Security Warnings · Weekly: 2022-W03

Search Period Severity Vendor Source

Latest warnings

CVE-2006-1547	Apache Struts 1 ActionForm Denial-of-Service Vulnerability 2022‑01‑21 · CVE-2006-1547	CISA-KEV	2022‑01‑21	High
CVE-2012-0391	Apache Struts 2 Improper Input Validation Vulnerability 2022‑01‑21 · CVE-2012-0391	CISA-KEV	2022‑01‑21	High
CVE-2021-35247	SolarWinds Serv-U Improper Input Validation Vulnerability 2022‑01‑21 · CVE-2021-35247	CISA-KEV	2022‑01‑21	High
CVE-2020-11978	Apache Airflow Command Injection 2022‑01‑18 · CVE-2020-11978	CISA-KEV	2022‑01‑18	High
CVE-2020-13927	Apache Airflow's Experimental API Authentication Bypass 2022‑01‑18 · CVE-2020-13927	CISA-KEV	2022‑01‑18	High
CVE-2021-40870	Aviatrix Controller Unrestricted Upload of File 2022‑01‑18 · CVE-2021-40870	CISA-KEV	2022‑01‑18	High
CVE-2020-13671	Drupal core Un-restricted Upload of File 2022‑01‑18 · CVE-2020-13671	CISA-KEV	2022‑01‑18	High
CVE-2021-22991	F5 BIG-IP Traffic Management Microkernel Buffer Overflow 2022‑01‑18 · CVE-2021-22991	CISA-KEV	2022‑01‑18	High
CVE-2021-33766	Microsoft Exchange Server Information Disclosure 2022‑01‑18 · CVE-2021-33766	CISA-KEV	2022‑01‑18	High
CVE-2021-25296	Nagios XI OS Command Injection 2022‑01‑18 · CVE-2021-25296	CISA-KEV	2022‑01‑18	High
CVE-2021-25297	Nagios XI OS Command Injection 2022‑01‑18 · CVE-2021-25297	CISA-KEV	2022‑01‑18	High
CVE-2021-25298	Nagios XI OS Command Injection 2022‑01‑18 · CVE-2021-25298	CISA-KEV	2022‑01‑18	High
CVE-2021-32648	October CMS Improper Authentication 2022‑01‑18 · CVE-2021-32648	CISA-KEV	2022‑01‑18	High
CVE-2020-14864	Oracle Business Intelligence Enterprise Edition Path Transversal 2022‑01‑18 · CVE-2020-14864	CISA-KEV	2022‑01‑18	High
CVE-2021-21315	System Information Library for Node.JS Command Injection 2022‑01‑18 · CVE-2021-21315	CISA-KEV	2022‑01‑18	High

Note