DIVD CSIRT

gantt title Cases currently open or recently closed dateFormat YYYY-MM-DD axisFormat %e %b %Y DIVD-2021-00020 - OSNexsus QuantaStor limited disclosure and product warning (797 days) :2021-08-10, 2023-10-16 DIVD-2022-00048 - Dossier Energy Transition (572 days) :2022-09-07, 2024-04-01 DIVD-2022-00052 - Multiple vulnerabilities is Cloudflow software (516 days) :2023-02-21, 2024-07-21 DIVD-2022-00064 - Multiple injection vulnerabilities identified within Axiell Iguana CMS (683 days) :2022-09-08, 2024-07-22 DIVD-2023-00009 - Cisco RV Series Remote Command Execution (178 days) :2023-02-07, 2023-08-04 DIVD-2023-00010 - Remote Code Execution in Microsoft Exchange Server (524 days) :2023-02-14, 2024-07-22 DIVD-2023-00011 - FortiNAC and FortiWeb RCE Vulnerability (320 days) :2023-02-03, 2023-12-20 DIVD-2023-00017 - Cisco Small Business Router Authentication Bypass (195 days) :2023-03-15, 2023-09-26 DIVD-2023-00021 - Multiple vulnerabilities in Danfoss AK-EM 100 (336 days) :2023-01-18, 2023-12-20 DIVD-2023-00022 - OS command injection vulnerability of Zyxel firewalls (236 days) :2023-04-28, 2023-12-20 DIVD-2023-00023 - SQL injection in MOVEit Transfer - CVE-2023-34362 (55 days) :2023-06-02, 2023-07-27 DIVD-2023-00024 - SQL injection in GeoServer - CVE-2023-25157 (111 days) :2023-06-07, 2023-09-26 DIVD-2023-00025 - Multiple vulnerabilities in Danfoss AK-SM800A (336 days) :2023-01-18, 2023-12-20 DIVD-2023-00027 - Ignite Realtime Openfire auth bypass - CVE-2023-32315 (75 days) :2023-06-23, 2023-09-06 DIVD-2023-00028 - SQL Injection in MOVEit Transfer - CVE-2023-36934 (382 days) :2023-07-06, 2024-07-22 DIVD-2023-00029 - Critical Fortinet SSL-VPN RCE Vulnerability (109 days) :2023-06-09, 2023-09-26 DIVD-2023-00031 - Ivanti MobileIron vulnerable for CVE-2023-35078 (63 days) :2023-07-25, 2023-09-26 DIVD-2023-00032 - Access Control Bypass - CVE-2023-29298 & CVE-2023-38205 (28 days) :2023-07-14, 2023-08-11 DIVD-2023-00033 - Citrix systems exploited with CVE-2023-3519 (70 days) :2023-07-18, 2023-09-26 DIVD-2023-00034 - API Authentication Bypass Vulnerability in Ivanti Sentry (35 days) :2023-08-22, 2023-09-26 DIVD-2023-00035 - Remote Code Execution in Juniper Networks SRX- and EX-Series (238 days) :2023-09-11, 2024-05-06 DIVD-2023-00036 - Authentication Bypass in JetBrains TeamCity (87 days) :2023-09-20, 2023-12-16 DIVD-2023-00037 - Security Feature Bypass in MinIO (65 days) :2023-09-26, 2023-11-30 DIVD-2023-00038 - Global Cisco IOS-XE (CVE-2023-20198) Implants (45 days) :2023-10-17, 2023-12-01 DIVD-2023-00039 - VMware vCenter Server RCE (271 days) :2023-10-25, 2024-07-22 DIVD-2023-00040 - Critical F5 BIG-IP unauthenticated RCE Vulnerability (12 days) :2023-10-28, 2023-11-09 DIVD-2023-00042 - Confluence improper authorization vulnerability (155 days) :2023-11-11, 2024-04-14 DIVD-2023-00045 - Confluence RCE Vulnerability In Confluence Data Center and Confluence Server (131 days) :2023-12-05, 2024-04-14 DIVD-2024-00001 - Auth. Bypass and Command Injection in Ivanti VPN appliance (33 days) :2024-01-10, 2024-02-12 DIVD-2024-00002 - Account takeover vulnerability in Gitlab CE/EE (141 days) :2024-01-12, 2024-06-01 DIVD-2024-00003 - Unauthenticaded Remote Code Execution in CrushFTP (126 days) :2023-12-13, 2024-04-17 DIVD-2024-00004 - 2024-00004 Global NGOs (open) :2023-10-04, 2024-08-22 DIVD-2024-00005 - Remote code execution in FortiOS (7 days) :2024-02-08, 2024-02-15 DIVD-2024-00006 - Authentication Bypass in JetBrains TeamCity (49 days) :2024-02-08, 2024-03-28 DIVD-2024-00008 - Authentication Bypass and Remote Code Execution in ConnectWise ScreenConnect (101 days) :2024-02-21, 2024-06-01 DIVD-2024-00009 - Authentication Bypass in JetBrains TeamCity (22 days) :2024-03-06, 2024-03-28 DIVD-2024-00010 - Unauthenticated Command Injection In Progress Kemp LoadMaster (34 days) :2024-03-20, 2024-04-23 DIVD-2024-00013 - Palo Alto PAN-OS Command Injection Vulnerability in GlobalProtect (11 days) :2024-04-12, 2024-04-23 DIVD-2024-00014 - Qlik Sense Remote Code Execution (75 days) :2024-04-19, 2024-07-03 DIVD-2024-00015 - Remote Command Execution in CrushFTP (39 days) :2024-04-23, 2024-06-01 DIVD-2024-00016 - Command injection vulnerabilities in QNAP devices (open) :2024-04-30, 2024-08-22 DIVD-2024-00018 - Out-Of-Bounds memory read vulnerability in Citrix Netscaler and Gateway (66 days) :2024-05-08, 2024-07-13 DIVD-2024-00019 - Victim Notification Operation Endgame (open) :2024-05-30, 2024-08-22 DIVD-2024-00020 - Authentication Bypass in GitHub Enterprise Server (GHES) (24 days) :2024-05-27, 2024-06-20 DIVD-2024-00021 - Local File Inclusion in Check Point Security Gateway software (47 days) :2024-05-30, 2024-07-16 DIVD-2024-00023 - Authentication Bypass Vulnerability in Progress Telerik Report Server (39 days) :2024-06-04, 2024-07-13 DIVD-2024-00025 - QNAP - OS command injection as Admin user possible via quick.cgi (open) :2024-06-07, 2024-08-22 DIVD-2024-00026 - Unauthenticated RCE in Rejetto HTTP File Server (33 days) :2024-06-10, 2024-07-13 DIVD-2024-00028 - Local File Inclusion in SolarWinds U-Serv (open) :2024-06-21, 2024-08-22 DIVD-2024-00029 - VMware vCenter Server multiple heap-overflow vulnerabilities (open) :2024-06-21, 2024-08-22 DIVD-2024-00030 - Zyxel NAS - unauthenticated OS command injection (open) :2024-06-24, 2024-08-22 DIVD-2024-00032 - Unauthenticated Remote Code Execution (RCE) vulnerability in Geoserver (open) :2024-07-03, 2024-08-22 DIVD-2024-00033 - ServiceNow - unauthenticated remote code execution (RCE) (open) :2024-07-13, 2024-08-22