Skip to the content.
Home /

DIVD CSIRT

Making the internet safer through Coordinated Vulnerability Disclosure

Menu
  • Home
    • DIVD
    • CSIRT
  • Cases
    • DIVD-2025-00002 - Authentication bypass in SonicWall SSL-VPN service
      SonicWall has identified an Improper Authentication vulnerability in the SS...
    • DIVD-2024-00052 - Remote code execution in Cleo Harmony, VLCTrader and Lexi
      Cleo has identified an unrestricted file upload and download vulnerability ...
    • DIVD-2024-00051 - Improper authorization vulnerabilty in ProjectSend,
      Improper authorization vulnerabilty, CVE-2024-11680, in open-source file-sh...
    • DIVD-2024-00050 - Path traversal vulnerabilty in Mitel MiCollab
      A path traversal vulnerability, CVE-2024-41713, in the NuPoint Unified Mess...
    • DIVD-2024-00049 - Vulnerabilities in D-Link NAS: Backdoor and Command Injec
      D-Link NAS are affected by a backdoor vulnerability facilitated by hardcode...
    • DIVD-2024-00048 - VMware vCenter Server heap-overflow and remote code execu
      The vCenter Server contains a heap-overflow vulnerability and a privilege e...
    • DIVD-2024-00047 - Multiple critical vulnerablilties in Palo Alto Networks P
      An authentication bypass in Palo Alto Networks PAN-OS software (CVE-2024-00...
    • DIVD-2024-00046 - Multiple critical vulnerablilties in Ivanti Cloud Service
      Ivanti CSA is affected by two critical vulnerabilities, allowing a remote u...
    • DIVD-2024-00045 - SysAid ITSM SQL Injection vulnerability
      In March 2024, a SQL Injection vulnerability has been discovered in SysAid ...
    • DIVD-2024-00044 - Missing authentication in Fortinet FortiManager fgfmsd
      A missing authentication for critical function vulnerability [CWE-306] in F...
    • DIVD-2024-00042 - Multiple critical vulnerabilities in Solarwinds Web Help
      The SolarWinds Web Help Desk software is affected by three critical vulnera...
    • DIVD-2024-00041 - Progress Software WhatsUp Gold SQL Injection Authenticati
      A SQL Injection vulnerability allows an unauthenticated attacker to retriev...
    • DIVD-2024-00040 - Zimbra Collaboration (ZCS) vulnerable for RCE under speci
      The postjournal in Zimbra Collaboration (ZCS) sometimes allows unauthentica...
    • DIVD-2024-00039 - Incorrect authorization vulnerability in Apache OFBiz res
      In Apache OFBiz, version 18.12.14 and below, an Incorrect Authorization vul...
    • DIVD-2024-00038 - Remote Code Execution CUPS
      A remote attacker can replace or install printers with malicious IPP URLs, ...
    • DIVD-2024-00035 - 17 vulnerabilities in Iocharger devices
      Researchers have discovered 17 vulnerabilities in the Iocharger firmware fo...
    • DIVD-2024-00033 - ServiceNow - unauthenticated remote code execution (RCE)
      Multiple vulnerabilities have been found in ServiceNow. Combining these vul...
    • DIVD-2024-00032 - Unauthenticated Remote Code Execution (RCE) vulnerability
      Geoserver has a Remote Code Execution (RCE) vulnerability in evaluating pro...
    • DIVD-2024-00031 - Unauthenticated Local File Inclusion vulnerability in Com
      An Unautheticated Local File Inclusion vulnerability has been found in Comf...
    • DIVD-2024-00030 - Zyxel NAS - unauthenticated OS command injection
      Multiple vulnerabilities have been found in the firmware of the Zyxel NAS d...
    • All cases
  • CVEs
    • CVE-2024-43663 - Buffer overflow vulnerabilities in CGI scripts lead to segfa...
    • CVE-2024-43662 - Authenticated arbitrary file upload to /tmp/ and /tmp/upload...
    • CVE-2024-43661 - Buffer overflow in <redacted>.so leads to DoS of OCPP servic...
    • CVE-2024-43660 - Arbitrary file download using <redacted>.sh...
    • CVE-2024-43659 - Plaintext default credentials in firmware...
    • CVE-2024-43658 - Using the <redacted> action or <redacted>.sh script, arbitra...
    • CVE-2024-43657 - When uploading new firmware, a shell script inside a firmwar...
    • CVE-2024-43656 - A backup can be manipulated and then restored to create arbi...
    • CVE-2024-43655 - Any authenticated users can execute OS commands as root usin...
    • CVE-2024-43654 - Authenticated command injection in the <redacted> action lea...
    • More...
  • CNA
  • Stolen credentials
  • Blog
    • 2025-01-09 : Wilco van Beijnum and Harm van den Brink found 17 vulnerabilities in Iochar...
    • 2024-08-12 : Research of Wietse Boonstra and Hidde Smit featured in Follow the Money and...
    • 2024-05-30 : DIVD CSIRT performs victim notification for Operation Endgame...
    • 2024-04-25 : DIVD CSIRT Congratulates Project Melissa...
    • 2023-07-10 : Limited disclosure of 6 vulnerabilities in OSNexus Quantastor...
    • 2023-02-24 : DIVD’s response regard the involvement of a DIVD volunteer in a major data ...
    • 2023-01-18 : Fox-IT and DIVD cooperate to warn owners of vulnerable Citrix servers...
    • 2022-12-14 : Fortinet sslvpnd vulnerability - update...
    • 2022-12-13 : Fortinet SSL VPN Vulnerability...
    • 2022-08-15 : Closing GeyNoise Ukraine Only case...
    • More...
  • Donate
  • Search...
  • RSS
  • Contact

    •  Twitter
    •  LinkedIn