The latest articles on DEV Community by Freedom Coder (@freedom-coder). https://dev.to/freedom-coder https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3057520%2F80e0c6d9-1160-4c3a-9af3-cdf5c163c85b.png https://dev.to/freedom-coder en Freedom Coder Tue, 21 Apr 2026 01:09:19 +0000 https://dev.to/freedom-coder/cve-2024-27199-jetbrains-teamcity-relative-path-traversal-vulnerability-4amb https://dev.to/freedom-coder/cve-2024-27199-jetbrains-teamcity-relative-path-traversal-vulnerability-4amb <h3> CVE ID </h3> <p>CVE-2024-27199</p> <h3> Vulnerability Name </h3> <p>JetBrains TeamCity Relative Path Traversal Vulnerability</p> <ul> <li>Project: <strong>JetBrains</strong> </li> <li>Product: <strong>TeamCity</strong> </li> </ul> <h3> Date </h3> <ul> <li>Date Added: 2026-04-20</li> <li>Due Date: 2026-05-04</li> </ul> <h3> Description </h3> <p>JetBrains TeamCity contains a relative path traversal vulnerability that could allow limited admin actions to be performed.</p> <h3> Known To Be Used in Ransomware Campaigns? </h3> <p>Unknown</p> <h3> Action </h3> <p>Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.</p> <h3> Additional Notes </h3> <p><a href="https://www.jetbrains.com/privacy-security/issues-fixed/" rel="noopener noreferrer">https://www.jetbrains.com/privacy-security/issues-fixed/</a> ; <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-27199" rel="noopener noreferrer">https://nvd.nist.gov/vuln/detail/CVE-2024-27199</a></p> <h3> More CVEs Info </h3> <p><a href="https://www.scyscan.com/cves/" rel="noopener noreferrer">Common Vulnerabilities &amp; Exposures (CVE) List</a></p> jetbrains teamcity cybersecurity vulnerability Freedom Coder Tue, 21 Apr 2026 01:06:48 +0000 https://dev.to/freedom-coder/cve-2026-20128-cisco-catalyst-sd-wan-manager-storing-passwords-in-a-recoverable-format-3b7p https://dev.to/freedom-coder/cve-2026-20128-cisco-catalyst-sd-wan-manager-storing-passwords-in-a-recoverable-format-3b7p <h3> CVE ID </h3> <p>CVE-2026-20128</p> <h3> Vulnerability Name </h3> <p>Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability</p> <ul> <li>Project: <strong>Cisco</strong> </li> <li>Product: <strong>Catalyst SD-WAN Manager</strong> </li> </ul> <h3> Date </h3> <ul> <li>Date Added: 2026-04-20</li> <li>Due Date: 2026-04-23</li> </ul> <h3> Description </h3> <p>Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authenticated, local attacker to gain DCA user privileges by accessing a credential file for the DCA user on the filesystem as a low-privileged user.</p> <h3> Known To Be Used in Ransomware Campaigns? </h3> <p>Unknown</p> <h3> Action </h3> <p>Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt &amp; Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.</p> <h3> Additional Notes </h3> <p>CISA Mitigation Instructions: <a href="https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems" rel="noopener noreferrer">https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems</a> ; <a href="https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems" rel="noopener noreferrer">https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems</a> ; <a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v" rel="noopener noreferrer">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v</a> ; <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-20128" rel="noopener noreferrer">https://nvd.nist.gov/vuln/detail/CVE-2026-20128</a></p> <h3> More CVEs Info </h3> <p><a href="https://www.scyscan.com/cves/" rel="noopener noreferrer">Common Vulnerabilities &amp; Exposures (CVE) List</a></p> cisco catalystsdwanmanager cybersecurity vulnerability Freedom Coder Tue, 21 Apr 2026 01:03:41 +0000 https://dev.to/freedom-coder/cve-2025-2749-kentico-xperience-path-traversal-vulnerability-iak https://dev.to/freedom-coder/cve-2025-2749-kentico-xperience-path-traversal-vulnerability-iak <h3> CVE ID </h3> <p>CVE-2025-2749</p> <h3> Vulnerability Name </h3> <p>Kentico Xperience Path Traversal Vulnerability</p> <ul> <li>Project: <strong>Kentico</strong> </li> <li>Product: <strong>Kentico Xperience</strong> </li> </ul> <h3> Date </h3> <ul> <li>Date Added: 2026-04-20</li> <li>Due Date: 2026-05-04</li> </ul> <h3> Description </h3> <p>Kentico Xperience contains a path traversal vulnerability that could allow an authenticated user's Staging Sync Server to upload arbitrary data to path relative locations.</p> <h3> Known To Be Used in Ransomware Campaigns? </h3> <p>Unknown</p> <h3> Action </h3> <p>Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.</p> <h3> Additional Notes </h3> <p><a href="https://devnet.kentico.com/download/hotfixes" rel="noopener noreferrer">https://devnet.kentico.com/download/hotfixes</a> ; <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-2749" rel="noopener noreferrer">https://nvd.nist.gov/vuln/detail/CVE-2025-2749</a></p> <h3> More CVEs Info </h3> <p><a href="https://www.scyscan.com/cves/" rel="noopener noreferrer">Common Vulnerabilities &amp; Exposures (CVE) List</a></p> kentico kenticoxperience cybersecurity vulnerability Freedom Coder Tue, 21 Apr 2026 01:02:23 +0000 https://dev.to/freedom-coder/cve-2026-20133-cisco-catalyst-sd-wan-manager-exposure-of-sensitive-information-to-an-unauthorized-1243 https://dev.to/freedom-coder/cve-2026-20133-cisco-catalyst-sd-wan-manager-exposure-of-sensitive-information-to-an-unauthorized-1243 <h3> CVE ID </h3> <p>CVE-2026-20133</p> <h3> Vulnerability Name </h3> <p>Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability</p> <ul> <li>Project: <strong>Cisco</strong> </li> <li>Product: <strong>Catalyst SD-WAN Manager</strong> </li> </ul> <h3> Date </h3> <ul> <li>Date Added: 2026-04-20</li> <li>Due Date: 2026-04-23</li> </ul> <h3> Description </h3> <p>Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that could allow remote attackers to view sensitive information on affected systems.</p> <h3> Known To Be Used in Ransomware Campaigns? </h3> <p>Unknown</p> <h3> Action </h3> <p>Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt &amp; Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.</p> <h3> Additional Notes </h3> <p>CISA Mitigation Instructions: <a href="https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems" rel="noopener noreferrer">https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems</a> ; <a href="https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems" rel="noopener noreferrer">https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems</a> ; <a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v" rel="noopener noreferrer">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v</a> ; <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-20133" rel="noopener noreferrer">https://nvd.nist.gov/vuln/detail/CVE-2026-20133</a></p> <h3> More CVEs Info </h3> <p><a href="https://www.scyscan.com/cves/" rel="noopener noreferrer">Common Vulnerabilities &amp; Exposures (CVE) List</a></p> cisco catalystsdwanmanager cybersecurity vulnerability Freedom Coder Tue, 21 Apr 2026 01:01:06 +0000 https://dev.to/freedom-coder/cve-2026-20122-cisco-catalyst-sd-wan-manager-incorrect-use-of-privileged-apis-vulnerability-hbn https://dev.to/freedom-coder/cve-2026-20122-cisco-catalyst-sd-wan-manager-incorrect-use-of-privileged-apis-vulnerability-hbn <h3> CVE ID </h3> <p>CVE-2026-20122</p> <h3> Vulnerability Name </h3> <p>Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability</p> <ul> <li>Project: <strong>Cisco</strong> </li> <li>Product: <strong>Catalyst SD-WAN Manger</strong> </li> </ul> <h3> Date </h3> <ul> <li>Date Added: 2026-04-20</li> <li>Due Date: 2026-04-23</li> </ul> <h3> Description </h3> <p>Cisco Catalyst SD-WAN Manager contains an incorrect use of privileged APIs vulnerability due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by uploading a malicious file on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on the affected system and gain vmanage user privileges.</p> <h3> Known To Be Used in Ransomware Campaigns? </h3> <p>Unknown</p> <h3> Action </h3> <p>Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt &amp; Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.</p> <h3> Additional Notes </h3> <p>CISA Mitigation Instructions: <a href="https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems" rel="noopener noreferrer">https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems</a> ; <a href="https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems" rel="noopener noreferrer">https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems</a> ; <a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v" rel="noopener noreferrer">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v</a> ; <a href="https://nvd.nist.gov/vuln/detail/" rel="noopener noreferrer">https://nvd.nist.gov/vuln/detail/</a> CVE-2026-20122</p> <h3> More CVEs Info </h3> <p><a href="https://www.scyscan.com/cves/" rel="noopener noreferrer">Common Vulnerabilities &amp; Exposures (CVE) List</a></p> cisco catalystsdwanmanger cybersecurity vulnerability Freedom Coder Fri, 17 Apr 2026 16:01:10 +0000 https://dev.to/freedom-coder/cve-2026-34197-apache-activemq-improper-input-validation-vulnerability-41f5 https://dev.to/freedom-coder/cve-2026-34197-apache-activemq-improper-input-validation-vulnerability-41f5 <h3> CVE ID </h3> <p>CVE-2026-34197</p> <h3> Vulnerability Name </h3> <p>Apache ActiveMQ Improper Input Validation Vulnerability</p> <ul> <li>Project: <strong>Apache</strong> </li> <li>Product: <strong>ActiveMQ</strong> </li> </ul> <h3> Date </h3> <ul> <li>Date Added: 2026-04-16</li> <li>Due Date: 2026-04-30</li> </ul> <h3> Description </h3> <p>Apache ActiveMQ contains an improper input validation vulnerability that allows for code injection.</p> <h3> Known To Be Used in Ransomware Campaigns? </h3> <p>Unknown</p> <h3> Action </h3> <p>Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.</p> <h3> Additional Notes </h3> <p><a href="https://activemq.apache.org/security-advisories.data/CVE-2026-34197-announcement.txt" rel="noopener noreferrer">https://activemq.apache.org/security-advisories.data/CVE-2026-34197-announcement.txt</a> ; <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-34197" rel="noopener noreferrer">https://nvd.nist.gov/vuln/detail/CVE-2026-34197</a></p> <h3> More CVEs Info </h3> <p><a href="https://www.scyscan.com/cves/" rel="noopener noreferrer">Common Vulnerabilities &amp; Exposures (CVE) List</a></p> apache activemq cybersecurity vulnerability Freedom Coder Tue, 14 Apr 2026 22:06:07 +0000 https://dev.to/freedom-coder/cve-2026-32201-microsoft-sharepoint-server-improper-input-validation-vulnerability-3586 https://dev.to/freedom-coder/cve-2026-32201-microsoft-sharepoint-server-improper-input-validation-vulnerability-3586 <h3> CVE ID </h3> <p>CVE-2026-32201</p> <h3> Vulnerability Name </h3> <p>Microsoft SharePoint Server Improper Input Validation Vulnerability</p> <ul> <li>Project: <strong>Microsoft</strong> </li> <li>Product: <strong>SharePoint Server</strong> </li> </ul> <h3> Date </h3> <ul> <li>Date Added: 2026-04-14</li> <li>Due Date: 2026-04-28</li> </ul> <h3> Description </h3> <p>Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a network.</p> <h3> Known To Be Used in Ransomware Campaigns? </h3> <p>Unknown</p> <h3> Action </h3> <p>Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.</p> <h3> Additional Notes </h3> <p><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32201" rel="noopener noreferrer">https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32201</a> ; <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-32201" rel="noopener noreferrer">https://nvd.nist.gov/vuln/detail/CVE-2026-32201</a></p> <h3> Related Security News </h3> <ul> <li><a href="https://www.scyscan.com/news/april-patch-tuesday-fixes-critical-flaws-across-sap-adobe-microsoft-fortinet-and-more/" rel="noopener noreferrer">April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More</a></li> <li><a href="https://www.scyscan.com/news/microsoft-issues-patches-for-sharepoint-zero-day-and-168-other-new-vulnerabilities/" rel="noopener noreferrer">Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities</a></li> <li><a href="https://www.scyscan.com/news/microsoft-april-2026-patch-tuesday-fixes-167-flaws-2-zero-days/" rel="noopener noreferrer">Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days</a></li> </ul> <h3> More CVEs Info </h3> <p><a href="https://www.scyscan.com/cves/" rel="noopener noreferrer">Common Vulnerabilities &amp; Exposures (CVE) List</a></p> microsoft sharepointserver cybersecurity vulnerability Freedom Coder Tue, 14 Apr 2026 22:01:06 +0000 https://dev.to/freedom-coder/cve-2009-0238-microsoft-office-remote-code-execution-2haf https://dev.to/freedom-coder/cve-2009-0238-microsoft-office-remote-code-execution-2haf <h3> CVE ID </h3> <p>CVE-2009-0238</p> <h3> Vulnerability Name </h3> <p>Microsoft Office Remote Code Execution</p> <ul> <li>Project: <strong>Microsoft</strong> </li> <li>Product: <strong>Office</strong> </li> </ul> <h3> Date </h3> <ul> <li>Date Added: 2026-04-14</li> <li>Due Date: 2026-04-28</li> </ul> <h3> Description </h3> <p>Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially crafted Excel file that includes a malformed object.</p> <h3> Known To Be Used in Ransomware Campaigns? </h3> <p>Unknown</p> <h3> Action </h3> <p>Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.</p> <h3> Additional Notes </h3> <p><a href="https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009" rel="noopener noreferrer">https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009</a> ; <a href="https://nvd.nist.gov/vuln/detail/CVE-2009-0238" rel="noopener noreferrer">https://nvd.nist.gov/vuln/detail/CVE-2009-0238</a></p> <h3> More CVEs Info </h3> <p><a href="https://www.scyscan.com/cves/" rel="noopener noreferrer">Common Vulnerabilities &amp; Exposures (CVE) List</a></p> microsoft office cybersecurity vulnerability Freedom Coder Mon, 13 Apr 2026 19:09:46 +0000 https://dev.to/freedom-coder/cve-2026-34621-adobe-acrobat-and-reader-prototype-pollution-vulnerability-3pi6 https://dev.to/freedom-coder/cve-2026-34621-adobe-acrobat-and-reader-prototype-pollution-vulnerability-3pi6 <h3> CVE ID </h3> <p>CVE-2026-34621</p> <h3> Vulnerability Name </h3> <p>Adobe Acrobat and Reader Prototype Pollution Vulnerability</p> <ul> <li>Project: <strong>Adobe</strong> </li> <li>Product: <strong>Acrobat and Reader</strong> </li> </ul> <h3> Date </h3> <ul> <li>Date Added: 2026-04-13</li> <li>Due Date: 2026-04-27</li> </ul> <h3> Description </h3> <p>Adobe Acrobat and Reader contain a prototype pollution vulnerability that allows for arbitrary code execution.</p> <h3> Known To Be Used in Ransomware Campaigns? </h3> <p>Unknown</p> <h3> Action </h3> <p>Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.</p> <h3> Additional Notes </h3> <p><a href="https://helpx.adobe.com/security/products/acrobat/apsb26-43.html" rel="noopener noreferrer">https://helpx.adobe.com/security/products/acrobat/apsb26-43.html</a> ; <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-34621" rel="noopener noreferrer">https://nvd.nist.gov/vuln/detail/CVE-2026-34621</a></p> <h3> Related Security News </h3> <ul> <li><a href="https://www.scyscan.com/news/april-patch-tuesday-fixes-critical-flaws-across-sap-adobe-microsoft-fortinet-and-more/" rel="noopener noreferrer">April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More</a></li> <li><a href="https://www.scyscan.com/news/adobe-rolls-out-emergency-fix-for-acrobat-reader-zero-day-flaw/" rel="noopener noreferrer">Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw</a></li> </ul> <h3> More CVEs Info </h3> <p><a href="https://www.scyscan.com/cves/" rel="noopener noreferrer">Common Vulnerabilities &amp; Exposures (CVE) List</a></p> adobe acrobatandreader cybersecurity vulnerability Freedom Coder Mon, 13 Apr 2026 19:08:20 +0000 https://dev.to/freedom-coder/cve-2026-21643-fortinet-sql-injection-vulnerability-9ld https://dev.to/freedom-coder/cve-2026-21643-fortinet-sql-injection-vulnerability-9ld <h3> CVE ID </h3> <p>CVE-2026-21643</p> <h3> Vulnerability Name </h3> <p>Fortinet SQL Injection Vulnerability</p> <ul> <li>Project: <strong>Fortinet</strong> </li> <li>Product: <strong>FortiClient EMS</strong> </li> </ul> <h3> Date </h3> <ul> <li>Date Added: 2026-04-13</li> <li>Due Date: 2026-04-16</li> </ul> <h3> Description </h3> <p>Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.</p> <h3> Known To Be Used in Ransomware Campaigns? </h3> <p>Unknown</p> <h3> Action </h3> <p>Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.</p> <h3> Additional Notes </h3> <p><a href="https://fortiguard.fortinet.com/psirt/FG-IR-25-1142" rel="noopener noreferrer">https://fortiguard.fortinet.com/psirt/FG-IR-25-1142</a> ; <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-21643" rel="noopener noreferrer">https://nvd.nist.gov/vuln/detail/CVE-2026-21643</a></p> <h3> Related Security News </h3> <ul> <li><a href="https://www.scyscan.com/news/cisa-adds-6-known-exploited-flaws-in-fortinet-microsoft-and-adobe-software/" rel="noopener noreferrer">CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software</a></li> </ul> <h3> More CVEs Info </h3> <p><a href="https://www.scyscan.com/cves/" rel="noopener noreferrer">Common Vulnerabilities &amp; Exposures (CVE) List</a></p> fortinet forticlientems cybersecurity vulnerability Freedom Coder Mon, 13 Apr 2026 19:06:53 +0000 https://dev.to/freedom-coder/cve-2020-9715-adobe-acrobat-use-after-free-vulnerability-248f https://dev.to/freedom-coder/cve-2020-9715-adobe-acrobat-use-after-free-vulnerability-248f <h3> CVE ID </h3> <p>CVE-2020-9715</p> <h3> Vulnerability Name </h3> <p>Adobe Acrobat Use-After-Free Vulnerability</p> <ul> <li>Project: <strong>Adobe</strong> </li> <li>Product: <strong>Acrobat</strong> </li> </ul> <h3> Date </h3> <ul> <li>Date Added: 2026-04-13</li> <li>Due Date: 2026-04-27</li> </ul> <h3> Description </h3> <p>Adobe Acrobat contains a use-after-free vulnerability that allows for code execution</p> <h3> Known To Be Used in Ransomware Campaigns? </h3> <p>Unknown</p> <h3> Action </h3> <p>Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.</p> <h3> Additional Notes </h3> <p><a href="https://helpx.adobe.com/security/products/acrobat/apsb20-48.html" rel="noopener noreferrer">https://helpx.adobe.com/security/products/acrobat/apsb20-48.html</a> ; <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-9715" rel="noopener noreferrer">https://nvd.nist.gov/vuln/detail/CVE-2020-9715</a></p> <h3> Related Security News </h3> <ul> <li><a href="https://www.scyscan.com/news/cisa-adds-6-known-exploited-flaws-in-fortinet-microsoft-and-adobe-software/" rel="noopener noreferrer">CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software</a></li> </ul> <h3> More CVEs Info </h3> <p><a href="https://www.scyscan.com/cves/" rel="noopener noreferrer">Common Vulnerabilities &amp; Exposures (CVE) List</a></p> adobe acrobat cybersecurity vulnerability Freedom Coder Mon, 13 Apr 2026 19:05:27 +0000 https://dev.to/freedom-coder/cve-2023-36424-microsoft-windows-out-of-bounds-read-vulnerability-3gef https://dev.to/freedom-coder/cve-2023-36424-microsoft-windows-out-of-bounds-read-vulnerability-3gef <h3> CVE ID </h3> <p>CVE-2023-36424</p> <h3> Vulnerability Name </h3> <p>Microsoft Windows Out-of-Bounds Read Vulnerability</p> <ul> <li>Project: <strong>Microsoft</strong> </li> <li>Product: <strong>Windows</strong> </li> </ul> <h3> Date </h3> <ul> <li>Date Added: 2026-04-13</li> <li>Due Date: 2026-04-27</li> </ul> <h3> Description </h3> <p>Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation</p> <h3> Known To Be Used in Ransomware Campaigns? </h3> <p>Unknown</p> <h3> Action </h3> <p>Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.</p> <h3> Additional Notes </h3> <p><a href="https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-36424" rel="noopener noreferrer">https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-36424</a> ; <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-36424" rel="noopener noreferrer">https://nvd.nist.gov/vuln/detail/CVE-2023-36424</a></p> <h3> Related Security News </h3> <ul> <li><a href="https://www.scyscan.com/news/cisa-adds-6-known-exploited-flaws-in-fortinet-microsoft-and-adobe-software/" rel="noopener noreferrer">CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software</a></li> </ul> <h3> More CVEs Info </h3> <p><a href="https://www.scyscan.com/cves/" rel="noopener noreferrer">Common Vulnerabilities &amp; Exposures (CVE) List</a></p> microsoft windows cybersecurity vulnerability