Identified vulnerabilities (CVEs) in vulnscan

The following CVEs are identified by the vulnscan category of information. CVEs are either detected by an active, innocuous and non-instrusive check (check-based) or by specific version detection technics (version-based):

• category:vulnscan cve:CVE-2010-4344
• category:vulnscan cve:CVE-2018-6789
• category:vulnscan cve:CVE-2018-9276
• category:vulnscan cve:CVE-2018-13379
• category:vulnscan cve:CVE-2019-7481
• category:vulnscan cve:CVE-2019-10149
• category:vulnscan cve:CVE-2019-11510
• category:vulnscan cve:CVE-2019-16928
• category:vulnscan cve:CVE-2019-19781
• category:vulnscan cve:CVE-2020-2021
• category:vulnscan cve:CVE-2020-5902
• category:vulnscan cve:CVE-2020-6287
• category:vulnscan cve:CVE-2020-8193
• category:vulnscan cve:CVE-2020-8195
• category:vulnscan cve:CVE-2020-8196
• category:vulnscan cve:CVE-2020-8209
• category:vulnscan cve:CVE-2020-10148
• category:vulnscan cve:CVE-2020-14882
• category:vulnscan cve:CVE-2021-20028
• category:vulnscan cve:CVE-2021-21972
• category:vulnscan cve:CVE-2021-21973
• category:vulnscan cve:CVE-2021-21985
• category:vulnscan cve:CVE-2021-26855
• category:vulnscan cve:CVE-2021-31207
• category:vulnscan cve:CVE-2021-34473
• category:vulnscan cve:CVE-2021-34523
• category:vulnscan cve:CVE-2021-35211
• category:vulnscan cve:CVE-2021-40539
• category:vulnscan cve:CVE-2021-44228
• category:vulnscan cve:CVE-UNKNOWN-20211201
• category:vulnscan cve:CVE-2022-1388
• category:vulnscan cve:CVE-2022-22954
• category:vulnscan cve:CVE-2022-26134
• category:vulnscan cve:CVE-2022-27518
• category:vulnscan cve:CVE-2022-27925
• category:vulnscan cve:CVE-2022-35914
• category:vulnscan cve:CVE-2022-36537
• category:vulnscan cve:CVE-2022-40684
• category:vulnscan cve:CVE-2022-41040
• category:vulnscan cve:CVE-2022-41082
• category:vulnscan cve:CVE-2022-42475
• category:vulnscan cve:CVE-2022-47986
• category:vulnscan cve:CVE-2023-0669
• category:vulnscan cve:CVE-2023-20032
• category:vulnscan cve:CVE-2023-23752
• category:vulnscan cve:CVE-2023-25610
• category:vulnscan cve:CVE-2023-27350
• category:vulnscan cve:CVE-2023-27351
• category:vulnscan cve:CVE-2023-27524
• category:vulnscan cve:CVE-2023-27898

CVEs by product vendors

Apache

• CVE-2023-27524: Apache Superset - version-based

Atlassian

• CVE-2022-26134: Atlassian Confluence - check-based - CISA KEV catalog

Citrix

NOTE: this list is up-to-date with CISA KEV as of 2023-02-25.

• CVE-2019-19781: Citrix Gateway (shitrix) - check-based - CISA KEV catalog
• CVE-2020-8193: Citrix Gateway - version-based - CISA KEV catalog
• CVE-2020-8195: Citrix Gateway - version-based - CISA KEV catalog
• CVE-2020-8196: Citrix Gateway - version-based - CISA KEV catalog
• CVE-2020-8209: Citrix XenMobile Server - check-based
• CVE-2022-27518: Citrix Gateway - version-based - CISA KEV catalog

Exim

NOTE: this list is up-to-date with CISA KEV as of 2023-04-08.

• CVE-2010-4344: Exim Exim - version-based - CISA KEV catalog
• CVE-2018-6789: Exim Exim - version-based - CISA KEV catalog
• CVE-2019-10149: Exim Exim - version-based - CISA KEV catalog
• CVE-2019-16928: Exim Exim - version-based - CISA KEV catalog

F5 Networks

• CVE-2020-5902: F5 Networks BIGIP - check-based - CISA KEV catalog
• CVE-2022-1388: F5 Networks BIGIP - check-based - CISA KEV catalog

Fortinet

NOTE: this list is up-to-date with CISA KEV as of 2023-02-25.

• CVE-2018-13379: Fortinet FortiGate - check-based - CISA KEV catalog
• CVE-2022-40684: Fortinet FortiGate - check-based - CISA KEV catalog
• CVE-2022-42475: Fortinet FortiGate - version-based - CISA KEV catalog
• CVE-2023-25610: Fortinet FortiGate - version-based

Fortra

• CVE-2023-0669: Fortra GoAnywhere MFT - version-based - CISA KEV catalog

GLPI-Project

• CVE-2022-35914: GLPI-Project GLPI - check-based

IBM

• CVE-2022-47986: IBM Aspera Faspex - version-based - CISA KEV catalog

Jenkins

• CVE-2023-27898: Jenkins Jenkins (coreplague) - version-based

Joomla

• CVE-2023-23752: Joomla Joomla! - check-based

Microsoft

• CVE-2021-26855: Microsoft Exchange Server (proxylogon) - check-based + version-based - CISA KEV catalog
• CVE-2021-31207: Microsoft Exchange Server (proxyshell) - check-based + version-based - CISA KEV catalog
• CVE-2021-34473: Microsoft Exchange Server (proxyshell) - check-based + version-based - CISA KEV catalog
• CVE-2021-34523: Microsoft Exchange Server (proxyshell) - check-based + version-based - CISA KEV catalog
• CVE-2022-41040: Microsoft Exchange Server (proxynotshell) - version-based - CISA KEV catalog
• CVE-2022-41082: Microsoft Exchange Server (proxynotshell) - version-based - CISA KEV catalog

MobileIron

• CVE-2021-44228: MobileIron Core (log4shell) - check-based - CISA KEV catalog

Oracle

• CVE-2020-14882: Oracle Weblogic - check-based - CISA KEV catalog

Paessler AG

• CVE-2018-9276: Paessler AG PRTG Network Monitor - version-based

PaloAltoNetworks

• CVE-2020-2021: PaloAltoNetworks GlobalProtect - version-based - CISA KEV catalog

PaperCut

• CVE-2023-27350: PaperCut PaperCut - version-based - CISA KEV catalog
• CVE-2023-27351: PaperCut PaperCut - version-based - CISA KEV catalog

PulseSecure

• CVE-2019-11510: PulseSecure Pulse Connect Secure - check-based - CISA KEV catalog

SAP

• CVE-2020-6287: SAP Netweaver Application Server Java (recon) - check-based - CISA KEV catalog

SonicWall

• CVE-2019-7481: SonicWall SMA - version-based - CISA KEV catalog
• CVE-2021-20028: SonicWall SMA - version-based - CISA KEV catalog

SolarWinds

• CVE-2020-10148: SolarWinds Orion Platform (supernova) - check-based - CISA KEV catalog
• CVE-2021-35211: SolarWinds Serv-U - version-based - CISA KEV catalog

VMware

• CVE-2021-21972: VMware vCenter Server - check-based - CISA KEV catalog
• CVE-2021-21973: VMware vCenter Server - check-based - CISA KEV catalog
• CVE-2021-21985: VMware vCenter Server - check-based - CISA KEV catalog
• CVE-2021-44228: VMware vCenter Server (log4shell) - check-based - CISA KEV catalog
• CVE-2021-44228: VMware Horizon View (log4shell) - check-based - CISA KEV catalog
• CVE-2022-22954: VMware Workspace ONE Access - check-based - CISA KEV catalog
• CVE-UNKNOWN-20211201: VMware vCenter Server - check-based

Zimbra

• CVE-2022-27925: Zimbra Collaboration Server - check-based - CISA KEV catalog
• CVE-2023-20032: Zimbra Collaboration Server - version-based

ZKoss

• CVE-2022-36537: ZKoss ZK Framework - version-based - CISA KEV catalog

ZohoCorp

• CVE-2021-40539: ZohoCorp ManageEngine ADSelfService Plus - check-based - CISA KEV catalog
• CVE-2022-47966: ManageEngine ADManager Plus - version-based - CISA KEV catalog
• CVE-2022-47966: ManageEngine ADSelfService Plus - version-based - CISA KEV catalog
• CVE-2022-47966: ManageEngine ServiceDesk Plus - version-based - CISA KEV catalog
• CVE-2022-47966: ManageEngine ServiceDesk Plus MSP - version-based - CISA KEV catalog
• CVE-2022-47966: ManageEngine SupportCenter Plus - version-based - CISA KEV catalog
• CVE-2022-47966: ManageEngine AssetExplorer - version-based - CISA KEV catalog