Skip to the content.
Home
/ CVEs
DIVD CSIRT
Making the internet safer through Coordinated Vulnerability Disclosure
Menu
Home
DIVD
CSIRT
Cases
DIVD-2021-00015
Telegram group shares stolen credentials....
DIVD-2021-00014
DIVD recommends not exposing the on-premise Kaseya Unitrends servers to the...
DIVD-2021-00012
Botnet stolen credentials...
DIVD-2021-00011
Multiple vulnerabilities discovered in Kaseya VSA....
DIVD-2021-00010
A PreAuth RCE vulnerability has been found in vCenter Server...
DIVD-2021-00005
A PreAuth RCE vulnerability has been found in Pulse Connect Secure...
DIVD-2021-00004
A list of credentials that phishers gained from victims has leaked and has ...
DIVD-2021-00002
Kaseya recommends disabling the on-premise Kaseya VSA servers immediately....
DIVD-2021-00001
On-prem Exchange Servers targeted with 0-day exploits...
DIVD-2020-00014
SolarWinds Orion API authentication bypass...
DIVD-2020-00013
A list of credentials that phishers gained from victims has leaked and has ...
DIVD-2020-00012
A list of 49 577 vulnerable Fortinet devices leaked online...
DIVD-2020-00011
Four critical vulnerabilities in Vembu BDR...
DIVD-2020-00010
WordPress Plugin wpDiscuz has a vulnerability that alllows attackers to tak...
DIVD-2020-00009
Data dumped from compromised Pulse Secure VPN enterprise servers....
DIVD-2020-00008
313 000 .NL domains running Wordpress scanned....
DIVD-2020-00007
Citrix ShareFile storage zones Controller multiple security updates...
DIVD-2020-00006
SMBv3 Server Compression Transform Header Memory Corruption...
DIVD-2020-00005
Apache Tomcat AJP File Read/Inclusion Vulnerability...
DIVD-2020-00004
List of Mirai botnet victims published with credentials...
DIVD-2020-00003
Exploits available for MS RDP Gateway Bluegate...
DIVD-2020-00002
Wildcard Certificates Citrix ADC...
DIVD-2020-00001
Citrix ADC...
CVEs
CVE-2021-30201 - Authenticated XML External Entity vulnerability in Kaseya VS...
CVE-2021-30121 - Authenticated local file inclusion in Kaseya VSA < v9.5.6...
CVE-2021-30120 - 2FA bypass in Kaseya VSA <= v9.5.6...
CVE-2021-30119 - Authenticated Authenticated reflective XSS in Kaseya VSA <= ...
CVE-2021-30118 - Unautheticated RCE in Kaseya VSA < v9.5.5...
CVE-2021-30117 - Autheticated SQL injection in Kaseya VSA < v9.5.6...
CVE-2021-30116 - Unautheticated credential leak and business logic flaw in Ka...
CVE-2021-26474 - Unauthenticated server side request forgery in Vembu product...
CVE-2021-26473 - Unauthenticated arbitrary file upload and command execution ...
CVE-2021-26472 - Unauthenticated remote command execution in Vembu products...
Blog
2021-07-07 : Kaseya VSA Limited Disclosure...
2021-07-06 : Kaseya Case Update 3...
2021-07-04 : Kaseya Case Update 2...
2021-07-03 : Kaseya Case Update...
2021-07-02 : Kaseya VSA Advisory...
2021-06-06 : vCenter Server PreAuth RCE...
2021-06-03 : Warehouse Botnet...
2021-05-14 : Closing ProxyLogon case / Case ProxyLogon gesloten...
2021-05-11 : Vembu Zero Days...
2021-05-10 : Pulse Secure PreAuth RCE...
More...
Donate
RSS
Contact
CVE-2021-30201 - Authenticated XML External Entity vulnerability in Kaseya VSA < v9.5.6
CVE-2021-30121 - Authenticated local file inclusion in Kaseya VSA < v9.5.6
CVE-2021-30120 - 2FA bypass in Kaseya VSA <= v9.5.6
CVE-2021-30119 - Authenticated Authenticated reflective XSS in Kaseya VSA <= v9.5.6
CVE-2021-30118 - Unautheticated RCE in Kaseya VSA < v9.5.5
CVE-2021-30117 - Autheticated SQL injection in Kaseya VSA < v9.5.6
CVE-2021-30116 - Unautheticated credential leak and business logic flaw in Kaseya VSA <= v9.5.6
CVE-2021-26474 - Unauthenticated server side request forgery in Vembu products
CVE-2021-26473 - Unauthenticated arbitrary file upload and command execution in Vembu products
CVE-2021-26472 - Unauthenticated remote command execution in Vembu products
CVE-2021-26471 - Unauthenticated remote command execution in Vembu products