CVE Vulnerability List

A CVE (Common Vulnerabilities and Exposures) is a standardized way to identify and record publicly known cybersecurity vulnerabilities.

 

Communication and Coordination

CVEs provide a common language for security professionals to discuss vulnerabilities. This allows them to share information, coordinate efforts to develop patches, and prioritize which vulnerabilities to address first.

 

Threat Mitigation

By referencing CVEs, Virsec's security solutions can likely identify systems vulnerable to specific exploits and take steps to mitigate those risks. This might involve implementing patches, isolating vulnerable systems, or deploying additional security controls.

 

Security Awareness

CVEs can raise awareness about existing threats and help organizations understand their vulnerability landscape. This knowledge is essential for making informed decisions about security investments and strategies.

 

Virsec-Demo-Featured-Demo-Tutorial-1

 

List of CVEs

CVE-2020-11984 Apache HTTP Server 2.4.32 to 2.4.44 mod_proxy_uwsgi
CVE-2020-11996 Apache Tomcat High CPU Usage Or DoS Attack
CVE-2020-13166 MyLittleAdmin PreAuth RCE
CVE-2020-13957 Apache Solr RCE
CVE-2020-14864 Oracle Business Intelligence Enterprise Edition LFI
CVE-2020-17051 Wormable RCE in Windows NFS server
CVE-2020-1938 Ghostcat - Apache Tomcat AJP File Read/Inclusion
CVE-2020-19667 Image Magick (Stack based Buffer Overflow)
CVE-2020-27733: Zoho Manage Engine - SQL injection
CVE-2020-28037 WordPress RCE
CVE-2020-28168 Axios NPM SSRF
CVE-2020-28366 Golang (Arbitrary Code Injection)
CVE-2020-29599 ImageMagick Command Injection
CVE-2020-35578: Nagios (Remote Code Execution)
CVE-2020-4589 IBM WebSphere Application Server 7.0, 8.0, 8.5 and 9.0
CVE-2020-4888 IBM QRadar SIEM Java Deserialization RCE Confused Deputy
CVE-2020-4949: IBM WebSphere Application Server - XXE attack
CVE-2020-8287 Node.js (HTTP Request Smuggling)
CVE-2020-8897 SSRF Vulnerability in AWS KMS and Encryption SDK
CVE-2020-9484 Apache Tomcat Exploit
CVE-2021-1711: Microsoft Office Remote Code Execution Vulnerability
CVE-2021-21234 Spring Boot Actuator Log View
CVE-2021-25646 Apache Druid - RCE
CVE-2021-3110: Prestashop- SQL injection
CVE-2021-3115 Go Language- CMDi and RCE
CVE-2023-4521 ImageMagick Plugin Vulnerability
XZ Utils Backdoor Threat