CERT-XLM – Security advisory
This page reference all advisory notes published by the CERT-XLM about vulnerabilities reported or found in products during assessments.
Advisory notes
- CVE-2015-4596: Security issue affecting the product Lenovo Mouse Suite
- CVE-2015-5606: Security issue affecting the product VORDEL XML GATEWAY
- CVE-2015-5462: Security issue affecting the product AXIOM
- CVE-2015-5463: Security issue affecting the product AXIOM
- CVE-2015-5384: Security issue affecting the product AXIOM
- XLM-2016-121 : Security issue affecting the module SecKit of Drupal
- CVE-2016-1159: Security issue affecting the product Password Manager Pro (PMP)
- CVE-2016-1161: Security issue affecting the product Password Manager Pro (PMP)
- CVE-2017-1282 : Security issue affecting the product IBM Content Navigator
- CVE-2017-1331 : Security issue affecting the product IBM Content Navigator
- XLM-2018-356 : Security issue affecting the product Jira 7.12.0
- CVE-2018-10206 : Security issue affecting the product Vaultize.
- CVE-2018-10207 : Security issue affecting the product Vaultize.
- CVE-2018-10208 : Security issue affecting the product Vaultize.
- CVE-2018-10209 : Security issue affecting the product Vaultize.
- CVE-2018-10210 : Security issue affecting the product Vaultize.
- CVE-2018-10211 : Security issue affecting the product Vaultize.
- CVE-2018-10212 : Security issue affecting the product Vaultize.
- CVE-2018-10213 : Security issue affecting the product Vaultize.
- CVE-2018-15631 : Security issue affecting the product Odoo.
- CVE-2018-18466 : Security issue affecting the product SecurAccess.
- CVE-2018-20237 : Security issue affecting the product Atlassian Confluence Server and Data Center
- CVE-2018-20664:Security issue affecting the product ManageEngine ADSelfService Plus
- CVE-2018-20736 : Security issue affecting the product WSO2 API Manager
- CVE-2018-20737 : Security issue affecting the product WSO2 API Manager
- XLM-2019-672 : Security issue affecting Travely Android application
- XLM-2019-712 : Security issue affecting Microsoft Power BI Report Server
- CVE-2019-3905 :Security issue affecting the product ManageEngine ADSelfService Plus
- CVE-2019-6512 :Security issue affecting the product WSO2 API Manager
- CVE-2019-6513 :Security issue affecting the product WSO2 API Manager
- CVE-2019-6514 :Security issue affecting the product WSO2 Dashboard Server
- CVE-2019-6515 :Security issue affecting the product WSO2 API Manager
- CVE-2019-6516 :Security issue affecting the product WSO2 Dashboard Server
- CVE-2019-6970 :Security issue affecting the product Moodle CMS
- CVE-2019-7161 :Security issue affecting the product ManageEngine ADSelfService Plus
- CVE-2019-7162 :Security issue affecting the product ManageEngine ADSelfService Plus
- CVE-2019-9676 : Security issue affecting the product Dahua IP Camera devices.
- CVE-2019-11032 : Security issue affecting the product EasyToRecruit (E2R)
- CVE-2019-12959 : Security issue affecting the product ManageEngine AssetExplorer
- CVE-2019-12994 : Security issue affecting the product ManageEngine AssetExplorer
- CVE-2019-14693 : Security issue affecting the product ManageEngine AssetExplorer
- CVE-2019-16202 – Security Issue affecting MISP REST API
- CVE-2019-17112 : Security issue affecting the product DataSecurity Plus
- CVE-2019-19610: Security issue affecting RAQuest
- CVE-2019-19611: Security issue affecting RAQuest
- CVE-2019-19612: Security issue affecting RAQuest
- CVE-2019-19613: Security issue affecting RAQuest
- CVE-2019-19614: Security issue affecting RAQuest
- CVE-2019-20474: Security issue affecting the product Remote Access Plus
- CVE-2020-8422: Security issue affecting the product Remote Access Plus
- CVE-2020-15594 : Security issue affecting the product Application Control Plus
- CVE-2020-15595 : Security issue affecting the product Application Control Plus
- CVE-2020-26167 : Security issue affecting the product Fuelcms
- CVE-2020-26546 : Security issue affecting the product HelpDeskZ
- XLM-2020-1347: Potential risks with federated authentication
- CVE-2020-28406 : Security issue affecting the product Star Practice Management Web
- CVE-2020-28404 : Security issue affecting the product Star Practice Management Web
- CVE-2020-28401 : Security issue affecting the product Star Practice Management Web
- CVE-2020-28402 : Security issue affecting the product Star Practice Management Web
- CVE-2020-28403 : Security issue affecting the product Star Practice Management Web
- CVE-2020-28405 : Security issue affecting the product Star Practice Management Web
- CVE-2020-28918 : Security issue affecting the product DualShield
- CVE-2021-31777 : Security issue affecting the product TYPO3 CMS
- CVE-2021-31530: Security issue affecting the product ServiceDesk Plus MSPCVE-2021-31530
- CVE-2021-31531: Security issue affecting the product ServiceDesk Plus MSP
- CVE-2021-31160: Security issue affecting the product ServiceDesk Plus MSP
- CVE-2021-31399: Security issue affecting the product Access Unit 2.0
- CVE-2021-32016: Security issue affecting the product JUMP AMS
- CVE-2021-32017: Security issue affecting the product JUMP AMS
- CVE-2021-32018: Security issue affecting the product JUMP AMS
- CVE-2021-38615: Security issue affecting the product Eigen NLP
- CVE-2021-38616: Security issue affecting the product Eigen NLP
- CVE-2021-38617: Security issue affecting the product Eigen NLP
- CVE-2021-38618: Security issue affecting the product GFOS Workforce Management
- CVE-2021-41320: Security issue affecting the product Wallstreet Suite
- CVE-2021-42110: Security issue affecting the product Allegro Windows
- CVE-2021-42111: Security issue affecting the product OpenOTP iOS Mobile Application
- CVE-2021-43978: Security issue affecting the product Popsy Windows (old name)/ Allegro Windows
- CVE-2021-44035/ Security issue affecting the product TeamMate Audit Solutions