CERT-XLM – Security advisory

This page reference all advisory notes published by the CERT-XLM about vulnerabilities found in products during our assessments. CERT-XLM work closely with the JPCERT/CC in order to publish, when applicable, Common Vulnerabilities and Exposures (CVE) entries.

Advisory  notes

• CVE-2020-8422: Security issue affecting the product Remote Access Plus 
• CVE-2019-19614: Security issue affecting RAQuest 
• CVE-2019-19613: Security issue affecting RAQuest
• CVE-2019-19612: Security issue affecting RAQuest
• CVE-2019-19611: Security issue affecting RAQuest 
• CVE-2019-19610: Security issue affecting RAQuest 
• XLM-2019-712 : Security issue affecting Microsoft Power BI Report Server
• CVE-2019-17112 : Security issue affecting the product DataSecurity Plus
• CVE-2019-16202 – Security Issue affecting MISP REST API
• CVE-2019-14693 : Security issue affecting the product ManageEngine AssetExplorer
• CVE-2019-12994 : Security issue affecting the product ManageEngine AssetExplorer
• CVE-2019-12959 : Security issue affecting the product ManageEngine AssetExplorer
• CVE-2019-9676 : Security issue affecting the product Dahua IP Camera devices.
• XLM-2019-672 : Security issue affecting Travely Android application
• CVE-2019-11032 : Security issue affecting the product EasyToRecruit (E2R)
• CVE-2019-7162 :Security issue affecting the product ManageEngine ADSelfService Plus
• CVE-2019-7161 :Security issue affecting the product ManageEngine ADSelfService Plus
• CVE-2019-6970 :Security issue affecting the product Moodle CMS
• CVE-2019-6516 :Security issue affecting the product WSO2 Dashboard Server
• CVE-2019-6515 :Security issue affecting the product WSO2 API Manager
• CVE-2019-6514 :Security issue affecting the product WSO2 Dashboard Server
• CVE-2019-6513 :Security issue affecting the product WSO2 API Manager
• CVE-2019-6512 :Security issue affecting the product WSO2 API Manager
• CVE-2019-3905 :Security issue affecting the product ManageEngine ADSelfService Plus
• CVE-2018-20737 : Security issue affecting the product WSO2 API Manager
• CVE-2018-20736 : Security issue affecting the product WSO2 API Manager
• CVE-2018-20664:Security issue affecting the product ManageEngine ADSelfService Plus
• CVE-2018-20237 : Security issue affecting the product Atlassian Confluence Server and Data Center
• CVE-2018-18466 : Security issue affecting the product SecurAccess.
• CVE-2018-15631 : Security issue affecting the product Odoo.
• XLM-2018-356 : Security issue affecting the product Jira 7.12.0
• CVE-2018-10213 : Security issue affecting the product Vaultize.
• CVE-2018-10212 : Security issue affecting the product Vaultize.
• CVE-2018-10211 : Security issue affecting the product Vaultize.
• CVE-2018-10210 : Security issue affecting the product Vaultize.
• CVE-2018-10209 : Security issue affecting the product Vaultize.
• CVE-2018-10208 : Security issue affecting the product Vaultize.
• CVE-2018-10207 : Security issue affecting the product Vaultize.
• CVE-2018-10206 : Security issue affecting the product Vaultize.
• CVE-2017-1331 : Security issue affecting the product IBM Content Navigator
• CVE-2017-1282 : Security issue affecting the product IBM Content Navigator
• XLM-2016-121 : Security issue affecting the module SecKit of Drupal
• CVE-2016-1161: Security issue affecting the product Password Manager Pro (PMP)
• CVE-2016-1159: Security issue affecting the product Password Manager Pro (PMP)
• CVE-2015-5606: Security issue affecting the product VORDEL XML GATEWAY
• CVE-2015-5463: Security issue affecting the product AXIOM
• CVE-2015-5462: Security issue affecting the product AXIOM
• CVE-2015-5384: Security issue affecting the product AXIOM
• CVE-2015-4596: Security issue affecting the product Lenovo Mouse Suite
• CVE-2019-20474: Security issue affecting the product Remote Access Plus
• CVE-2020-15594 : Security issue affecting the product Application Control Plus
• CVE-2020-15595 : Security issue affecting the product Application Control Plus