Skip to the content.

The DIVD CSIRT…

… supports the Dutch Institute for Vulnerability Disclosure, in its mission “…to make the digital world safer by reporting vulnerabilities we find in digital systems to the people who can fix them. We have a global reach, but do it Dutch style: open, honest, collaborative, and for free.”

The CSIRT handles the scanning for and disclosing of vulnerabilities, either discovered by DIVD researchers or third parties and warning people for leaked credentials and operates our CVE Numbering Authoristy (CNA) capability.

Our blog

Last 10 posts …

More posts

gantt title Cases currently open or recently closed dateFormat YYYY-MM-DD axisFormat %e %b %Y DIVD-2022-00048 - Dossier Energy Transition (572 days) :2022-09-07, 2024-04-01 DIVD-2022-00052 - Multiple vulnerabilities is Cloudflow software (516 days) :2023-02-21, 2024-07-21 DIVD-2022-00064 - Multiple injection vulnerabilities identified within Axiell Iguana CMS (683 days) :2022-09-08, 2024-07-22 DIVD-2023-00010 - Remote Code Execution in Microsoft Exchange Server (524 days) :2023-02-14, 2024-07-22 DIVD-2023-00011 - FortiNAC and FortiWeb RCE Vulnerability (320 days) :2023-02-03, 2023-12-20 DIVD-2023-00021 - Multiple vulnerabilities in Danfoss AK-EM 100 (336 days) :2023-01-18, 2023-12-20 DIVD-2023-00022 - OS command injection vulnerability of Zyxel firewalls (236 days) :2023-04-28, 2023-12-20 DIVD-2023-00025 - Multiple vulnerabilities in Danfoss AK-SM800A (336 days) :2023-01-18, 2023-12-20 DIVD-2023-00028 - SQL Injection in MOVEit Transfer - CVE-2023-36934 (382 days) :2023-07-06, 2024-07-22 DIVD-2023-00035 - Remote Code Execution in Juniper Networks SRX- and EX-Series (238 days) :2023-09-11, 2024-05-06 DIVD-2023-00036 - Authentication Bypass in JetBrains TeamCity (87 days) :2023-09-20, 2023-12-16 DIVD-2023-00039 - VMware vCenter Server RCE (271 days) :2023-10-25, 2024-07-22 DIVD-2023-00042 - Confluence improper authorization vulnerability (155 days) :2023-11-11, 2024-04-14 DIVD-2023-00045 - Confluence RCE Vulnerability In Confluence Data Center and Confluence Server (131 days) :2023-12-05, 2024-04-14 DIVD-2024-00001 - Auth. Bypass and Command Injection in Ivanti VPN appliance (33 days) :2024-01-10, 2024-02-12 DIVD-2024-00002 - Account takeover vulnerability in Gitlab CE/EE (141 days) :2024-01-12, 2024-06-01 DIVD-2024-00003 - Unauthenticaded Remote Code Execution in CrushFTP (126 days) :2023-12-13, 2024-04-17 DIVD-2024-00004 - 2024-00004 Global NGOs (open) :2023-10-04, 2025-01-02 DIVD-2024-00005 - Remote code execution in FortiOS (7 days) :2024-02-08, 2024-02-15 DIVD-2024-00006 - Authentication Bypass in JetBrains TeamCity (49 days) :2024-02-08, 2024-03-28 DIVD-2024-00008 - Authentication Bypass and Remote Code Execution in ConnectWise ScreenConnect (101 days) :2024-02-21, 2024-06-01 DIVD-2024-00009 - Authentication Bypass in JetBrains TeamCity (22 days) :2024-03-06, 2024-03-28 DIVD-2024-00010 - Unauthenticated Command Injection In Progress Kemp LoadMaster (34 days) :2024-03-20, 2024-04-23 DIVD-2024-00011 - Six vulnerabilities in Enphase IQ Gateway devices (open) :2024-04-11, 2025-01-02 DIVD-2024-00013 - Palo Alto PAN-OS Command Injection Vulnerability in GlobalProtect (11 days) :2024-04-12, 2024-04-23 DIVD-2024-00014 - Qlik Sense Remote Code Execution (75 days) :2024-04-19, 2024-07-03 DIVD-2024-00015 - Remote Command Execution in CrushFTP (39 days) :2024-04-23, 2024-06-01 DIVD-2024-00016 - Command injection vulnerabilities in QNAP devices (174 days) :2024-04-30, 2024-10-21 DIVD-2024-00018 - Out-Of-Bounds memory read vulnerability in Citrix Netscaler and Gateway (66 days) :2024-05-08, 2024-07-13 DIVD-2024-00019 - Victim Notification Operation Endgame (open) :2024-05-30, 2025-01-02 DIVD-2024-00020 - Authentication Bypass in GitHub Enterprise Server (GHES) (24 days) :2024-05-27, 2024-06-20 DIVD-2024-00021 - Local File Inclusion in Check Point Security Gateway software (47 days) :2024-05-30, 2024-07-16 DIVD-2024-00022 - Millions of credentials scraped from Telegram (open) :2024-06-04, 2025-01-02 DIVD-2024-00023 - Authentication Bypass Vulnerability in Progress Telerik Report Server (39 days) :2024-06-04, 2024-07-13 DIVD-2024-00024 - Multiple vulnerabilities found in the SOPlanning tool (140 days) :2024-05-29, 2024-10-16 DIVD-2024-00025 - QNAP - OS command injection as Admin user possible via quick.cgi (118 days) :2024-06-07, 2024-10-03 DIVD-2024-00026 - Unauthenticated RCE in Rejetto HTTP File Server (33 days) :2024-06-10, 2024-07-13 DIVD-2024-00028 - Local File Inclusion in SolarWinds U-Serv (118 days) :2024-06-21, 2024-10-17 DIVD-2024-00029 - VMware vCenter Server multiple heap-overflow vulnerabilities (46 days) :2024-06-21, 2024-08-06 DIVD-2024-00030 - Zyxel NAS - unauthenticated OS command injection (101 days) :2024-06-24, 2024-10-03 DIVD-2024-00031 - Unauthenticated Local File Inclusion vulnerability in ComfortKey (open) :2024-08-05, 2025-01-02 DIVD-2024-00032 - Unauthenticated Remote Code Execution (RCE) vulnerability in Geoserver (73 days) :2024-07-03, 2024-09-14 DIVD-2024-00033 - ServiceNow - unauthenticated remote code execution (RCE) (67 days) :2024-07-13, 2024-09-18 DIVD-2024-00038 - Remote Code Execution CUPS (open) :2024-10-17, 2025-01-02 DIVD-2024-00039 - Incorrect authorization vulnerability in Apache OFBiz resulting in RCE (64 days) :2024-09-29, 2024-12-02 DIVD-2024-00040 - Zimbra Collaboration (ZCS) vulnerable for RCE under specific conditions (62 days) :2024-09-25, 2024-11-26 DIVD-2024-00041 - Progress Software WhatsUp Gold SQL Injection Authentication Bypass (open) :2024-09-24, 2025-01-02 DIVD-2024-00042 - Multiple critical vulnerabilities in Solarwinds Web Help Desk (57 days) :2024-09-24, 2024-11-20 DIVD-2024-00044 - Missing authentication in Fortinet FortiManager fgfmsd (open) :2024-10-24, 2025-01-02 DIVD-2024-00045 - SysAid ITSM SQL Injection vulnerability (open) :2024-10-30, 2025-01-02 DIVD-2024-00046 - Multiple critical vulnerablilties in Ivanti Cloud Services Appliance (CSA) (open) :2024-09-24, 2025-01-02 DIVD-2024-00047 - Multiple critical vulnerablilties in Palo Alto Networks PAN-OS devices (open) :2024-11-11, 2025-01-02 DIVD-2024-00048 - VMware vCenter Server heap-overflow and remote code execution vulnerabilities (open) :2024-11-22, 2025-01-02 DIVD-2024-00049 - Vulnerabilities in D-Link NAS Backdoor and Command Injection Exploits (open) :2024-12-02, 2025-01-02

Open cases

Some statistics

Year # of cases # of vulnerable IPs notified # of leaked credentials notified # of cves assigned/requested
2020 14 58,358 3860
2021 25 99,006 5,000,10023
2022 42 297,472 019
2023 37 375,531 015
2024 40 503,504 1,218,000,00012