www.cisa.gov
Open in
urlscan Pro
2a02:26f0:dc:184::447a
Public Scan
Submitted URL: http://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDUsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkI...
Effective URL: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?utm_source=govdelivery
Submission Tags: falconsandbox
Submission: On February 25 via api from US — Scanned from DE
Effective URL: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?utm_source=govdelivery
Submission Tags: falconsandbox
Submission: On February 25 via api from US — Scanned from DE
Form analysis 2 forms found in the DOM
<form class="gsc-search-box gsc-search-box-tools" accept-charset="utf-8">
<table cellspacing="0" cellpadding="0" role="presentation" class="gsc-search-box">
<tbody>
<tr>
<td class="gsc-input">
<div class="gsc-input-box" id="gsc-iw-id1">
<table cellspacing="0" cellpadding="0" role="presentation" id="gs_id50" class="gstl_50 gsc-input" style="width: 100%; padding: 0px;">
<tbody>
<tr>
<td id="gs_tti50" class="gsib_a"><input autocomplete="off" type="text" size="10" class="gsc-input" name="search" title="search" aria-label="search" id="gsc-i-id1" dir="ltr" spellcheck="false"
style="width: 100%; padding: 0px; border: none; margin: 0px; height: auto; outline: none;"></td>
<td class="gsib_b">
<div class="gsst_b" id="gs_st50" dir="ltr"><a class="gsst_a" href="javascript:void(0)" title="Clear search box" role="button" style="display: none;"><span class="gscb_a" id="gs_cb50" aria-hidden="true">×</span></a></div>
</td>
</tr>
</tbody>
</table>
</div>
</td>
<td class="gsc-search-button"><button class="gsc-search-button gsc-search-button-v2"><svg width="13" height="13" viewBox="0 0 13 13">
<title>search</title>
<path
d="m4.8495 7.8226c0.82666 0 1.5262-0.29146 2.0985-0.87438 0.57232-0.58292 0.86378-1.2877 0.87438-2.1144 0.010599-0.82666-0.28086-1.5262-0.87438-2.0985-0.59352-0.57232-1.293-0.86378-2.0985-0.87438-0.8055-0.010599-1.5103 0.28086-2.1144 0.87438-0.60414 0.59352-0.8956 1.293-0.87438 2.0985 0.021197 0.8055 0.31266 1.5103 0.87438 2.1144 0.56172 0.60414 1.2665 0.8956 2.1144 0.87438zm4.4695 0.2115 3.681 3.6819-1.259 1.284-3.6817-3.7 0.0019784-0.69479-0.090043-0.098846c-0.87973 0.76087-1.92 1.1413-3.1207 1.1413-1.3553 0-2.5025-0.46363-3.4417-1.3909s-1.4088-2.0686-1.4088-3.4239c0-1.3553 0.4696-2.4966 1.4088-3.4239 0.9392-0.92727 2.0864-1.3969 3.4417-1.4088 1.3553-0.011889 2.4906 0.45771 3.406 1.4088 0.9154 0.95107 1.379 2.0924 1.3909 3.4239 0 1.2126-0.38043 2.2588-1.1413 3.1385l0.098834 0.090049z">
</path>
</svg></button></td>
<td class="gsc-clear-button">
<div class="gsc-clear-button" title="clear results"> </div>
</td>
</tr>
</tbody>
</table>
</form><form class="gsc-search-box gsc-search-box-tools" accept-charset="utf-8">
<table cellspacing="0" cellpadding="0" role="presentation" class="gsc-search-box">
<tbody>
<tr>
<td class="gsc-input">
<div class="gsc-input-box" id="gsc-iw-id2">
<table cellspacing="0" cellpadding="0" role="presentation" id="gs_id51" class="gstl_51 gsc-input" style="width: 100%; padding: 0px;">
<tbody>
<tr>
<td id="gs_tti51" class="gsib_a"><input autocomplete="off" type="text" size="10" class="gsc-input" name="search" title="search" aria-label="search" id="gsc-i-id2" dir="ltr" spellcheck="false"
style="width: 100%; padding: 0px; border: none; margin: 0px; height: auto; outline: none;"></td>
<td class="gsib_b">
<div class="gsst_b" id="gs_st51" dir="ltr"><a class="gsst_a" href="javascript:void(0)" title="Clear search box" role="button" style="display: none;"><span class="gscb_a" id="gs_cb51" aria-hidden="true">×</span></a></div>
</td>
</tr>
</tbody>
</table>
</div>
</td>
<td class="gsc-search-button"><button class="gsc-search-button gsc-search-button-v2"><svg width="13" height="13" viewBox="0 0 13 13">
<title>search</title>
<path
d="m4.8495 7.8226c0.82666 0 1.5262-0.29146 2.0985-0.87438 0.57232-0.58292 0.86378-1.2877 0.87438-2.1144 0.010599-0.82666-0.28086-1.5262-0.87438-2.0985-0.59352-0.57232-1.293-0.86378-2.0985-0.87438-0.8055-0.010599-1.5103 0.28086-2.1144 0.87438-0.60414 0.59352-0.8956 1.293-0.87438 2.0985 0.021197 0.8055 0.31266 1.5103 0.87438 2.1144 0.56172 0.60414 1.2665 0.8956 2.1144 0.87438zm4.4695 0.2115 3.681 3.6819-1.259 1.284-3.6817-3.7 0.0019784-0.69479-0.090043-0.098846c-0.87973 0.76087-1.92 1.1413-3.1207 1.1413-1.3553 0-2.5025-0.46363-3.4417-1.3909s-1.4088-2.0686-1.4088-3.4239c0-1.3553 0.4696-2.4966 1.4088-3.4239 0.9392-0.92727 2.0864-1.3969 3.4417-1.4088 1.3553-0.011889 2.4906 0.45771 3.406 1.4088 0.9154 0.95107 1.379 2.0924 1.3909 3.4239 0 1.2126-0.38043 2.2588-1.1413 3.1385l0.098834 0.090049z">
</path>
</svg></button></td>
<td class="gsc-clear-button">
<div class="gsc-clear-button" title="clear results"> </div>
</td>
</tr>
</tbody>
</table>
</form>Text Content
Skip to main content An official website of the United States government Here’s how you know Here’s how you know Official websites use .gov A .gov website belongs to an official government organization in the United States. Secure .gov websites use HTTPS A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites. Cybersecurity & Infrastructure Security Agency America's Cyber Defense Agency Search × search Menu Close × search * Topics Topics Cybersecurity Best Practices Cyber Threats and Advisories Critical Infrastructure Security and Resilience Election Security Emergency Communications Industrial Control Systems Information and Communications Technology Supply Chain Security Partnerships and Collaboration Physical Security Risk Management How can we help? GovernmentEducational InstitutionsIndustryState, Local, Tribal, and TerritorialIndividuals and FamiliesSmall and Medium Businesses * Spotlight * Resources & Tools Resources & Tools All Resources & Tools Services Programs Resources Training Groups * News & Events News & Events News Events Cybersecurity Alerts & Advisories Directives Request a CISA Speaker Congressional Testimony * Careers Careers Benefits & Perks HireVue Applicant Reasonable Accommodations Process Hiring Resume & Application Tips Students & Recent Graduates Veteran and Military Spouses Work @ CISA * About About Culture Divisions & Offices Regions Leadership Doing Business with CISA Contact Us Site Links CISA Administrative Subpoena Reporting Employee and Contractor Misconduct CISA GitHub Report a Cyber Issue Breadcrumb 1. Home Share: KNOWN EXPLOITED VULNERABILITIES CATALOG Download CSV version Download JSON version Download JSON schema Subscribe to the Known Exploited Vulnerabilities Catalog Update Bulletin(link is external) Back to previous page for background on known exploited vulnerabilities Show 102550100 entries Search: CVEVendor/ProjectProductVulnerability NameDate Added to CatalogShort DescriptionActionDue DateNotesCVE-2022-47986(link is external) IBM Aspera Faspex IBM Aspera Faspex Code Execution Vulnerability 2023-02-21 IBM Aspera Faspex could allow a remote attacker to execute code on the system, caused by a YAML deserialization flaw. Apply updates per vendor instructions. 2023-03-14 https://exchange.xforce.ibmcloud.com/vulnerabilities/243512?_ga=2.189195179.1800390251.1676559338-700333034.1676325890 * Notes https://exchange.xforce.ibmcloud.com/vulnerabilities/243512?_ga=2.189195179.1800390251.1676559338-700333034.1676325890 CVE-2022-41223(link is external) Mitel MiVoice Connect Mitel MiVoice Connect Code Injection Vulnerability 2023-02-21 The Director component in Mitel MiVoice Connect allows an authenticated attacker with internal network access to execute code within the context of the application. Apply updates per vendor instructions. 2023-03-14 https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0008 * Notes https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0008 CVE-2022-40765(link is external) Mitel MiVoice Connect Mitel MiVoice Connect Command Injection Vulnerability 2023-02-21 The Mitel Edge Gateway component of MiVoice Connect allows an authenticated attacker with internal network access to execute commands within the context of the system. Apply updates per vendor instructions. 2023-03-14 https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0007 * Notes https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0007 CVE-2022-46169(link is external) Cacti Cacti Cacti Command Injection Vulnerability 2023-02-16 Cacti contains a command injection vulnerability that allows an unauthenticated user to execute code. Apply updates per vendor instructions. 2023-03-09 https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf * Notes https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf CVE-2023-21715(link is external) Microsoft Office Microsoft Office Publisher Security Feature Bypass Vulnerability 2023-02-14 Microsoft Office Publisher contains a security feature bypass vulnerability which allows for a local, authenticated attack on a targeted system. Apply updates per vendor instructions. 2023-03-07 https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21715 * Notes https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21715 CVE-2023-23376(link is external) Microsoft Windows Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability 2023-02-14 Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability which allows for privilege escalation. Apply updates per vendor instructions. 2023-03-07 https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23376 * Notes https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23376 CVE-2023-23529(link is external) Apple Multiple Products Apple Multiple Products WebKit Type Confusion Vulnerability 2023-02-14 WebKit in Apple iOS, MacOS, Safari and iPadOS contains a type confusion vulnerability that may lead to code execution. Apply updates per vendor instructions. 2023-03-07 https://support.apple.com/en-us/HT213635, https://support.apple.com/en-us/HT213633, https://support.apple.com/en-us/HT213638 * Notes https://support.apple.com/en-us/HT213635, https://support.apple.com/en-us/HT213633, https://support.apple.com/en-us/HT213638 CVE-2023-21823(link is external) Microsoft Windows Microsoft Windows Graphic Component Privilege Escalation Vulnerability 2023-02-14 Microsoft Windows Graphic Component contains an unspecified vulnerability which allows for privilege escalation. Apply updates per vendor instructions. 2023-03-07 https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21823 * Notes https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21823 CVE-2015-2291(link is external) Intel Ethernet Diagnostics Driver for Windows Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability 2023-02-10 Intel ethernet diagnostics driver for Windows IQVW32.sys and IQVW64.sys contain an unspecified vulnerability that allows for a denial-of-service. Apply updates per vendor instructions. 2023-03-03 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00051.html * Notes https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00051.html CVE-2022-24990(link is external) TerraMaster TerraMaster OS TerraMaster OS Remote Command Execution Vulnerability 2023-02-10 TerraMaster OS contains a remote command execution vulnerability that allows an unauthenticated user to execute commands on the target endpoint. Apply updates per vendor instructions. 2023-03-03 https://forum.terra-master.com/en/viewtopic.php?t=3030 * Notes https://forum.terra-master.com/en/viewtopic.php?t=3030 Showing 1 to 10 of 886 entries Previous12345…89Next Back to top Return to top * Topics * Spotlight * Resources & Tools * News & Events * Careers * About Cybersecurity & Infrastructure Security Agency * Facebook * Twitter * LinkedIn * YouTube * Instagram * RSS CISA Central 888-282-0870 Central@cisa.dhs.gov(link sends email) DHS Seal CISA.gov An official website of the U.S. Department of Homeland Security * About CISA * Accessibility * Budget and Performance * DHS.gov * FOIA Requests * No FEAR Act * Office of Inspector General * Privacy Policy * The White House * USA.gov * Website Feedback