CVE ID
1
CVE-2019-0708
2
CVE-2017-11882
3
CVE-2017-0199
4
CVE-2018-11776
5
CVE-2017-5638
6
CVE-2019-5544
7
CVE-2017-0143
8
CVE-2020-0549
9
CVE-2020-2555
10
CVE-2018-7600
11
12
Drag to adjust the number of frozen columns
CWE ID
CWE
Patch
Vendor Advisory
Description
Vendor Disclosure Date
NVD Date
First Exploit Released Date
Ransomware Exploit Date
Malware Released Date
Priority Order
Vendor
Product
Exploit Links
RCE/PE
RCE/PE (Auto labelling)
Severity
CVSS V3
Ransomware
APT Group
Associated Malware
Exposure Count
Breach
Tenable PluginID
Nexpose PluginID
Qualys PluginID
CWE-416
Use After Free
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
May 14, 2019
05/16/2019
May 22, 2019
Jun-2019
Feb 11, 2020
1
Microsoft
Windows Xp Windows 7 Windows Server 2003 Windows Server 2008 Windows Vista
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
RCE
RCE
Critical
9.8
DoppelPaymer Redkeeper
NA
Yes
230,386
7286, 125313, 125073, 125063, 125060
msft-cve-2019-0708
91534 91541
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
https://0patch.blogspot.com/2017/11/official-patch-for-cve-2017-11882-meets.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
Nov 14, 2017
11/14/2017
Nov 20, 2017
7-October-2019
Nov 08, 2018
2
Microsoft
Microsoft Office 2007 Service Pack 3 Microsoft Office 2010 Service Pack 2 Microsoft Office 2013 Service Pack 1 Microsoft Office 2016
https://github.com/Retr0-code/SignHere https://github.com/ActorExpose/CVE-2017-11882 https://github.com/dcsync/rtfkit https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/office_ms17_11882.rb https://www.exploit-db.com/raw/43163
RCE
RCE
High
7.8
CCryptor Fake Globe Jigsaw Locky Lokibot OnyxLocker Zemblax Zyklon
APT32 APT41 Carbanak (FIN7) Cobalt Group Gorgon Group Leviathan Lotus Blossom OilRig (APT34) Silence Tropic Trooper Confucius Goblin Panda, Cycldek Urpage
Yes
104557
msft-cve-2017-11882
110308
NA
NA
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199
Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API."
Apr 11, 2017
04/12/2017
2017-04-25
May-2017
Apr 11, 2017
3
Microsoft
Microsoft Office 2007 SP3 Microsoft Office 2010 SP2 Microsoft Office 2013 SP1 Microsoft Office 2016 Microsoft Windows Vista SP2 Windows Server 2008 SP2 Windows 7 SP1 Windows 8.1
https://www.exploit-db.com/raw/42995 https://www.exploit-db.com/raw/41934 https://www.exploit-db.com/raw/41894 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/office_word_hta.rb
RCE
RCE
High
7.8
Cerber Mordor PEC 2017 PetrWrap Petya
APT37 APT41 Cobalt Group CopyKittens Gorgon Group Lazarus Group (APT37& APT38) Leviathan MuddyWater Patchwork Silence TA459 APT36, Transparent Tribe Urpage
Yes
104044, 99314, 99304, 99285
msft-cve-2017-0199
110297
CWE-20
Improper Input Validation
http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-11776-5072787.html
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.
2018-Aug-21
08/22/2018
2018-08-25
2018-Nov-1
NA
4
Apache Software Foundation
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16
https://www.exploit-db.com/exploits/45260/ https://www.exploit-db.com/exploits/45262/ https://www.exploit-db.com/exploits/45367/
RCE
RCE
High
8.1
Locky Lucky Satan
NA
No
138901, 138555, 112289, 112288, 112219, 112064, 112036
struts-cve-2018-11776
150250
CWE-20
Improper Input Validation
https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a
https://cwiki.apache.org/confluence/display/WW/S2-045
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
Mar 02, 2017
03/10/2017
Mar 7, 2017
12-Oct-2017
NA
5
Apache Software Foundation
Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1
https://github.com/mazen160/struts-pwn https://github.com/rapid7/metasploit-framework/issues/8064 https://exploit-db.com/exploits/41570 https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt
RCE
RCE
Critical
10
Cerber DogHousePower Lucky Satan
NA
No
Equifax breach https://threatpost.com/equifax-confirms-march-struts-vulnerability-behind-breach/127975/ https://www.trendmicro.com/en_us/research/17/c/cve-2017-5638-apache-struts-vulnerability-remote-code-execution.html?_ga=2.68497105.1388471076.1612260300-1875046640.1606912694 https://www.synopsys.com/blogs/software-security/equifax-apache-struts-vulnerability-cve-2017-5638/ https://www.reuters.com/article/us-equifax-cyber/idUKKCN1GE257?edition-redirect=uk
141576, 136998, 103663, 101815, 99593, 99528, 700055, 97610, 97576
oracle-weblogic-cve-2017-5638,struts-cve-2017-5638,apache-struts-cve-2017-5638
11771 11779
CWE-787
Out-of-bounds Write
http://www.vmware.com/security/advisories/VMSA-2019-0022.html
ttp://www.vmware.com/security/advisories/VMSA-2019-0022.html
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
2019-12-05
12/06/2019
Dec 1, 2020
NA
NA
6
VMWare
Esxi Enterprise Linux Desktop Enterprise Linux Server Aus Enterprise Linux Workstation Openslp Horizon Daas Enterprise Linux Server Enterprise Linux Server Eus Enterprise Linux Server Tus
https://github.com/HynekPetrak/CVE-2019-5544_CVE-2020-3992
Critical
9.8
NA
NA
No
137497, 136642, 135764, 135547, 133921, 133314, 133220, 133196, 133188, 133086, 132631, 132464, 132402, 132266, 132229, 132221, 132115, 132112, 132085, 132017
huawei-euleros-2_0_sp8-cve-2019-5544,gentoo-linux-cve-2019-5544
216217 216218 216219
CWE-20
Improper Input Validation
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2017-0143
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Mar 14, 2017
03/16/2017
2017-04-17
12-May-2017
Sep 05, 2017
7
Microsoft
Microsoft Windows Vista SP2 Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1 Windows 8.1 Windows Server 2012 Gold and R2 Windows RT 8.1 Windows 10 Gold, 1511, 1607 Windows Server 2016
https://www.exploit-db.com/raw/43970 https://www.exploit-db.com/raw/41987 https://www.exploit-db.com/raw/41891 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/smb/ms17_010_psexec.rb https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/smb/ms17_010_eternalblue.rb
RCE
RCE
High
8.1
Bad Rabbit Katyusha Muhstik NotPetya Petya Ryuk SamSa Satan UIWIX WannaCry
APT3 APT10, Stone Panda Shadow Brokers
Yes
10,259
700099, 700059, 97833, 97737
msft-cve-2017-0143
91345 91359 91360 91361
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
01/27/2020
01/27/2020
NA
NA
NA
8
Intel
Medium
5.5
NA
NA
No
145997, 143983, 143027, 143005, 138638, 138217, 138159, 138046, 137895, 137883, 137882, 137842, 137751, 137749, 137739, 137695, 137694, 137688, 137614, 137610, 137609, 137418, 137385, 137374, 137352, 137351, 137348, 137338, 137337, 137313, 137295, 137276, 137273
redhat-openshift-cve-2020-0549,debian-cve-2020-0549
173543 173545 173547 173585
NA
NA
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence.
2020-January-14
01/15/2020
Mar 8, 2020
NA
NA
9
Oracle
Fusion Middleware
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/misc/weblogic_deserialize_badattrval.rb https://github.com/wsfengfan/CVE-2020-2555 https://github.com/Y4er/CVE-2020-2555
RCE
RCE
Critical
9.8
NA
NA
No
142223, 137854
N/A
372345
CWE-20
Improper Input Validation
https://github.com/g0rx/CVE-2018-7600-Drupal-RCE
https://www.drupal.org/sa-core-2018-002
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
2018-March-28
03/29/2018
2018-04-13
Apr-2018
NA
10
Drupal
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1
https://www.exploit-db.com/exploits/44448/ https://www.exploit-db.com/exploits/44449/ https://www.exploit-db.com/exploits/44482/ https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/drupal_drupalgeddon2.rb
RCE
RCE
Critical
9.8
Muhstik Petya Satan Vevo locker
Sea turtle
No
3,329
120615, 98570, 98569, 98568, 98567, 98566, 98565, 98564, 98216, 109288, 109055, 109041, 700230, 700229, 700228, 700224, 108698, 108695, 108688
debian-cve-2018-7600,drupal-cve-2018-7600,freebsd-cve-2018-7600
11942 176337 371954
12 records

Alert

Lorem ipsum
Okay
View larger version
Download CSV