| Vulnerability in OpenSSL: c rehash Script Could Allow Command Injection | CVE-2022-1292 |
| Apache Kafka Security Vulnerabilities | CVE-2022-23307, CVE-2022-23305, CVE-2022-23302, CVE-2019-17571, CVE-2020-9488 |
| "Spring4Shell" - RCE Vulnerabilities in Spring Framework and Spring Cloud Function | CVE-2022-22965, CVE-2022-22963, CVE-2022-22950 |
| Denial of Service Vulnerability in Several Versions of OpenSSL | CVE-2022-0778 |
| Vulnerability in Versions of Samba Prior to 4.13.17 Could Allow a Remote Attacker to Execute Arbitrary Code | CVE-2021-44142 |
| PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s "pkexec" | CVE-2021-4034 |
| Multiple Security Vulnerabilities in Apache Log4j Library | CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-44832 |
| Hitachi Content Platform Anywhere (HCP-AW) 4.4.5 and Later Allows Information Disclosure | CVE-2021-41573 |
| HCP Anywhere Vulnerabilities in Versions Prior to v4.5 | CVE-2017-15708, CVE-2019-0230, CVE-2019-10744, CVE-2019-10746, CVE-2019-19919, CVE-2019-20920, CVE-2020-17530 |
| HCP Anywhere AngularJS Framework Vulnerabilities | CVE-2019-10768, CVE-2020-7676 |
| Windows Print Spooler Service Remote Code Execution Vulnerability | CVE-2021-34527 |
| Kaseya VSA Supply-Chain Ransomware Attack | N/A |
| DNS Vulnerabilities Effect 4 TCP/IP Stacks ("NAME:WRECK") | (Multiple CVE's) |
| Windows MSHTML Platform Remote Code Execution Vulnerability | CVE-2021-33742 |
| VMware vRealize Business for Cloud Remote Code Execution Vulnerability | CVE-2021-21984 |
| Hitachi Content Intelligence - Remote Code Execution Vulnerability in Certain Versions of Apache Solr | CVE-2019-17558 |
| Hitachi Vantara Content Products jQuery Vulnerabilities | CVE-2020-11022, CVE-2020-11023 |
| Hitachi Content Intelligence - Sensitive Information Disclosure in Logstash | CVE-2018-3817, CVE-2019-7612 |
| Multiple Vulnerabilities in OpenSSL | CVE-2021-3449, CVE-2021-3450 |
| Brocade SANnav DoS Vulnerability in Versions Prior to v2.1.0a | CVE-2020-15379 |
| Hitachi Vantara Software Products Multiple Java SE Vulnerabilities (2021 Mar 5) | CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798, CVE-2020-14803 |
| VMware vCenter Server Remote Code Execution Vulnerability in the vSphere Client | CVE-2021-21972 |
| Hitachi Vantara Ops Center Common Services Vulnerabilities (2021 Feb 24) | CVE-2017-7525, CVE-2017-15095, CVE-2020-14389, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696, CVE-2020-35490, CVE-2020-35491 |
| Hitachi Vantara Ops Center Analyzer Viewpoint Multiple Vulnerabilities (2021 Feb 24) | CVE-2020-8908, CVE 2020-13956, CVE-2020-25649, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696 |
| Windows Win32k Elevation of Privilege Vulnerability | CVE-2021-1732 |
| Libgcrypt 1.9.0 Cryptographic Library Heap-Based Buffer Overflow Vulnerability | CVE-2021-3345 |
| Linux 'Sudo' Command Bug May Allow Unauthorized Users to Gain Root Privileges | CVE-2021-3156 |
| Hitachi Vantara Ops Center Common Services Vulnerabilities (2020 Dec 16) | CVE-2020-1714, CVE-2020-10693, CVE-2020-10740, CVE-2020-10758 |
| OpenSSL NULL Pointer Dereferencing Vulnerability | CVE-2020-1971 |
| Forced OGNL Evaluation on Raw User Input Tag Attributes May Lead to Remote Code Execution | CVE-2020-17530 |
| Open Source TCP/IP Stacks Vulnerabilities ("AMNESIA:33") | (Multiple CVE's) |
| OpenSSH Vulnerability Could Allow Memory Corruption and Local Code Execution | CVE-2019-16905 |
| Flaw in Samba Could Allow Unauthenticated Attacker to Escape the Shared Directory | CVE-2019-10197 |
| Remote Code Execution Vulnerability Exists in Windows TCP/IP Stack | CVE-2020-16898 |
| Microsoft Elevation of Privilege Vulnerability When Connecting to Domain Controller Using Netlogon Remote Protocol | CVE-2020-1472 |
| Elevation of Privilege Vulnerability With Services Group Policy | CVE-2020-1333 |
| Treck TCP/IP Library Vulnerabilities in NetApp Products Could Lead to Disclosure of Sensitive Information or Denial of Service (DoS) | CVE-2020-11896, CVE-2020-11897, CVE-2020-11898, CVE-2020-11899 |
| Potential XSS jQuery Vulnerability When Appending HTML Containing Option Elements | CVE-2020-11023 |
| Remote Code Execution (RCE) vulnerability in Windows DNS Server | CVE-2020-1350 |
| jQuery Before 3.4.0 Mishandles jQuery Function |
CVE-2019-11358 |
| VMware ESXi, VMware Workstation, and VMware Fusion Contain a Denial-of-Service (DoS) Vulnerability | CVE-2020-3958, CVE-2020-3959 |
| VMware Directory Service Vulnerability Could Allow an Attacker with Network Access to Obtain Sensitive Information | CVE-2020-3952 |
| CGI Servlet in Certain Apache Tomcat Versions Vulnerable to Remote Code Excecution | CVE-2019-0232 |
| SSI printenv Command in Certain Apache Tomcat Versions Vulnerable to XSS (Cross Site Scripting) | CVE-2019-0221 |
| A Remote Code Execution Vulnerability Exists in Microsoft Server Message Block 3.1.1 (SMBv3) Protocol | CVE-2020-0796 |
| Cisco Discovery Protocol implementation Vulnerability Could Allow Unauthenticated Attacker to Execute Arbitrary Code on an Affected Device | CVE-2020-3119 |
| A vulnerability in Hitachi Command Suite Products Could Allow Authenticated Remote Users to Expose Technical Information Through Error Messages | CVE-2018-21032 |
| Apache Tomcat AJP Connector Vulnerability | CVE-2020-1938 |
| March 2020 LDAP channel binding and LDAP signing requirement for Windows | March 2020 LDAP channel binding and LDAP signing requirement for Windows |
| Sudo's Pwfeedback Option Can Be Used to Provide Visual Feedback When the User Is Inputting Their Password | CVE-2019-18634 |
| Vulnerabilities Related to Java Development Kit (JDK) Affecting Hitachi Command Suite (HCS) and Other Products | CVE-2019-13117 |
| Windows Remote Desktop Client Remote Code Execution Vulnerability | CVE-2020-0609, CVE-2020-0610, CVE-2020-0611 |
| A Spoofing Vulnerability Exists in the Way Windows CryptoAPI (Crypt32.Dll) Validates Elliptic Curve Cryptography (ECC) Certificates | CVE-2020-0601 |
| 2nd Generation Intel (R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors May Allow a Privileged User Unauthorized Privileges |
CVE-2019-11137 |
| 2nd Generation Intel (R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors May Allow a Privileged User Unauthorized Privileges | CVE-2019-11136, CVE-2019-11139, CVE-2019-11170, CVE-2019-11173, CVE-2019-11174, CVE-2019-11177, CVE-2019-11178, CVE-2019-11179, CVE-2019-11181 |
| Hitachi Device Manager Contains Vulnerability that Incorrectly Discloses System Information | CVE-2018-21026 |
| Scripting Engine Memory Corruption Vulnerability in Internet Explorer | CVE-2019-1429 |
| Cross Site Scripting Vulnerability When Microsoft Dynamics 365 (On-premises) Does Not Properly Sanitize a Specially Crafted Web Request | CVE-2019-1375 |
| Vulnerability Could Result in Unauthorized Bypass of Certain Policy Blacklists By Invoking sudo With a Crafted User ID | CVE-2019-14287 |
| A Spoofing Vulnerability Exists When Microsoft Browsers Improperly Handle Browser Cookies, aka Microsoft Browser Spoofing Vulnerability | CVE-2019-1357 |
| Spoofing Vulnerability in Microsoft Browsers Does Not Properly Parse HTTP Content, aka Microsoft Browser Spoofing Vulnerability | CVE-2019-0608 |
| Remote Code Execution Vulnerability Exists When Internet Explorer Improperly Accesses Objects in Memory | CVE-2019-1371 |
| Combined CVE article | CVE-2019-1169, CVE-2019-1162, CVE-2019-1177, CVE-2019-1178, CVE-2019-1183, CVE-2019-1187, CVE-2019-1228, CVE-2019-0716 |
| Microsoft Windows GDI Vulnerability Could Allow an Attacker to Obtain Information to Further Compromise a User’s System | CVE-2019-1143 |
| A Memory Corruption Vulnerability in Internet Explorer’s Scripting Engine Could Result in Attacker Ability to Execute Arbitrary Code | CVE-2019-1367 |
| Microsoft Graphics Component Vulnerability Could Allow an Attacker to Obtain Information to Further Compromise the User’s System | CVE-2019-1078 |
| Vulnerability in the Microsoft XML Core Services MSMXL Parser Could Allow Attacker Remotely Control User's System | CVE-2019-1057 |
| Microsoft Windows Vulnerability Due to Improper Handling of Objects in Memory Could lead to Denial of Service (DoS) Attack | CVE-2019-0716 |
| A Remote Code Execution Vulnerability Exists in Remote Desktop Services (RDP) When an Unauthenticated Attacker Connects to the Target System |
CVE-2019-1181, CVE-2019-1182, CVE-2019-1222, CVE-2019-1226 |
| Non-openbsd Platform Accept Extraneous Username Data Which Could Allow Local Users to Conduct Impersonation Attacks | CVE-2015-6563 |
| Certain Eclipse Jetty Versions Will Reveal the Configured Fully Qualified Directory Base Resource Location on the Output of the 404 Error | CVE-2019-10247 |
| png.c Function in libpng (Reference Library for PNG) Contains use-after-free Bug | CVE-2019-7317 |
| Vulnerability Allows Unauthenticated Attacker with Network Access to Compromise Java SE | CVE-2019-2769, CVE-2019-2816, CVE-2019-2786, CVE-2019-2766, CVE-2019-2762, CVE-2019-2745 |
| Supermicro BMC Flaw Exposes Servers to USB Attacks | No CVE Assigned |
| RPC Code Generator in Samba 3.X Could Allow Remote Attackers to Execute Arbitrary Code via a Crafted RPC Call | CVE-2012-1182 |
| Flaw in Samba Daemon (smbd) Could Allow a Malicious Samba Client to Send Netlogon Packets Leading to Arbitrary Code Execution | CVE-2015-0240 |
| Netbios Name Services Daemon (nmbd) in Samba 4.X Before 4.21 and 4.1.X Before 4.1.11 Could Allow Remote Attackers to Execute Arbitrary Code | CVE-2014-3560 |
| Vulnerability in Samba 4.X Before 4.7.3 Could Allow Remote Attackers to Execute Arbitrary Code | CVE-2017-14746 |
| OpenSSH Vulnerability Could Allow Remote Servers to Obtain Sensitive Information from Process Memory | CVE-2016-0777, CVE-2016-0078 |
| IPMI 2.0 RAKP Password Hash Disclosure | CVE-2013-4786 |
| SNMP Agent Uses Default (Public) Community Name | CVE-1999-0517 |
| Weaknesses in the MD5 Algorithm Could Allow Attackers to Generate Cryptographic Tokens That Illegitimately Appear to Be Authentic | CVE-2004-2761 |
| Several TCP-Based Networking Vulnerabilities In FreeBSD and Linux Kernels Could Result In Remote DoS Attacks | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479 |
| Vulnerabilities In HP-UX NTP Service Could Be Exploited Remotely to Allow a Denial of Service (DoS) Attack | CVE-2016-9310 |
| Oracle Weblogic Server Vulnerability Could Allow an Unauthenticated Attacker to Compromise Oracle Weblogic Server | CVE-2019-2729 |
| SSH Vulnerability Could Allow Remote Authenticated Users to Cause a Denial of Service via Crafted Glob Expressions | CVE-2010-4478, CVE-2010-4755, CVE-2014-2532, CVE-2011-5000, CVE-2012-0814 |
| Network Time Protocol Daemon (ntpd) monlist Command Enabled DoS (Amplification attack) | CVE-2013-5211 |
| Privilege Vulnerability Exists When the Windows Shell Fails to Validate Folder Shortcuts | CVE-2019-1053 |
| Adobe Flash Player Vulnerability 32.0.0.192 and Earlier Could Lead to Arbitrary Code Execution | CVE-2019-7096, CVE-2019-7845, CVE-2019-7837, CVE-2019-7108, CVE-2019-7090 |
| Linux Kernel Vulnerability Before 5.0.8 Related to the rds tcp kill sock in net/rds/tcp.c Function | CVE-2019-11815 |
| Intel Speculative Execution Vulnerabilities RIDL, Fallout, Zombieload | CVE-2018-12126, CVE-2018-12130, CVE-2018-12127, CVE-2019-11091, CVE-2019-11135 |
| Microsoft Remote Desktop Services Vulnerability Could Allow Unauthorized Execution of Arbitrary Code on Target System | CVE-2019-0708 |
| Vulnerability in lighttpd Web Server Module Could Potentially Allow Access to Directories Above the Authorized Aliased Path | CVE-2018-19052 |
| Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability | CVE-2019-1804 |
| Vulnerability in the Oracle Weblogic Server Allows Unauthenticated Attacker with Network Access via HTTP to Compromise Oracle Weblogic Server | CVE-2019-2658 |
| Windows Speculative Execution Vulnerability May Allow Unauthorized Disclosure of Information to an Attacker with Local User Access | CVE-2018-3693 |
| Vulnerability Allows Unauthenticated Attacker with Network Access to Compromise Java SE Embedded | CVE-2019-2684, CVE-2019-2602 |
| Vulnerability Allows Unauthenticated Attacker with Network Access to Compromise Java SE | CVE-2019-2697, CVE-2019-2698, CVE-2019-2699 |
| CGI Servlet in Certain Versions of Apache Tomcat Vulnerable to Remote Code Execution | CVE-2019-0232 |
| Apache HTTP Server Vulnerability Could Result Execution of Arbitrary Code With Unauthorized Elevated Privileges | CVE-2019-0211 |
| Linux Kernels With "Lazy FPU Restore" Flaw Vulnerable to FPU Targeted Cache Side-channel Attacks | CVE-2018-3665 |
| Linux Kernel Integer Overflow Flaw Can Be Used For Unauthorized Elevation of Privileges | CVE-2018-14634 |
| Spoiler - Intel Speculative Execution Vulnerability | CVE Number Not Yet Assigned |
| Internet Explorer Scripting Engine Memory Corruption Vulnerability | CVE-2018-8653 |
| Incorrect Handling of Error Message in Kubernetes API Allowed Unauthorized Connection to Backend Servers | CVE-2018-1002105 |
| Flaws In Some Brands of Popular Solid-State Drives (SSDs) Could Allow Unauthorized Decryption of Data | CVE Number Not Yet Assigned |
| Eclipse Jetty Cache Poisoning Vulnerability | CVE-2017-7656, CVE-2017-7657, CVE-2017-7658, CVE-2018-12536 |
| Intel CPU PortSmash Side-Channel Vulnerability | CVE-2018-5047 |
| Vulnerability in dhcp6 Client Allows a Malicious dhcp6 Server to Overwrite Heap Memory | CVE-2018-15688 |
| Flaw in libssh Before 0.7.6 and 0.8.4. Could Allow Unauthorized Client to Create Channels | CVE-2018-10933 |
| Supermicro Motherboard Vulnerability | Not yet assigned |
| Apache Struts Vulnerability Could Allow Remote Code Execution and Elevated Privileges on the Compromised Application | CVE-2018-11776 |
| OpenSSH Vulnerability Could Potentially Allow Brute Force Dictionary Attacks on User Passwords | CVE-2018-15473 |
| Bug in OpenSSL Could Result in Low Possibility of RSA or DSA Attack | CVE-2017-3736, CVE-2017-3738 |
| Python Vulnerability Related to Expressions Which Could Be Exploited to Cause a DoS (Denial of Service) Attack | CVE-2018-1060, CVE-2018-1061 |
| Foreshadow - Speculative Execution Microprocessor Vulnerability | CVE-2018-3646, CVE-2018-3620, CVE-2018-3615 |
| Java SE/Java Embedded Vulnerabilities Could Allow Unauthorized Creation, Deletion or Modification to Critical Data | CVE-2018-2973, CVE-2018-2940, CVE-2018-2952 |
| HCS Configuration Information of Server and Storage Systems Potentially Exposed Due to GUI Vulnerability | CVE-2018-14735 |
| Samba Memory Leak Flaw in SMB1 Protocol | CVE-2017-12163 |
| Vulnerability in the Nginx Range Filter Could Allow a Specially Crafted Request Potentially Resulting in Sensitive Information Leak | CVE-2017-7529 |
| Certain Versions of Pivotal Operations Manager Vulnerable Due to NGINX Vulnerabilities | CVE-2018-11046 |
| Java RMI Deserialization Vulnerability Could Allow Unauthenticated Attacker Access to Java SE, Java SE Embedded, JRockit | CVE 2017-3241 |
| Windows Vulnerability in 32k Component Could Lead to Unauthorized Elevation of Privileges | CVE-2018-8210 |
| Linux Kernel Flaw Related to POP SS and MOV SS Could Result in Vulnerability to DoS Attack | CVE-2018-8897 and CVE-2018-1087 |
| Vulnerability in Oracle Fusion Middleware Could Allow Unauthenticated Attacker Network Access to Oracle WebLogic Server | CVE-2018-2628 |
| Spring Data Commons Vulnerability Can Be Used to Remotely Exploit Spring Data REST HTTP Resources | CVE-2018-1273 |
| Remote Code Execution with spring-messaging | CVE-2018-1270 |
| Vulnerability in Previous Versions of FasterXML jackson-databind Could Allow Remote Code Execution | CVE-2018-7489 |
| Multiple Vulnerabilites in Oracle Java SE (Oracle Critical Patch Update Advisory - January 2018) | (Multiple CVEs) |
| (ROBOT) - A Defect in RSA Encryption Could Allow an Attacker to Decrypt Encrypted Communications | (Multiple CVEs) |
| A Vulnerability in Adobe Flash Player May Allow Arbitrary Code Execution | CVE-2018-4878 |
| Weak Encryption in Telerik.Web.UI | CVE-2017-11317 |
| Web Applications Using the Apache Struts REST Plugin May Allow Remote Code Execution | CVE-2017-9805 |
| Apache Struts 2.3.x May Allow Remote Code Execution | CVE-2017-9791 |
| Cross-Site Scripting Vulnerability in Older Versions of Hitachi Device Manager and Hitachi Replication Manager | CVE-2017-9298 |
| Open Redirect Vulnerability in Older Versions of Hitachi Device Manager | CVE-2017-9297 |
| Open Redirect Vulnerability in Older Versions of Hitachi Device Manager and Hitachi Tuning Manager | CVE-2017-9296 |
| XXE Vulnerability in Older Versions of Hitachi Device Manager and Hitachi Replication Manager | CVE-2017-9295 |
| RMI Vulnerability in Older Versions of Hitachi Device Manager | CVE-2017-9294 |
| Flaw in jackson-databind Could Allow Remote Code Execution Through Object Mapper | CVE-2017-15095 |
| Vulnerability in Samba Since Version 3.5.0 May Allow Remote Code Execution | CVE-2017-7494 |
| Cisco Prime Data Center Network Manager Debug Remote Code Execution Vulnerability | CVE-2017-6639 |
| Linux Kernel Flaw Could Allow an Unprivileged User to Escalate Their System Privileges | CVE-2017-6074 |
| (Meltdown) - Systems with Microprocessors Utilizing Speculative Execution and Indirect Branch Prediction May Allow Unauthorized Disclosure of Information to an Attacker | CVE-2017-5754 |
| (Spectre) - Systems with Microprocessors Utilizing Speculative Execution and Indirect Branch Prediction May Allow Unauthorized Disclosure of Information to an Attacker | CVE-2017-5715 and CVE-2017-5753 |
| Intel AMT/ME Privilege Escalation | CVE-2017-5689 |
| Jakarta Multipart Parser in Apache Struts May Allow Remote Code Execution | CVE-2017-5638 |
| The REST Plugin in Apache Struts 2.5 to 2.5.14 May Be Vulnerable to DoS Attacks | CVE-2017-15707 |
| Microsoft Windows SMB Remote Code Execution Vulnerabilities | CVE-2017-0143, 0144, 1045, 0146, 0147 |
| Earlier Versions of Apache Tomcat May Allow Remote Code Execution | CVE-2016-8735 |
| Birthday Attacks on 64-Bit Block Ciphers in OpenVPN | CVE-2016-6329 |
| Memory Leaks in Older Versions of OpenSSL May Enable DoS Attacks | CVE-2016-6304 |
| Older Versions of the Apache HTTP Server May Allow a Remote Attacker to Redirect HTTP Requests | CVE-2016-5387 |
| (Dirty CoW) - A Flaw in Older Versions of the Linux Kernel Could Allow Local Users to Gain Elevated Privileges | CVE-2016-5195 |
| A Flaw in Older Versions of the OpenSSH Server Could Allow an Authenticated Client with Restricted SSH Access to Bypass Intended Restrictions | CVE-2016-3115 |
| A Flaw in Older Versions of BIND Could Enable a DoS Attack | CVE-2016-2776 |
| Sweet32 | CVE-2016-2183 |
| Vulnerability in Oracle Java SE Could Allow Remote Code Execution | CVE-2016-0636 |
| A Flaw in Older Versions of the OpenSSH sshd Daemon Could Facilitate a Password Guessing Attack | CVE-2015-5600 |
| Older Versions of McAfee Agent May Facilitate Clickjacking Attacks | CVE-2015-2053 |
| Microsoft Schannel Remote Code Execution Vulnerability | CVE-2014-6321 |
| Weaknesses in the RC4 Algorithm Could Facilitate Plaintext-Recovery Attacks | CVE-2013-2566 |