Victor Pasman
CSIRT Teamlead level 2
CSIRT cases
- DIVD-2024-00042 - Multiple critical vulnerabilities in Solarwinds Web Help Desk
- DIVD-2024-00031 - Unauthenticated Local File Inclusion vulnerability in ComfortKey
- DIVD-2024-00024 - Multiple vulnerabilities found in the SOPlanning tool
- DIVD-2024-00005 - Remote code execution in FortiOS
- DIVD-2024-00004 - 2024-00004 Global NGOs
Show more Show less
- DIVD-2024-00001 - Auth. Bypass and Command Injection in Ivanti VPN appliance
- DIVD-2023-00039 - VMware vCenter Server RCE
- DIVD-2023-00036 - Authentication Bypass in JetBrains TeamCity
- DIVD-2023-00035 - Remote Code Execution in Juniper Networks SRX- and EX-Series
- DIVD-2023-00029 - Critical Fortinet SSL-VPN RCE Vulnerability
- DIVD-2023-00011 - FortiNAC and FortiWeb RCE Vulnerability
- DIVD-2022-00068 - Multiple vulnerabilities identified within White Rabbit Switch from CERN
- DIVD-2022-00063 - Memory overflow vulnerability in FortiOS SSL VPN
- DIVD-2022-00058 - ZK Framework - ZK AuUploader Servlet Upload Vulnerability
- DIVD-2022-00056 - Critical authentication bypass affecting Fortigate products
- DIVD-2022-00052 - Multiple vulnerabilities is Cloudflow software
- DIVD-2022-00045 - Injection vulnerability found within Socket.io
- DIVD-2022-00038 - Vulnerable Oracle WebLogic Server
- DIVD-2022-00033 - Atlassian Confluence 0-day unauthenticated RCE
- DIVD-2022-00032 - Exchange backdoor
- DIVD-2022-00029 - Remote Code Execution on Sophos Firewall
- DIVD-2022-00027 - F5 BIG-IP iControl REST API remote code execution
- DIVD-2022-00026 - WSO2 Remote Code Executions - CVE-2022-29464
- DIVD-2022-00025 - VMware - CVE-2022-22954
- DIVD-2022-00024 - Spring Cloud RCE - CVE-2022-22963
- DIVD-2022-00020 - Inproper input validation vulnerabilities identified within Feathers.js
- DIVD-2022-00008 - XSS Zeroday in Zimbra
- DIVD-2021-00038 - Apache Log4j2
- DIVD-2021-00037 - Critical vulnerabilities in ITarian MSP platform and on-premise solution
- DIVD-2021-00033 - Sites with Potential SQL-Injection
- DIVD-2021-00022 - Exchange ProxyShell and ProxyOracle
- DIVD-2021-00020 - OSNexsus QuantaStor limited disclosure and product warning
- DIVD-2021-00015 - Telegram OD
- DIVD-2021-00006 - SmarterMail
CVE Records
- White Rabbit Switch - Unauthenticated remote code execution
- Sequalize - Bad query filtering leading to SQL errors
- Sequalize - Default support for “raw attributes” when using parentheses
- White Rabbit Switch - Password Disclosure Vulnerability
- Cloudflow - Unauthenticated file upload vulnerability
Show more Show less
- Cloudflow - Local File Inclusion Vulnerability
- Visioweb.js - Prototype Pollution can results in XSS
- SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS.
- SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution.
- SmarterTools SmarterMail before Build 7776 allows XSS.