of-service (DoS).

Description:

InduSoft Web Studio NTWebServer contains a directory traversal vulnerability that allows remote attackers to read administrative passwords in APP files, allowing for remote code execution.

Description:

Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.

Description:

masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server allows remote attackers to execute arbitrary commands.

Description:

VMware Workspace ONE Access and Identity Manager allow for remote code execution due to server-side template injection.

Description:

Microsoft Windows Common Log File System (CLFS) Driver contains an unspecified vulnerability that allows for privilege escalation.

Description:

A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site.