diff --git a/config/known_exploited_vulnerabilities.csv b/config/known_exploited_vulnerabilities.csv index 9b2201c66..00b0980ee 100644 --- a/config/known_exploited_vulnerabilities.csv +++ b/config/known_exploited_vulnerabilities.csv @@ -811,7 +811,6 @@ CVE-2021-31010,Apple,"iOS, macOS, watchOS","Apple iOS, macOS, watchOS Sandbox By CVE-2020-36193,PEAR,Archive_Tar,"PEAR Archive_Tar Improper Link Resolution Vulnerability",2022-08-25,"PEAR Archive_Tar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.","Apply updates per vendor instructions.",2022-09-15,Unknown,"https://github.com/pear/Archive_Tar/commit/cde460582ff389404b5b3ccb59374e9b389de916, https://www.drupal.org/sa-core-2021-001, https://access.redhat.com/security/cve/cve-2020-36193" CVE-2020-28949,PEAR,Archive_Tar,"PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability",2022-08-25,"PEAR Archive_Tar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.","Apply updates per vendor instructions.",2022-09-15,Unknown,"https://pear.php.net/bugs/bug.php?id=27002, https://www.drupal.org/sa-core-2020-013, https://access.redhat.com/security/cve/cve-2020-28949" CVE-2022-3075,Google,Chromium,"Google Chromium Insufficient Data Validation Vulnerability",2022-09-08,"Google Chromium Mojo contains an insufficient data validation vulnerability. Impacts from exploitation are not yet known. This vulnerability affects web browsers that utilize Chromium, including Google Chrome and Microsoft Edge.","Apply updates per vendor instructions.",2022-09-29,Unknown,"https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html, https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3075" -CVE-2022-28958,D-Link,DIR-816L,"D-Link DIR-816L Remote Code Execution Vulnerability",2022-09-08,"D-Link DIR-816L contains an unspecified vulnerability in the shareport.php value parameter which allows for remote code execution.","This CVE is currently in disputed status. During the review process, agencies should update per vendor instructions.",2022-09-29,Unknown,https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10300 CVE-2022-27593,QNAP,"Photo Station","QNAP Photo Station Externally Controlled Reference Vulnerability",2022-09-08,"Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign.","Apply updates per vendor instructions.",2022-09-29,Known,https://www.qnap.com/en/security-advisory/qsa-22-24 CVE-2022-26258,D-Link,DIR-820L,"D-Link DIR-820L Remote Code Execution Vulnerability",2022-09-08,"D-Link DIR-820L contains an unspecified vulnerability in Device Name parameter in /lan.asp which allows for remote code execution.","The impacted product is end-of-life and should be disconnected if still in use.",2022-09-29,Unknown,https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10295 CVE-2020-9934,Apple,"iOS, iPadOS, and macOS","Apple iOS, iPadOS, and macOS Input Validation Vulnerability",2022-09-08,"Apple iOS, iPadOS, and macOS contain an unspecified vulnerability involving input validation which can allow a local attacker to view sensitive user information.","Apply updates per vendor instructions.",2022-09-29,Unknown,"https://support.apple.com/en-us/HT211288, https://support.apple.com/en-us/HT211289" @@ -1040,3 +1039,5 @@ CVE-2023-36584,Microsoft,Windows,"Microsoft Windows Mark of the Web (MOTW) Secur CVE-2023-1671,Sophos,"Web Appliance","Sophos Web Appliance Command Injection Vulnerability",2023-11-16,"Sophos Web Appliance contains a command injection vulnerability in the warn-proceed handler that allows for remote code execution.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",2023-12-07,Unknown,https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce CVE-2020-2551,Oracle,"Fusion Middleware","Oracle Fusion Middleware Unspecified Vulnerability",2023-11-16,"Oracle Fusion Middleware contains an unspecified vulnerability in the WLS Core Components that allows an unauthenticated attacker with network access via IIOP to compromise the WebLogic Server.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",2023-12-07,Unknown,https://www.oracle.com/security-alerts/cpujan2020.html CVE-2023-4911,GNU,"GNU C Library","GNU C Library Buffer Overflow Vulnerability",2023-11-21,"GNU C Library's dynamic loader ld.so contains a buffer overflow vulnerability when processing the GLIBC_TUNABLES environment variable, allowing a local attacker to execute code with elevated privileges.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",2023-12-12,Unknown,"This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=1056e5b4c3f2d90ed2b4a55f96add28da2f4c8fa, https://access.redhat.com/security/cve/cve-2023-4911, https://www.debian.org/security/2023/dsa-5514" +CVE-2023-6345,Google,Skia,"Google Skia Integer Overflow Vulnerability",2023-11-30,"Google Skia contains an integer overflow vulnerability affecting Google Chrome and ChromeOS, Android, Flutter, and possibly other products.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",2023-12-21,Unknown,"This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_28.html" +CVE-2023-49103,ownCloud,"ownCloud graphapi","ownCloud graphapi Information Disclosure Vulnerability",2023-11-30,"ownCloud graphapi contains an information disclosure vulnerability that can reveal sensitive data stored in phpinfo() via GetPhpInfo.php, including administrative credentials.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",2023-12-21,Unknown,https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/