Skip to the content.

The DIVD CSIRT…

… supports the Dutch Institute for Vulnerability Disclosure, in its mission “…to make the digital world safer by reporting vulnerabilities we find in digital systems to the people who can fix them. We have a global reach, but do it Dutch style: open, honest, collaborative, and for free.”

The CSIRT handles the scanning for and disclosing of vulnerabilities, either discovered by DIVD researchers or third parties and warning people for leaked credentials and operates our CVE Numbering Authoristy (CNA) capability.

Our blog

Last 10 posts …

More posts

gantt title Cases currently open or recently closed dateFormat YYYY-MM-DD axisFormat %e %b %Y DIVD-2021-00020 - OSNexsus QuantaStor limited disclosure and product warning (797 days) :2021-08-10, 2023-10-16 DIVD-2022-00048 - Dossier Energy Transition (572 days) :2022-09-07, 2024-04-01 DIVD-2022-00052 - Multiple vulnerabilities is Cloudflow software (open) :2023-02-21, 2024-08-12 DIVD-2022-00064 - Multiple injection vulnerabilities identified within Axiell Iguana CMS (open) :2022-09-08, 2024-08-12 DIVD-2022-00065 - Multiple Critical Vulnerabilities in multiple Zyxel EOL devices (213 days) :2022-12-19, 2023-07-20 DIVD-2023-00009 - Cisco RV Series Remote Command Execution (178 days) :2023-02-07, 2023-08-04 DIVD-2023-00010 - Remote Code Execution in Microsoft Exchange Server (open) :2023-02-14, 2024-08-12 DIVD-2023-00011 - FortiNAC and FortiWeb RCE Vulnerability (320 days) :2023-02-03, 2023-12-20 DIVD-2023-00017 - Cisco Small Business Router Authentication Bypass (195 days) :2023-03-15, 2023-09-26 DIVD-2023-00021 - Multiple vulnerabilities in Danfoss AK-EM 100 (336 days) :2023-01-18, 2023-12-20 DIVD-2023-00022 - OS command injection vulnerability of Zyxel firewalls (236 days) :2023-04-28, 2023-12-20 DIVD-2023-00023 - SQL injection in MOVEit Transfer - CVE-2023-34362 (55 days) :2023-06-02, 2023-07-27 DIVD-2023-00024 - SQL injection in GeoServer - CVE-2023-25157 (111 days) :2023-06-07, 2023-09-26 DIVD-2023-00025 - Multiple vulnerabilities in Danfoss AK-SM800A (336 days) :2023-01-18, 2023-12-20 DIVD-2023-00027 - Ignite Realtime Openfire auth bypass - CVE-2023-32315 (75 days) :2023-06-23, 2023-09-06 DIVD-2023-00028 - SQL Injection in MOVEit Transfer - CVE-2023-36934 (open) :2023-07-06, 2024-08-12 DIVD-2023-00029 - Critical Fortinet SSL-VPN RCE Vulnerability (109 days) :2023-06-09, 2023-09-26 DIVD-2023-00030 - Citrix systems vulnerable for CVE-2023-3519 (6 days) :2023-07-18, 2023-07-24 DIVD-2023-00031 - Ivanti MobileIron vulnerable for CVE-2023-35078 (63 days) :2023-07-25, 2023-09-26 DIVD-2023-00032 - Access Control Bypass - CVE-2023-29298 & CVE-2023-38205 (28 days) :2023-07-14, 2023-08-11 DIVD-2023-00033 - Citrix systems exploited with CVE-2023-3519 (70 days) :2023-07-18, 2023-09-26 DIVD-2023-00034 - API Authentication Bypass Vulnerability in Ivanti Sentry (35 days) :2023-08-22, 2023-09-26 DIVD-2023-00035 - Remote Code Execution in Juniper Networks SRX- and EX-Series (238 days) :2023-09-11, 2024-05-06 DIVD-2023-00036 - Authentication Bypass in JetBrains TeamCity (87 days) :2023-09-20, 2023-12-16 DIVD-2023-00037 - Security Feature Bypass in MinIO (65 days) :2023-09-26, 2023-11-30 DIVD-2023-00038 - Global Cisco IOS-XE (CVE-2023-20198) Implants (45 days) :2023-10-17, 2023-12-01 DIVD-2023-00039 - VMware vCenter Server RCE (open) :2023-10-25, 2024-08-12 DIVD-2023-00040 - Critical F5 BIG-IP unauthenticated RCE Vulnerability (12 days) :2023-10-28, 2023-11-09 DIVD-2023-00042 - Confluence improper authorization vulnerability (155 days) :2023-11-11, 2024-04-14 DIVD-2023-00045 - Confluence RCE Vulnerability In Confluence Data Center and Confluence Server (131 days) :2023-12-05, 2024-04-14 DIVD-2024-00001 - Auth. Bypass and Command Injection in Ivanti VPN appliance (33 days) :2024-01-10, 2024-02-12 DIVD-2024-00002 - Account takeover vulnerability in Gitlab CE/EE (141 days) :2024-01-12, 2024-06-01 DIVD-2024-00003 - Unauthenticaded Remote Code Execution in CrushFTP (126 days) :2023-12-13, 2024-04-17 DIVD-2024-00004 - 2024-00004 Global NGOs (open) :2023-10-04, 2024-08-12 DIVD-2024-00005 - Remote code execution in FortiOS (7 days) :2024-02-08, 2024-02-15 DIVD-2024-00006 - Authentication Bypass in JetBrains TeamCity (49 days) :2024-02-08, 2024-03-28 DIVD-2024-00008 - Authentication Bypass and Remote Code Execution in ConnectWise ScreenConnect (101 days) :2024-02-21, 2024-06-01 DIVD-2024-00009 - Authentication Bypass in JetBrains TeamCity (22 days) :2024-03-06, 2024-03-28 DIVD-2024-00010 - Unauthenticated Command Injection In Progress Kemp LoadMaster (34 days) :2024-03-20, 2024-04-23 DIVD-2024-00013 - Palo Alto PAN-OS Command Injection Vulnerability in GlobalProtect (11 days) :2024-04-12, 2024-04-23 DIVD-2024-00014 - Qlik Sense Remote Code Execution (75 days) :2024-04-19, 2024-07-03 DIVD-2024-00015 - Remote Command Execution in CrushFTP (39 days) :2024-04-23, 2024-06-01 DIVD-2024-00016 - Command injection vulnerabilities in QNAP devices (open) :2024-04-30, 2024-08-12 DIVD-2024-00018 - Out-Of-Bounds memory read vulnerability in Citrix Netscaler and Gateway (66 days) :2024-05-08, 2024-07-13 DIVD-2024-00019 - Victim Notification Operation Endgame (open) :2024-05-30, 2024-08-12 DIVD-2024-00020 - Authentication Bypass in GitHub Enterprise Server (GHES) (24 days) :2024-05-27, 2024-06-20 DIVD-2024-00021 - Local File Inclusion in Check Point Security Gateway software (open) :2024-05-30, 2024-08-12 DIVD-2024-00023 - Authentication Bypass Vulnerability in Progress Telerik Report Server (39 days) :2024-06-04, 2024-07-13 DIVD-2024-00025 - QNAP - OS command injection as Admin user possible via quick.cgi (open) :2024-06-07, 2024-08-12 DIVD-2024-00026 - Unauthenticated RCE in Rejetto HTTP File Server (33 days) :2024-06-10, 2024-07-13 DIVD-2024-00028 - Local File Inclusion in SolarWinds U-Serv (open) :2024-06-21, 2024-08-12 DIVD-2024-00029 - VMware vCenter Server multiple heap-overflow vulnerabilities (open) :2024-06-21, 2024-08-12 DIVD-2024-00030 - Zyxel NAS - unauthenticated OS command injection (open) :2024-06-24, 2024-08-12 DIVD-2024-00032 - Unauthenticated Remote Code Execution (RCE) vulnerability in Geoserver (open) :2024-07-03, 2024-08-12

Open cases

Some statistics

Year # of cases # of vulnerable IPs notified
2020 14 58,358
2021 25 99,006
2022 42 297,472
2023 37 375,531
2024 24 454,927