Skip to the content.

The DIVD CSIRT…

… supports the Dutch Institute for Vulnerability Disclosure, in its mission “…to make the digital world safer by reporting vulnerabilities we find in digital systems to the people who can fix them. We have a global reach, but do it Dutch style: open, honest, collaborative, and for free.”

The CSIRT handles the scanning for and disclosing of vulnerabilities, either discovered by DIVD researchers or third parties and warning people for leaked credentials and operates our CVE Numbering Authoristy (CNA) capability.

Our blog

Last 10 posts …

More posts

gantt title Cases currently open or recently closed dateFormat YYYY-MM-DD axisFormat %e %b %Y DIVD-2021-00014 - Kaseya Unitrends (733 days) :2021-07-02, 2023-07-05 DIVD-2021-00020 - OSNexsus QuantaStor limited disclosure and product warning (797 days) :2021-08-10, 2023-10-16 DIVD-2022-00020 - Inproper input validation vulnerabilities identified within Feathers.js (458 days) :2022-02-23, 2023-05-27 DIVD-2022-00042 - Canon print portals facing the internet (230 days) :2022-08-18, 2023-04-05 DIVD-2022-00048 - Dossier Energy Transition (open) :2022-09-07, 2024-04-12 DIVD-2022-00052 - Multiple vulnerabilities is Cloudflow software (open) :2023-02-21, 2024-04-12 DIVD-2022-00054 - ProxyNotShell - Microsoft Exchange SSRF and RCE (192 days) :2022-09-30, 2023-04-10 DIVD-2022-00055 - Server Management Interfaces security issues (open) :2022-10-08, 2024-04-12 DIVD-2022-00056 - Critical authentication bypass affecting Fortigate products (180 days) :2022-10-07, 2023-04-05 DIVD-2022-00058 - ZK Framework - ZK AuUploader Servlet Upload Vulnerability (open) :2022-10-30, 2024-04-12 DIVD-2022-00061 - KNXNet/IP gateways often left open to the internet (open) :2022-02-08, 2024-04-12 DIVD-2022-00063 - Memory overflow vulnerability in FortiOS SSL VPN (170 days) :2022-12-12, 2023-05-31 DIVD-2022-00064 - Multiple injection vulnerabilities identified within Axiell Iguana CMS (open) :2022-09-08, 2024-04-12 DIVD-2022-00065 - Multiple Critical Vulnerabilities in multiple Zyxel EOL devices (open) :2022-12-19, 2024-04-12 DIVD-2022-00068 - Multiple vulnerabilities identified within White Rabbit Switch from CERN (196 days) :2022-11-16, 2023-05-31 DIVD-2023-00001 - Citrix systems vulnerable for CVE-2022-27510 and/or CVE-2022-27518 (126 days) :2023-01-18, 2023-05-24 DIVD-2023-00002 - Publicly Reachable Malicious Webshells (open) :2023-01-06, 2024-04-12 DIVD-2023-00004 - Unauthenticated Remote Command Execution using SAML in Zoho ManageEngine (87 days) :2023-01-20, 2023-04-17 DIVD-2023-00006 - Unauthenticated code injection in QNAP QTS and QuTS hero (48 days) :2023-02-02, 2023-03-22 DIVD-2023-00007 - Global VMware ESXi Ransomware Attack (74 days) :2023-02-03, 2023-04-18 DIVD-2023-00009 - Cisco RV Series Remote Command Execution (178 days) :2023-02-07, 2023-08-04 DIVD-2023-00010 - Remote Code Execution in Microsoft Exchange Server (open) :2023-02-14, 2024-04-12 DIVD-2023-00011 - FortiNAC and FortiWeb RCE Vulnerability (open) :2023-02-03, 2024-04-12 DIVD-2023-00012 - Unauthenticated Remote Command Execution in IBM Aspera Faspex (62 days) :2023-02-17, 2023-04-20 DIVD-2023-00014 - Critical Broken Authentication Flaw in Jira Service Management Products (63 days) :2023-02-01, 2023-04-05 DIVD-2023-00016 - GLPI Remote Code Execution (196 days) :2022-11-10, 2023-05-25 DIVD-2023-00017 - Cisco Small Business Router Authentication Bypass (195 days) :2023-03-15, 2023-09-26 DIVD-2023-00020 - PaperCut MF/NG Authentication Bypass (20 days) :2023-04-20, 2023-05-10 DIVD-2023-00021 - Multiple vulnerabilities in Danfoss AK-EM 100 (open) :2023-01-18, 2024-04-12 DIVD-2023-00022 - OS command injection vulnerability of Zyxel firewalls (open) :2023-04-28, 2024-04-12 DIVD-2023-00023 - SQL injection in MOVEit Transfer - CVE-2023-34362 (55 days) :2023-06-02, 2023-07-27 DIVD-2023-00024 - SQL injection in GeoServer - CVE-2023-25157 (111 days) :2023-06-07, 2023-09-26 DIVD-2023-00025 - Multiple vulnerabilities in Danfoss AK-SM800A (open) :2023-01-18, 2024-04-12 DIVD-2023-00026 - Apache Superset authentication bypass leads to RCE - CVE-2023-27524 (open) :2023-07-02, 2024-04-12 DIVD-2023-00027 - Ignite Realtime Openfire auth bypass - CVE-2023-32315 (open) :2023-06-23, 2024-04-12 DIVD-2023-00028 - SQL Injection in MOVEit Transfer - CVE-2023-36934 (open) :2023-07-06, 2024-04-12 DIVD-2023-00029 - Critical Fortinet SSL-VPN RCE Vulnerability (109 days) :2023-06-09, 2023-09-26 DIVD-2023-00030 - Citrix systems vulnerable for CVE-2023-3519 (open) :2023-07-18, 2024-04-12 DIVD-2023-00031 - Ivanti MobileIron vulnerable for CVE-2023-35078 (63 days) :2023-07-25, 2023-09-26 DIVD-2023-00032 - Access Control Bypass - CVE-2023-29298 & CVE-2023-38205 (open) :2023-07-14, 2024-04-12 DIVD-2023-00033 - Citrix systems exploited with CVE-2023-3519 (70 days) :2023-07-18, 2023-09-26 DIVD-2023-00034 - API Authentication Bypass Vulnerability in Ivanti Sentry (35 days) :2023-08-22, 2023-09-26 DIVD-2023-00035 - Remote Code Execution in Juniper Networks SRX- and EX-Series (open) :2023-09-11, 2024-04-12 DIVD-2023-00036 - Authentication Bypass in JetBrains TeamCity (87 days) :2023-09-20, 2023-12-16 DIVD-2023-00037 - Security Feature Bypass in MinIO (open) :2023-09-26, 2024-04-12 DIVD-2023-00038 - Global Cisco IOS-XE (CVE-2023-20198) Implants (open) :2023-10-17, 2024-04-12 DIVD-2023-00039 - VMware vCenter Server RCE (open) :2023-10-25, 2024-04-12 DIVD-2023-00040 - Critical F5 BIG-IP unauthenticated RCE Vulnerability (open) :2023-10-28, 2024-04-12 DIVD-2023-00042 - Confluence improper authorization vulnerability (open) :2023-11-11, 2024-04-12 DIVD-2023-00045 - Confluence RCE Vulnerability In Confluence Data Center and Confluence Server (open) :2023-12-05, 2024-04-12 DIVD-2024-00001 - Auth. Bypass and Command Injection in Ivanti VPN appliance (open) :2024-01-10, 2024-04-12 DIVD-2024-00002 - Account takeover vulnerability in Gitlab CE/EE (open) :2024-01-12, 2024-04-12 DIVD-2024-00003 - Unauthenticaded Remote Code Execution in CrushFTP (open) :2023-12-13, 2024-04-12 DIVD-2024-00005 - Remote code execution in FortiOS (open) :2024-02-08, 2024-04-12 DIVD-2024-00006 - Authentication Bypass in JetBrains TeamCity (open) :2024-02-08, 2024-04-12 DIVD-2024-00008 - Authentication Bypass and Remote Code Execution in ConnectWise ScreenConnect (open) :2024-02-21, 2024-04-12 DIVD-2024-00009 - Authentication Bypass in JetBrains TeamCity (open) :2024-03-06, 2024-04-12

Open cases

Some statistics

Year # of cases # of vulnerable IPs notified
2020 14 58,358
2021 25 99,006
2022 42 244,788
2023 37 337,027
2024 7 0