KEV Catalog | Secured

KEV Catalog: VMware Spring Cloud Gateway Code Injection Vulnerability (CVE-2022-22947)

Comments Off

February 15, 2023March 9, 2023

Wyatt Dahlenburg found this Expression Language injection vulnerability. Applications using Spring Cloud Gateway are vulnerable to a code...

by Cody Rubio

KEV Catalog: Apache Airflow “Example DAG” Command Injection (CVE-2020-11978)

Comments Off

February 8, 2023February 21, 2023

CVE-2020-11978 is a remote code injection vulnerability related to Apache Airflow versions 1.10.10 and below.

by Cody Rubio

KEV Catalog: Debian-specific Redis Server Lua Sandbox Escape Vulnerability (CVE-2022-0543)

Comments Off

February 1, 2023February 21, 2023

Reginaldo Silva discovered a Debian-specific Lua sandbox escape in Redis, a persistent key-value database.

by Cody Rubio

KEV Catalog: “Spring4Shell” Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)

Comments Off

January 25, 2023February 6, 2023

The “Spring4Shell” vulnerability, CVE-2022-22965, is a remote code execution vulnerability. It affects Spring Core applications running on...

by Cody Rubio

KEV Catalog: “Drupalgeddon2”: Drupal Module Configuration Vulnerability CVE-2018-7600

Comments Off

December 20, 2022January 24, 2023

On March 28, 2018 Drupal announced a remote code execution vulnerability on specific Drupal versions of 6,...

by Cody Rubio

KEV Catalog: “Ghostcat” Apache Tomcat Improper Privilege Management Vulnerability (CVE-2020-1938)

Comments Off

December 15, 2022January 24, 2023

CVE-2020-1938, dubbed Tomcat Ghost or Ghostcat, is a Local File Inclusion (LFI) vulnerability in Apache Tomcat’s Apache...

by Cody Rubio

KEV Catalog: Apache CouchDB Remote Privilege Escalation (CVE-2022-24706)

Comments Off

December 10, 2022February 22, 2023

The Apache CouchDB Remote Privilege Escalation vulnerability is due to an open distribution port that also uses...

Download our Capabilities Brief

KEV Catalog: VMware Spring Cloud Gateway Code Injection Vulnerability (CVE-2022-22947)

by Cody Rubio

KEV Catalog: Apache Airflow “Example DAG” Command Injection (CVE-2020-11978)

by Cody Rubio

KEV Catalog: Debian-specific Redis Server Lua Sandbox Escape Vulnerability (CVE-2022-0543)

by Cody Rubio

KEV Catalog: “Spring4Shell” Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)

by Cody Rubio

KEV Catalog: “Drupalgeddon2”: Drupal Module Configuration Vulnerability CVE-2018-7600

by Cody Rubio

KEV Catalog: “Ghostcat” Apache Tomcat Improper Privilege Management Vulnerability (CVE-2020-1938)

by Cody Rubio

KEV Catalog: Apache CouchDB Remote Privilege Escalation (CVE-2022-24706)

by codyrubio

Secured™ Receives 8(a) Certification from the Small Business Administration

Finance By Day, Fiction By Night: Brandon Thomson’s Journey at Secured™

Secured™ Announces the Appointment of Kristie Bender-Carey as CEO Finance

KEV Catalog: Apache CouchDB Remote Privilege Escalation (CVE-2022-24706)

KEV Catalog: “Ghostcat” Apache Tomcat Improper Privilege Management Vulnerability (CVE-2020-1938)

KEV Catalog: “Drupalgeddon2”: Drupal Module Configuration Vulnerability CVE-2018-7600

KEV Catalog: “Spring4Shell” Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)

KEV Catalog: Debian-specific Redis Server Lua Sandbox Escape Vulnerability (CVE-2022-0543)

KEV Catalog: Apache Airflow “Example DAG” Command Injection (CVE-2020-11978)

KEV Catalog: VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability (CVE-2022-22963)

KEV Catalog: Red Hat Polkit “pwnkit” Out-of-Bounds Read and Write Vulnerability (CVE-2021-4034)

KEV Catalog: SaltStack Salt Authentication Bypass (CVE-2020-11651)

KEV Catalog: PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability (CVE-2019-11043)

Ready For a Free Consultation For Any Size Solution?

Company

Services

Contact Us

Category: KEV Catalog

by Cody Rubio

by Cody Rubio

by Cody Rubio

by Cody Rubio

by Cody Rubio

by Cody Rubio

by codyrubio

Ready For a Free Consultation For Any Size Solution?

Company

Services

Contact Us