Skip to the content.
Home
/ CVEs
DIVD CSIRT
Making the internet safer through Coordinated Vulnerability Disclosure
Menu
Home
DIVD
CSIRT
Cases
DIVD-2022-00038 - Vulnerable Oracle WebLogic Server
Patch vulnerable Oracle WebLogic Servers immediately as some versions are v...
DIVD-2022-00033 - Atlassian Confluence 0-day unauthenticated RCE
CVE-2022-26134 is a 0-day RCE in Confluence. We are scanning the internet f...
DIVD-2022-00032 - Exchange backdoor
Sneaky backdoor installed on earlier hit Exchange Servers....
DIVD-2022-00030 - Exposed QNAP
QNAP urges users to immediately patch NAS devices after several were recent...
DIVD-2022-00029 - Remote Code Execution on Sophos Firewall
An authentication bypass vulnerability in the User Portal and Webadmin allo...
DIVD-2022-00027 - F5 BIG-IP iControl REST API remote code execution
F5 BIG-IP is vulnerable to remote code execution due to a vulnerability tha...
DIVD-2022-00026 - WSO2 Remote Code Executions - CVE-2022-29464
WSO2 servers are vulnerable to remote code execution due to a vulnerability...
DIVD-2022-00025 - VMware - CVE-2022-22954
VMware Workspace ONE Access and Identity Manager contain a remote code exec...
DIVD-2022-00024 - Spring Cloud RCE - CVE-2022-22963
Spring Cloud Function versions prior to 3.1.7 and 3.2.3 are vulnerable to r...
DIVD-2022-00022 - WatchGuard Firebox and XTM appliance ACE vulnerability
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execu...
DIVD-2022-00021 - Ivanti EPM CSA remote code execution
DIVD is searching for vulnerable instances of the Ivanti EPM Cloud Services...
DIVD-2022-00019 - Insecure Mendix Applications
DIVD is researching misconfigured Entity access rules in applications built...
DIVD-2022-00017 - Global Healthcare Vulnerabilities
DIVD is researching vulnerabilities in healthcare services globally and not...
DIVD-2022-00015 - Unauthenticated user enumeration on GraphQL API
CVE-2021-4191: GitLab GraphQL API User Enumeration...
DIVD-2022-00014 - GreyNoise's Ukraine only list
GreyNoise has created a public list of IP addresses that have exclusively b...
DIVD-2022-00012 - Global Charity Vulnerabilities
DIVD is researching vulnerabilities in charities globally and notifying the...
DIVD-2022-00010 - Auth bypass in SAP
Unauthenticated user impersonation (auth bypass) in SAP Posted on February ...
DIVD-2022-00009 - SolarMan backend administrator account/password
DIVD researcher Jelle Ursem found the password of the super user of the web...
DIVD-2022-00008 - XSS Zeroday in Zimbra
A new Zero-day XSS Vulnerability in Zimbra was published on the internet on...
DIVD-2022-00007 - Subdomain Takeovers
Subdomain Takeovers via CNAMES or A records pointing to Azure, AWS, GitHub ...
DIVD-2022-00006 - SAProuter
DIVD scanned for internet connected SAProuters that respond to information-...
DIVD-2022-00005 - Exposed BACnet devices
Exposed BACnet devices...
DIVD-2022-00004 - Post-Log4J Open Database C2 and Monero Miner Infections
Post-Log4J Open Database Instances used for C2 and Monero Miner Infections....
DIVD-2022-00002 - Grafana
Unauthenticated Directory Traversal vulnerability in Grafana - CVE-2021-437...
DIVD-2021-00039 - HP iLO
We will be scanning for open-iLO ports...
DIVD-2021-00038 - Apache Log4j2
We will be scanning for CVE-2021-44228...
DIVD-2021-00037 - Critical vulnerabilities in ITarian MSP platform and on-p
ITarian an online platform and on-premise solution for Managed Services Pro...
DIVD-2021-00036 - VMware vCenter Server arbitrary file read vulnerability
We will be scanning for CVE-2021-21980...
DIVD-2021-00033 - Sites with Potential SQL-Injection
We obtained a list with sites potentially vulnerable to SQL-Injection...
DIVD-2021-00030 - GitLab Unauthenticated RCE Flaw
We will be scanning for CVE-2021-22205...
DIVD-2021-00029 - Smartertrack
Several vulnerabilities have been found in the helpdesk software called Sma...
DIVD-2021-00027 - Apache HTTP 2.4.49 Path Traversal and File Disclosure
We will be scanning for CVE-2021-41773...
DIVD-2021-00026 - Omigod: Microsoft Open Management Interface RCE
Omigod vulnerabilities make it possible to execute remote code via Microsof...
DIVD-2021-00023 - Atlassian Confluence OGNL injection (RCE)
In affected versions of Confluence Server and Data Center, an OGNL injectio...
DIVD-2021-00022 - Exchange ProxyShell and ProxyOracle
We will be scanning for the vulnerabilities related to the ProxyShell and P...
DIVD-2021-00021 - Qlik Sense Enterprise domain user enumeration
Domain user enumeration via response timing...
DIVD-2021-00017 - SolarWinds N-able N-central agent vulnerabilities
Vulnerabilities discovered affect multi-tenant environments....
DIVD-2021-00015 - Telegram OD
One of our researchers has discovered a Telegram group that shares millions...
DIVD-2021-00014 - Kaseya Unitrends
Users of on-premise Kaseya Unitrends are advised to not expose this service...
DIVD-2021-00012 - Warehouse Botnet
One of our researchers has discovered a database full of usernames and pass...
DIVD-2021-00011 - Kaseya VSA Disclosure
Wietse Boonstra found multiple vulnerabilities in Kaseya VSA, this casefile...
DIVD-2021-00010 - vCenter Server PreAuth RCE
A critical vulnerability has been found in VMware vCenter Server versions 3...
DIVD-2021-00007 - EA Origin XSS and RCE 1-click
Origin users are advised to update Origin client to the latest version...
DIVD-2021-00006 - SmarterMail
Multiple vulnerabilities discovered in all versions of 16.x of Smartertools...
DIVD-2021-00005 - Pulse Secure PreAuth RCE
Er zijn kritieke kwetsbaarheden gevonden in Pulse Secure Connect versies >=...
DIVD-2021-00004 - Gelekte phishing gegevens / Leaked phishing credentials
DIVD heeft een lijst van bij phishing buitgemaakte en daarna gelekte email...
DIVD-2021-00002 - Kaseya VSA
Users of on-premise Kaseya VSA are advised to disable their Kaseya VSA serv...
DIVD-2021-00001 - Microsoft on-prem Exchange Servers
Microsoft heeft meerdere 0-day exploits ontdekt die actief gebruikt worden...
DIVD-2020-00014 - SolarWinds Orion
Een authenticatie bypass kan aanvallers de mogelijkeheid geven om API comm...
DIVD-2020-00013 - Gelekte phishing wachtwoorden / Leaked phishing credentia
DIVD heeft een lijst van bij phishing buitgemaakte en daarna gelekte email...
DIVD-2020-00012 - 49 000 vulnerable Fortinet VPN devices
Er is een lijst online aangetroffen met 49 577 kwetsbare Fortinet VPN devi...
DIVD-2020-00011 - Four critical vulnerabilities in Vembu BDR
DIVD Onderzoeker Wietse Boonstra heeft vier critieke kwetsbaarheden gevond...
DIVD-2020-00010 - wpDiscuz plugin Remote Code Excution
In de WordPress Plugin wpDiscuz zit een kritieke kwetsbaarheid die aanvall...
DIVD-2020-00009 - Pulse Secure VPN enterprise Leak
Een datadump met informatie over meer dan 900 gecompromitteerde Pulse Secu...
DIVD-2020-00008 - 313 000 Wordpress sites scanned
Onderzoekers van het DIVD hebben 313 000 Wordpress sites met .NL domein ge...
DIVD-2020-00007 - Citrix ShareFile
Er is een kwetsbaarheid gevonden in Citrix ShareFile deze kwetsbaarheid ka...
DIVD-2020-00006 - SMBv3 Server Compression Transform Header Memory Corrupti
Security Meldpunt vraagt uw aandacht voor een SMBv3 kwetsbaarheid en gaat ...
DIVD-2020-00005 - Apache Tomcat AJP File Read/Inclusion Vulnerability
773 Nederlandse IP adressen kwetsbaar voor Ghostcat - Apache Tomcat AJP Fi...
DIVD-2020-00004 - List of Mirai botnet victims published with credentials
Een lijst met ruim 500k+ botnet slachtoffers is gepubliceerd / A list of M...
DIVD-2020-00003 - Microsoft RDP Gateway vulnerable for Bluegate RCE
16.000 kwetsbare Microsoft RDP Gateway systemen online / 16.000 vulnerable...
DIVD-2020-00002 - Wildcard certificaten Citrix ADC
Op ruim 450 kwetsbare Citrix ADC systemen hebben wij wildcard certificaten...
DIVD-2020-00001 - Citrix ADC
Onze status omtrend CVE-2019-19781 / Our current status around CVE-2019-19...
CVEs
CVE-2022-25153 - ITarian - Local privilege escalation in Endpoint Manager age...
CVE-2022-25152 - ITarian - Any user with a valid session token can create and...
CVE-2022-25151 - ITarian - Session cookie not protected by HttpOnly flag...
CVE-2022-24387 - File upload and overwrite to app_data/Config in SmarterTrack...
CVE-2022-24386 - Stored XSS in SmarterTrack v100.0.8019.14010...
CVE-2022-24385 - Information disclosure via direct object access on SmarterTr...
CVE-2022-24384 - Reflective XSS on SmarterTrack v100.0.8019.14010...
CVE-2022-0564 - Qlik sense Enterprise Domain User enumeration...
CVE-2021-43977 - SmarterTools SmarterMail before 100.0.7803 allows XSS...
CVE-2021-40387 - Authenticated Remote Code Execution in UniTrends Server < v...
Blog
2022-08-10 : Itarian Full disclosure...
2022-08-09 : SmarterTrack Full disclosure...
2022-06-08 : ITarian critical vulnerabilities...
2022-06-03 : Confluence 0-day...
2022-04-04 : Kaseya Full Disclosure...
2022-03-12 : SmarterTrack limited disclosure...
2022-02-08 : Auth bypass in SAP...
2022-02-07 : XSS Zeroday in Zimbra...
2022-02-01 : DIVD is a CVE Numbering Authority...
2021-12-14 : Update Apache log4j2 remote code execution...
More...
Donate
RSS
Contact
CVE-2022-25153 - ITarian - Local privilege escalation in Endpoint Manager agent on Windows
CVE-2022-25152 - ITarian - Any user with a valid session token can create and execute agent procedures and bypass mandatory approvals
CVE-2022-25151 - ITarian - Session cookie not protected by HttpOnly flag
CVE-2022-24387 - File upload and overwrite to app_data/Config in SmarterTrack v100.0.8019.14010
CVE-2022-24386 - Stored XSS in SmarterTrack v100.0.8019.14010
CVE-2022-24385 - Information disclosure via direct object access on SmarterTrack v100.0.8019.14010
CVE-2022-24384 - Reflective XSS on SmarterTrack v100.0.8019.14010
CVE-2022-0564 - Qlik sense Enterprise Domain User enumeration
CVE-2021-43977 - SmarterTools SmarterMail before 100.0.7803 allows XSS
CVE-2021-40387 - Authenticated Remote Code Execution in UniTrends Server < v10.5.5-2
CVE-2021-40386 - Undisclosed critical vulnerability in Unitrends Client, currently unpatched
CVE-2021-40385 - Privilege escalation from read-only to administrator in web interface of UniTrends Server < v10.5.5-2
CVE-2021-32234 - SmarterTools SmarterMail before Build 7776 allows RCE
CVE-2021-32233 - SmarterTools SmarterMail before Build 7776 allows XSS
CVE-2021-30201 - Unauthenticated XML External Entity vulnerability in Kaseya VSA < v9.5.6
CVE-2021-30121 - (Semi-)Authenticated local file inclusion in Kaseya VSA < v9.5.6
CVE-2021-30120 - 2FA bypass in Kaseya VSA <= v9.5.6
CVE-2021-30119 - Authenticated Authenticated reflective XSS in Kaseya VSA <= v9.5.6
CVE-2021-30118 - Unauthenticated Remote Code Execution in Kaseya VSA < v9.5.5
CVE-2021-30117 - Authenticated SQL injection in Kaseya VSA < v9.5.6
CVE-2021-30116 - Unauthenticated credential leak and business logic flaw in Kaseya VSA <= v9.5.6
CVE-2021-26474 - UNAUTHENTICATED SERVER SIDE REQUEST FORGERY IN VEMBU PRODUCTS
CVE-2021-26473 - Unauthenticated arbitrary file upload and command execution in Vembu products
CVE-2021-26472 - Unauthenticated remote command execution with SYSTEM privileges in Vembu products
CVE-2021-26471 - Unauthenticated remote command execution in Vembu products