IACI LogoIACI-CERT   IACI-CERT Home    IACI Tools Home

TLP:GREEN -- RESTRICTED TO THE COMMUNITY

CISA Catalog of Known Exploited Vulnerabilities

This content derived from CISA Catalog Version: 2024.10.24
Catalog Release Date/Time: 2024-10-24T21:07:44.1159Z

ONLY DISPLAYING ITEMS ADDED TO/UPDATED IN THE CATALOG IN THE LAST 14 DAYS

FOUND 5 ITEMS IN THE CATALOG OF THE 1202 TOTAL ENTRIES

CVEVendor/ProjectProductVulnerability NameDescriptionDate Added
CVE-2024-37383RoundcubeWebmailRoundCube Webmail Cross-Site Scripting (XSS) VulnerabilityRoundCube Webmail contains a cross-site scripting (XSS) vulnerability in the handling of SVG animate attributes that allows a remote attacker to run malicious JavaScript code.2024-10-24
CVE-2024-20481CiscoAdaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)Cisco ASA and FTD Denial-of-Service VulnerabilityCisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) of the RAVPN service.2024-10-24
CVE-2024-47575FortinetFortiManagerFortinet FortiManager Missing Authentication VulnerabilityFortinet FortiManager contains a missing authentication vulnerability in the fgfmd daemon that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.2024-10-23
CVE-2024-38094MicrosoftSharePointMicrosoft SharePoint Deserialization VulnerabilityMicrosoft SharePoint contains a deserialization vulnerability that allows for remote code execution.2024-10-22
CVE-2024-9537ScienceLogicSL1ScienceLogic SL1 Unspecified VulnerabilityScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component.2024-10-21


THE FULL CATALOG CAN BE FOUND ON THE CISA WEBSITE LOCATED AT:
https://www.cisa.gov/known-exploited-vulnerabilities-catalog