Check CVE of 2022 - ties2/Red-Team GitHub Wiki

  • CVE-2021-34527 (PrintNightmare): This CVE is a vulnerability in the Windows Print Spooler service that allows attackers to execute arbitrary code with system-level privileges. The vulnerability was initially thought to have been patched, but was later discovered to be only partially fixed.

  • CVE-2021-21985: This CVE is a vulnerability in VMware vCenter Server that allows attackers to execute arbitrary code on a vulnerable system. The vulnerability was given a CVSS score of 9.8 out of 10, indicating a high level of severity.

  • CVE-2021-22986 (BIG-IP): This CVE is a vulnerability in the BIG-IP application delivery controller (ADC) that allows attackers to execute arbitrary code on a vulnerable system. The vulnerability was given a CVSS score of 9.8 out of 10, indicating a high level of severity.

  • CVE-2021-1675 (Print Spooler): This CVE is a vulnerability in the Windows Print Spooler service that allows attackers to execute arbitrary code with system-level privileges. The vulnerability was initially thought to have been patched, but was later discovered to be only partially fixed.

  • CVE-2021-26855 (Microsoft Exchange Server): This CVE is a vulnerability in Microsoft Exchange Server that allows attackers to execute arbitrary code on a vulnerable system. The vulnerability was given a CVSS score of 9.1 out of 10, indicating a high level of severity.

  • CVE-2021-3449 (OpenSSL): This CVE is a vulnerability in OpenSSL that allows attackers to obtain sensitive information from a vulnerable system. The vulnerability was given a CVSS score of 5.3 out of 10, indicating a moderate level of severity.

  • CVE-2021-31956 (Microsoft Windows): This CVE is a vulnerability in Microsoft Windows that allows attackers to execute arbitrary code with system-level privileges. The vulnerability was given a CVSS score of 7.8 out of 10, indicating a high level of severity.

  • CVE-2021-23008 (SonicWall): This CVE is a vulnerability in SonicWall firewall devices that allows attackers to execute arbitrary code on a vulnerable system. The vulnerability was given a CVSS score of 9.8 out of 10, indicating a high level of severity.

  • CVE-2021-24093 (Microsoft Exchange Server): This CVE is a vulnerability in Microsoft Exchange Server that allows attackers to execute arbitrary code on a vulnerable system. The vulnerability was given a CVSS score of 8.8 out of 10, indicating a high level of severity.

  • CVE-2021-26708 (Linux kernel): This CVE is a vulnerability in the Linux kernel that allows attackers to escalate privileges on a vulnerable system. The vulnerability was given a CVSS score of 7.0 out of 10, indicating a high level of severity.

  • CVE-2021-24086 (Microsoft Exchange Server): This CVE is a vulnerability in Microsoft Exchange Server that allows attackers to execute arbitrary code on a vulnerable system. The vulnerability was given a CVSS score of 8.8 out of 10, indicating a high level of severity.

  • CVE-2021-22939 (SonicWall): This CVE is a vulnerability in SonicWall firewall devices

  • CVE-2021-21972 (VMware vCenter Server): This CVE is a vulnerability in VMware vCenter Server that allows attackers to execute arbitrary code on a vulnerable system. The vulnerability was given a CVSS score of 9.8 out of 10, indicating a high level of severity.

  • CVE-2021-23017 (SonicWall): This CVE is a vulnerability in SonicWall firewall devices that allows attackers to execute arbitrary code on a vulnerable system. The vulnerability was given a CVSS score of 9.8 out of 10, indicating a high level of severity.

  • CVE-2021-3156 (sudo): This CVE is a vulnerability in sudo, a commonly used utility on Unix-based systems, that allows attackers to escalate privileges on a vulnerable system. The vulnerability was given a CVSS score of 7.8 out of 10, indicating a high level of severity.

  • CVE-2021-31607 (Kaseya VSA): This CVE is a vulnerability in Kaseya VSA, a remote monitoring and management software, that allows attackers to execute arbitrary code on a vulnerable system. The vulnerability was given a CVSS score of 10 out of 10, indicating a critical level of severity.

  • CVE-2021-30116 (Pulse Secure VPN): This CVE is a vulnerability in Pulse Secure VPN that allows attackers to execute arbitrary code on a vulnerable system. The vulnerability was given a CVSS score of 10 out of 10, indicating a critical level of severity.

  • CVE-2021-22986 (BIG-IP): This CVE is a vulnerability in the BIG-IP application delivery controller (ADC) that allows attackers to execute arbitrary code on a vulnerable system. The vulnerability was given a CVSS score of 9.8 out of 10, indicating a high level of severity.

  • CVE-2021-22893 (Microsoft Exchange Server): This CVE is a vulnerability in Microsoft Exchange Server that allows attackers to execute arbitrary code on a vulnerable system. The vulnerability was given a CVSS score of 9.1 out of 10, indicating a high level of severity.

  • CVE-2021-21972 (VMware vCenter Server): This CVE is a vulnerability in VMware vCenter Server that allows attackers to execute arbitrary code on a vulnerable system. The vulnerability was given a CVSS score of 9.8 out of 10, indicating a high level of severity.