CVE-2014-0160: OpenSSL Information Disclosure Vulnerability
The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information.
Every advisory below covers a vulnerability with exploitation observed in the wild, cross-referenced against the CISA Known Exploited Vulnerabilities (KEV) catalog and refreshed every 3 hours. If your patch queue is long, start here: KEV listing means real attacks are happening now, and US federal agencies are required to remediate these under BOD 22-01.
The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information.
Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute code.
Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox.
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
Linux kernel contains an improper initialization vulnerability where an unprivileged local user could escalate their privileges on the system. This vulnerability has the moniker of "Dirty Pipe."
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
Multiple WSO2 products allow for unrestricted file upload, resulting in remote code execution.
Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that might allow remote attackers to inject arbitrary web script or HTML.
A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number.
Microsoft Windows Print Spooler contains an unspecified vulnerability which allow for privilege escalation.
The login_mgr.cgi script in D-Link DNS-320 is vulnerable to remote code execution.
The WAP interface in Trihedral VTScada (formerly VTS) allows remote attackers to cause a denial-of-service (DoS).
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrom…
A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered.
InduSoft Web Studio NTWebServer contains a directory traversal vulnerability that allows remote attackers to read administrative passwords in APP files, allowing for remote code execution.
Multiple Crestron products are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.
Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server allows remote attackers to execute arbitrary commands.
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts.
VMware Workspace ONE Access and Identity Manager allow for remote code execution due to server-side template injection.
Microsoft Windows Common Log File System (CLFS) Driver contains an unspecified vulnerability that allows for privilege escalation.
Stack-based buffer overflow in Adobe Flash Player allows attackers to execute code remotely.
Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code.
Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).
Use-after-free vulnerability in Adobe Flash Player allows remote attackers to execute code.
Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute code.
Microsoft Internet Explorer contains a memory corruption vulnerability that allows an attacker to execute code or cause a denial-of-service (DoS).
A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site.
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).
Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access.
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code.
Google Pixel contains a possible out-of-bounds write due to a logic error in the code that could lead to local escalation of privilege.
QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution.
Linux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service (DoS) or possibly for privilege escalation.
Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code.
Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.
Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.
The SMBv1 server in Microsoft allows remote attackers to execute arbitrary code via crafted packets.
Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.
Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.
macOS Monterey contains an out-of-bounds read vulnerability that could allow an application to read kernel memory.
A remote code execution vulnerability exists in all series H/W revisions routers via the DDNS function in ncc2 binary file.
macOS Monterey contains an out-of-bounds write vulnerability that could allow an application to execute arbitrary code with kernel privileges.
Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service (DoS), or information disclosure.
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.
Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10562, exploitation can allow an attacker to perform remote code execution.