DIVD CSIRT

gantt title Cases currently open or recently closed dateFormat YYYY-MM-DD axisFormat %e %b %Y DIVD-2021-00014 - Kaseya Unitrends (open) :2021-07-02, 2023-04-26 DIVD-2021-00015 - Telegram OD (487 days) :2021-06-10, 2022-10-10 DIVD-2021-00021 - Qlik Sense Enterprise domain user enumeration (226 days) :2021-08-18, 2022-04-01 DIVD-2021-00022 - Exchange ProxyShell and ProxyOracle (406 days) :2021-08-30, 2022-10-10 DIVD-2021-00023 - Atlassian Confluence OGNL injection (RCE) (383 days) :2021-09-22, 2022-10-10 DIVD-2021-00029 - Smartertrack (358 days) :2021-10-17, 2022-10-10 DIVD-2021-00037 - Critical vulnerabilities in ITarian MSP platform and on-premise solution (313 days) :2021-12-01, 2022-10-10 DIVD-2021-00038 - Apache Log4j2 (117 days) :2021-12-09, 2022-04-05 DIVD-2022-00002 - Grafana (335 days) :2021-12-07, 2022-11-07 DIVD-2022-00004 - Post-Log4J Open Database C2 and Monero Miner Infections (132 days) :2022-01-13, 2022-05-25 DIVD-2022-00005 - Exposed BACnet devices (open) :2022-01-29, 2023-04-26 DIVD-2022-00006 - SAProuter (156 days) :2022-02-07, 2022-07-13 DIVD-2022-00007 - Subdomain Takeovers (open) :2022-02-04, 2023-04-26 DIVD-2022-00008 - XSS Zeroday in Zimbra (127 days) :2021-12-14, 2022-04-20 DIVD-2022-00009 - SolarMan backend administrator account/password (146 days) :2022-02-06, 2022-07-02 DIVD-2022-00010 - Auth bypass in SAP (61 days) :2022-02-08, 2022-04-10 DIVD-2022-00012 - Global Charity Vulnerabilities (324 days) :2022-02-22, 2023-01-12 DIVD-2022-00013 - The curious case of the odd update.microsoft.com certificates (260 days) :2022-02-05, 2022-10-23 DIVD-2022-00014 - GreyNoise's Ukraine only list (164 days) :2022-03-04, 2022-08-15 DIVD-2022-00015 - Unauthenticated user enumeration on GraphQL API (180 days) :2022-03-04, 2022-08-31 DIVD-2022-00017 - Global Healthcare Vulnerabilities (open) :2022-03-10, 2023-04-26 DIVD-2022-00019 - Insecure Mendix Applications (233 days) :2022-03-19, 2022-11-07 DIVD-2022-00020 - Inproper input validation vulnerabilities identified within Feathers.js (open) :2022-02-23, 2023-04-26 DIVD-2022-00021 - Ivanti EPM CSA remote code execution (240 days) :2022-03-25, 2022-11-20 DIVD-2022-00022 - WatchGuard Firebox and XTM appliance ACE vulnerability (216 days) :2022-03-29, 2022-10-31 DIVD-2022-00024 - Spring Cloud RCE - CVE-2022-22963 (175 days) :2022-03-31, 2022-09-22 DIVD-2022-00025 - VMware - CVE-2022-22954 (233 days) :2022-04-12, 2022-12-01 DIVD-2022-00026 - WSO2 Remote Code Executions - CVE-2022-29464 (210 days) :2022-04-24, 2022-11-20 DIVD-2022-00027 - F5 BIG-IP iControl REST API remote code execution (46 days) :2022-05-10, 2022-06-25 DIVD-2022-00029 - Remote Code Execution on Sophos Firewall (288 days) :2022-05-10, 2023-02-22 DIVD-2022-00030 - Exposed QNAP (open) :2022-05-23, 2023-04-26 DIVD-2022-00032 - Exchange backdoor (open) :2022-06-03, 2023-04-26 DIVD-2022-00033 - Atlassian Confluence 0-day unauthenticated RCE (181 days) :2022-06-03, 2022-12-01 DIVD-2022-00038 - Vulnerable Oracle WebLogic Server (247 days) :2022-07-03, 2023-03-07 DIVD-2022-00042 - Canon print portals facing the internet (open) :2022-08-18, 2023-04-26 DIVD-2022-00045 - Injection vulnerability found within Socket.io (open) :2022-04-29, 2023-04-26 DIVD-2022-00048 - Dossier Energy Transition (open) :2022-09-07, 2023-04-26 DIVD-2022-00051 - H2 Web Console - CVE-2021-42392, CVE-2022-23221 (open) :2022-09-09, 2023-04-26 DIVD-2022-00052 - Multiple vulnerabilities is Cloudflow software (open) :2023-02-21, 2023-04-26 DIVD-2022-00053 - Atlassian Bitbucket Server - CVE-2022-36804 (open) :2022-09-21, 2023-04-26 DIVD-2022-00054 - ProxyNotShell - Microsoft Exchange SSRF and RCE (open) :2022-09-30, 2023-04-26 DIVD-2022-00055 - Server Management Interfaces security issues (open) :2022-10-08, 2023-04-26 DIVD-2022-00056 - Critical authentication bypass affecting Fortigate products (open) :2022-10-07, 2023-04-26 DIVD-2022-00060 - Command Injection vulnerability in Bitbucket Server and Data Center (116 days) :2022-11-17, 2023-03-13 DIVD-2022-00061 - KNXNet/IP gateways often left open to the internet (open) :2022-02-08, 2023-04-26 DIVD-2022-00063 - Memory overflow vulnerability in FortiOS SSL VPN (open) :2022-12-12, 2023-04-26 DIVD-2022-00064 - Multiple injection vulnerabilities identified within Axiell Iguana CMS (open) :2022-09-08, 2023-04-26 DIVD-2022-00065 - Multiple Critical Vulnerabilities in multiple Zyxel EOL devices (open) :2022-12-19, 2023-04-26 DIVD-2023-00001 - Citrix systems vulnerable for CVE-2022-27510 and/or CVE-2022-27518 (open) :2023-01-18, 2023-04-26 DIVD-2023-00002 - Publicly Reachable Malicious Webshells (open) :2023-01-06, 2023-04-26 DIVD-2023-00003 - OS command injection in CentOS CWP (42 days) :2023-01-11, 2023-02-22 DIVD-2023-00004 - Unauthenticated Remote Command Execution using SAML in Zoho ManageEngine (open) :2023-01-20, 2023-04-26 DIVD-2023-00006 - Unauthenticated code injection in QNAP QTS and QuTS hero (open) :2023-02-02, 2023-04-26 DIVD-2023-00007 - Global VMware ESXi Ransomware Attack (open) :2023-02-03, 2023-04-26 DIVD-2023-00009 - Cisco RV Series Remote Command Execution (open) :2023-02-07, 2023-04-26 DIVD-2023-00010 - Remote Code Execution in Microsoft Exchange Server (open) :2023-02-14, 2023-04-26 DIVD-2023-00011 - FortiNAC and FortiWeb RCE Vulnerability (open) :2023-02-03, 2023-04-26 DIVD-2023-00012 - Unauthenticated Remote Command Execution in IBM Aspera Faspex (open) :2023-02-17, 2023-04-26 DIVD-2023-00014 - Critical Broken Authentication Flaw in Jira Service Management Products (open) :2023-02-01, 2023-04-26 DIVD-2023-00015 - Yeastar Configuration Panel Takeover (13 days) :2023-01-20, 2023-02-02 DIVD-2023-00016 - GLPI Remote Code Execution (open) :2022-11-10, 2023-04-26 DIVD-2023-00017 - Cisco Small Business Router Authentication Bypass (open) :2023-03-15, 2023-04-26