CISA and Partners Release Guidance for Ongoing Global Exploitation of Cisco SD-WAN Systems

Update May 14, 2026: CISA has updated this Alert to include additional vulnerabilities, CVE-2026-20133 and CVE-2026-20182 and associated resources. The purpose of this Alert is to provide resources for organizations with Cisco Software-Defined Wide-Area Networking SD-WAN systems, including Federa...

Astra Linux - уязвимость в gst-plugins-good1.0

GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

CVE-2025-20775

creationtimestamp| type| source ---|---|--- 2026-01-12 10:01:47+00:00| seen| Telegram/B4Ns6MZa2yeXCPgPlhBOXwBNRpMHFi0mVOBvEF18yEU0jtA...

CVE-2019-20775

An issue was discovered on LG mobile devices with Android OS 9.0 Qualcomm SDM450, SDM845, SM6150, and SM8150 chipsets software. Weak encryption leads to local information disclosure. The LG ID is LVE-SMP-190010 August 2019...

CVE-2023-20775

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07978760; Issue ID: ALPS07363410...

CVE-2021-20775

Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege...

CVE-2023-37327

GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

CVE-2023-37327 GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability

GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

CVE-2023-37327 GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability

GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

SUSE CVE-2023-37327

GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

CVE-2023-20775

creationtimestamp| type| source ---|---|--- 2023-07-04 07:28:17+00:00| seen| https://t.me/cibsecurity/65910...

CVE-2023-20775

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07978760; Issue ID: ALPS07363410...

CVE-2023-20775

CVE-2023-20775 describes a local out-of-bounds write in the display code due to a missing bounds check, enabling local privilege escalation with System rights; no user interaction required. Impacted hardware is reported as various MediaTek chips (per connected references), with a patch identified...

CVE-2022-20775

creationtimestamp| type| source ---|---|--- 2022-09-30 22:36:42+00:00| seen| https://t.me/cibsecurity/50810 2026-02-25 16:11:09+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0071 2026-02-25 17:00:01+00:00| exploited|...

CVE-2022-20775

Cisco CVE-2022-20775 affects the Cisco Catalyst SD-WAN Controller/Manager CLI. It is a local, authenticated privilege-escalation in the CLI caused by improper access controls on commands, enabling an attacker to run commands as root. Cisco released updates addressing this, with no workarounds. Af...

CVE-2022-20775 Cisco SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted...

Cisco SD-WAN Software Privilege Escalation Vulnerabilities (cisco-sa-sd-wan-priv-E6e8tEdF)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by multiple vulnerabilities. - Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access...

CVE-2021-20775

creationtimestamp| type| source ---|---|--- 2021-08-18 12:16:52+00:00| seen| https://t.me/cibsecurity/27490...

CVE-2021-20775

Cybozu Garoon is affected by CVE-2021-20775 due to an improper input validation vulnerability that allows a remote authenticated attacker to obtain data from Comment and Space without the viewing privilege. Affected versions are Cybozu Garoon 4.10.0 through 5.5.0. The issue is categorized as an i...

CVE-2021-20775

Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege...