Datasets:
id string | title string | description string | exploitation_techniques list | primary_impact list | secondary_impact list | techniques list | techniques_derived list | label_sources list | attack_version string |
|---|---|---|---|---|---|---|---|---|---|
CVE-2023-36851 | Junos OS: SRX Series: A vulnerability in J-Web allows an unauthenticated attacker to upload and download arbitrary files | A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity.
With a specific request to
webauth_operation.php
that doesn't require authentication, an attacker is able ... | [
"T1190"
] | [
"T1059"
] | [] | [
"T1059",
"T1190"
] | [
"T1014",
"T1027.009",
"T1037",
"T1040",
"T1080",
"T1134",
"T1185",
"T1505.003",
"T1505.005",
"T1542.003",
"T1543",
"T1543.001",
"T1543.003",
"T1543.004",
"T1546.001",
"T1546.004",
"T1546.008",
"T1546.016",
"T1547",
"T1547.006",
"T1548",
"T1550.001",
"T1553.004",
"T1556.... | [
"ctid_kev"
] | 19.1 |
CVE-2019-1087 | An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1086, CVE-2019-1088. | [] | [
"T1068"
] | [] | [
"T1068"
] | [] | [
"ctid_cve"
] | 19.1 | |
CVE-2020-3322 | Cisco Webex Network Recording Player and Cisco Webex Player Denial of Service Vulnerability | A vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Microsoft Windows could allow an attacker to cause a process crash resulting in a Denial of service (DoS) condition for the player application on an affected system. The vulnerability exists due to insufficient validation of certain elem... | [
"T1204.002",
"T1566"
] | [
"T1499.004"
] | [] | [
"T1204.002",
"T1499.004",
"T1566"
] | [
"T1027",
"T1036.001",
"T1539",
"T1553.002",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_cve"
] | 19.1 |
CVE-2023-42793 | In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | [
"T1190"
] | [
"T1059.003"
] | [] | [
"T1059.003",
"T1190"
] | [
"T1014",
"T1027.009",
"T1037",
"T1040",
"T1080",
"T1134",
"T1185",
"T1505.003",
"T1505.005",
"T1542.003",
"T1543",
"T1543.001",
"T1543.003",
"T1543.004",
"T1546.001",
"T1546.004",
"T1546.008",
"T1546.016",
"T1547",
"T1547.006",
"T1548",
"T1550.001",
"T1553.004",
"T1556.... | [
"ctid_kev"
] | 19.1 | |
CVE-2019-0911 | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918. | [
"T1189",
"T1204.002"
] | [
"T1499.004",
"T1574"
] | [] | [
"T1189",
"T1204.002",
"T1499.004",
"T1574"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2020-1027 | An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003. | [] | [] | [] | [
"T1068"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2017-8464 | Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properl... | [] | [] | [] | [
"T1203",
"T1204.002"
] | [] | [
"ctid_cve"
] | 19.1 | |
CVE-2020-11059 | Exposure of Sensitive Information to an Unauthorized Actor in AEgir | In AEgir greater than or equal to 21.7.0 and less than 21.10.1, aegir publish and aegir build may leak secrets from environment variables in the browser bundle published to npm. This has been fixed in 21.10.1. | [] | [
"T1005"
] | [] | [
"T1005"
] | [
"T1007",
"T1016",
"T1018",
"T1033",
"T1036.005",
"T1046",
"T1049",
"T1057",
"T1069",
"T1082",
"T1083",
"T1087",
"T1111",
"T1120",
"T1124",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1135",
"T1217",
"T1528",
"T1539",
"T1550.004",
"T1562.003",
"T1574.006",
"T... | [
"ctid_cve"
] | 19.1 |
CVE-2018-15801 | Authorization Bypass During JWT Issuer Validation with spring-security | Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In order to be impacted, the same private key for an honest issuer and a malicious user must be used when signing JWTs. In that case, a malicious user could fashion signed JWTs with the malicious is... | [] | [] | [
"T1550.001"
] | [
"T1550.001"
] | [
"T1040",
"T1083",
"T1211",
"T1491",
"T1542.002",
"T1556",
"T1557.002",
"T1565.002",
"T1574.005",
"T1574.010",
"T1584.002",
"T1611"
] | [
"ctid_cve"
] | 19.1 |
CVE-2014-4076 | Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability." | [] | [] | [] | [
"T1608"
] | [] | [
"ctid_cve"
] | 19.1 | |
CVE-2020-1163 | An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Defender Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1170. | [] | [
"T1485"
] | [] | [
"T1485"
] | [] | [
"ctid_cve"
] | 19.1 | |
CVE-2015-7755 | Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows remote attackers to obta... | [] | [] | [] | [
"T1211"
] | [
"T1014",
"T1027.009",
"T1037",
"T1040",
"T1080",
"T1134",
"T1185",
"T1505.003",
"T1505.005",
"T1542.003",
"T1543",
"T1543.001",
"T1543.003",
"T1543.004",
"T1546.001",
"T1546.004",
"T1546.008",
"T1546.016",
"T1547",
"T1547.006",
"T1548",
"T1550.001",
"T1553.004",
"T1556.... | [
"ctid_cve"
] | 19.1 | |
CVE-2018-15869 | An Amazon Web Services (AWS) developer who does not specify the --owners flag when describing images via AWS CLI, and therefore not properly validating source software per AWS recommended security best practices, may unintentionally load an undesired and potentially malicious Amazon Machine Image (AMI) from the uncurat... | [] | [] | [] | [
"T1036",
"T1525"
] | [
"T1005",
"T1012",
"T1014",
"T1027.009",
"T1037",
"T1080",
"T1083",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1505.005",
"T1528",
"T1539",
"T1542.003",
"T1543",
"T1543.001",
"T1543.003",
"T1543.004",
"T1546.001",
"T1546.004",
"T1546.008",
"T1546.016",
"T1547",
... | [
"ctid_cve"
] | 19.1 | |
CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | [
"T1190"
] | [
"T1499"
] | [] | [
"T1190",
"T1499"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1499",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_kev"
] | 19.1 | |
CVE-2022-29303 | SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php. | [
"T1505"
] | [
"T1059"
] | [
"T1496"
] | [
"T1059",
"T1496",
"T1505"
] | [
"T1027",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_kev"
] | 19.1 | |
CVE-2020-9819 | A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5, watchOS 5.3.7. Processing a maliciously crafted mail message may lead to heap corruption. | [] | [] | [] | [
"T1114.001",
"T1485",
"T1565.001"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2024-20359 | A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level priv... | [
"T1078"
] | [
"T1059"
] | [
"T1037"
] | [
"T1037",
"T1059",
"T1078"
] | [
"T1027",
"T1027.006",
"T1027.009",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1562.003",
"T1564.009",
"T1574.006",
"T1574.007",
"T1606"
] | [
"ctid_kev"
] | 19.1 | |
CVE-2022-3075 | Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | [
"T1204.001"
] | [] | [] | [
"T1204.001"
] | [
"T1027",
"T1036.001",
"T1539",
"T1553.002",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_kev"
] | 19.1 | |
CVE-2019-3706 | Web Interface Authentication Bypass Vulnerability | Dell EMC iDRAC9 versions prior to 3.24.24.24, 3.21.26.22, 3.22.22.22 and 3.21.25.22 contain an authentication bypass vulnerability. A remote attacker may potentially exploit this vulnerability to bypass authentication and gain access to the system by sending specially crafted data to the iDRAC web interface. | [] | [
"T1190"
] | [] | [
"T1190"
] | [] | [
"ctid_cve"
] | 19.1 |
CVE-2015-0310 | Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X and before 11.2.202.438 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism on Windows, and have an unspecified impact on other platforms, via un... | [
"T1189"
] | [] | [] | [
"T1189"
] | [
"T1007",
"T1016",
"T1018",
"T1033",
"T1036.005",
"T1046",
"T1049",
"T1057",
"T1069",
"T1082",
"T1083",
"T1087",
"T1111",
"T1120",
"T1124",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1135",
"T1217",
"T1528",
"T1539",
"T1550.004",
"T1562.003",
"T1574.006",
"T... | [
"ctid_kev"
] | 19.1 | |
CVE-2019-18582 | Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may potentially exploit this vulnerability to inject ... | [] | [
"T1059"
] | [] | [
"T1059"
] | [
"T1027",
"T1027.006",
"T1027.009",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1562.003",
"T1564.009",
"T1574.006",
"T1574.007",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2020-3452 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability | A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of ... | [
"T1202"
] | [
"T1005"
] | [] | [
"T1005",
"T1202"
] | [
"T1036",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1574.002",
"T1574.008",
"T1606"
] | [
"ctid_kev"
] | 19.1 |
CVE-2025-0411 | 7-Zip Mark-of-the-Web Bypass Vulnerability | 7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific ... | [
"T1553.005",
"T1566.001"
] | [
"T1588.001"
] | [] | [
"T1553.005",
"T1566.001",
"T1588.001"
] | [
"T1040",
"T1083",
"T1565.002",
"T1574.005",
"T1574.010",
"T1611"
] | [
"ctid_kev"
] | 19.1 |
CVE-2019-1021 | Windows Audio Service Elevation of Privilege Vulnerability | An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.
To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself do... | [] | [
"T1068"
] | [] | [
"T1068"
] | [] | [
"ctid_cve"
] | 19.1 |
CVE-2023-33538 | TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm . | [
"T1068"
] | [
"T1059"
] | [] | [
"T1059",
"T1068"
] | [
"T1027",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_kev"
] | 19.1 | |
CVE-2020-11035 | weak CSRF tokens in GLPI | In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values. This is fixed in version 9.4.6. | [
"T1110"
] | [
"T1040",
"T1078",
"T1557"
] | [] | [
"T1040",
"T1078",
"T1110",
"T1557"
] | [
"T1036.001",
"T1040",
"T1083",
"T1553.002",
"T1565.002",
"T1574.005",
"T1574.010",
"T1611"
] | [
"ctid_cve"
] | 19.1 |
CVE-2018-14819 | Fuji Electric V-Server 4.0.3.0 and prior, An out-of-bounds read vulnerability has been identified, which may allow remote code execution. | [] | [
"T1574"
] | [] | [
"T1574"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2025-3248 | Langflow < 1.3.0 Unauthenticated RCE via /api/v1/validate/code | Langflow versions prior to 1.3.0 are susceptible to code injection in
the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary
code. | [
"T1203"
] | [
"T1059"
] | [] | [
"T1059",
"T1203"
] | [
"T1027",
"T1027.006",
"T1027.009",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1562.003",
"T1564.009",
"T1574.006",
"T1574.007",
"T1606"
] | [
"ctid_kev"
] | 19.1 |
CVE-2020-0898 | An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0791. | [] | [
"T1499.004",
"T1574"
] | [] | [
"T1499.004",
"T1574"
] | [] | [
"ctid_cve"
] | 19.1 | |
CVE-2013-5211 | The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013. | [] | [] | [] | [
"T1189",
"T1203"
] | [
"T1027",
"T1036.001",
"T1539",
"T1553.002",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2020-15170 | Missing access control in apollo-adminservice | apollo-adminservice before version 1.7.1 does not implement access controls. If users expose apollo-adminservice to internet(which is not recommended), there are potential security issues since apollo-adminservice is designed to work in intranet and it doesn't have access control built-in. Malicious hackers may access ... | [] | [
"T1190"
] | [] | [
"T1190"
] | [
"T1027",
"T1036.001",
"T1539",
"T1553.002",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_cve"
] | 19.1 |
CVE-2020-1631 | Out of Cycle Security Advisory: Junos OS: Security vulnerability in J-Web and web based (HTTP/HTTPS) services | A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform local file inclusion (LFI) or path traversal. Using this vulnerability, an attacker may... | [] | [] | [] | [
"T1203"
] | [
"T1036",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1574.002",
"T1574.008",
"T1606"
] | [
"ctid_cve"
] | 19.1 |
CVE-2021-26085 | Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3. | [
"T1190"
] | [
"T1005"
] | [] | [
"T1005",
"T1190"
] | [
"T1005",
"T1012",
"T1014",
"T1027.009",
"T1037",
"T1040",
"T1080",
"T1083",
"T1134",
"T1134.001",
"T1185",
"T1211",
"T1505.003",
"T1505.005",
"T1542.002",
"T1542.003",
"T1543",
"T1543.001",
"T1543.003",
"T1543.004",
"T1546.001",
"T1546.004",
"T1546.008",
"T1546.016",
... | [
"ctid_kev"
] | 19.1 | |
CVE-2022-43939 | Hitachi Vantara Pentaho Business Analytics Server - Use of Non-Canonical URL Paths for Authorization Decisions | Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented. | [
"T1190"
] | [
"T1059"
] | [] | [
"T1059",
"T1190"
] | [
"T1005",
"T1012",
"T1014",
"T1027.009",
"T1037",
"T1080",
"T1083",
"T1134.001",
"T1505.005",
"T1542.003",
"T1543",
"T1543.001",
"T1543.003",
"T1543.004",
"T1546.001",
"T1546.004",
"T1546.008",
"T1546.016",
"T1547",
"T1547.006",
"T1550.004",
"T1552.002",
"T1553.004",
"T1... | [
"ctid_kev"
] | 19.1 |
CVE-2013-1331 | Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability." | [] | [] | [] | [
"T1203",
"T1204.002"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2013-6129 | The install/upgrade.php scripts in vBulletin 4.1 and 5 allow remote attackers to create administrative accounts via the customerid, htmldata[password], htmldata[confirmpassword], and htmldata[email] parameters, as exploited in the wild in October 2013. | [] | [] | [] | [
"T1087",
"T1136",
"T1190"
] | [] | [
"ctid_cve"
] | 19.1 | |
CVE-2020-11884 | In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A crash could also occur. | [] | [] | [] | [
"T1499.004"
] | [] | [
"ctid_cve"
] | 19.1 | |
CVE-2011-0611 | Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS... | [
"T1204.002"
] | [
"T1105"
] | [] | [
"T1105",
"T1204.002"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_kev"
] | 19.1 | |
CVE-2016-3298 | Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." | [] | [] | [] | [
"T1083",
"T1189"
] | [] | [
"ctid_cve"
] | 19.1 | |
CVE-2018-10610 | An out-of-bounds vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the application processes specially crafted project files. | [] | [
"T1005",
"T1499.004",
"T1557",
"T1574"
] | [] | [
"T1005",
"T1499.004",
"T1557",
"T1574"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2019-1889 | Cisco Application Policy Infrastructure Controller REST API Privilege Escalation Vulnerability | A vulnerability in the REST API for software device management in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an authenticated, remote attacker to escalate privileges to root on an affected device. The vulnerability is due to incomplete validation and error checking for the file path ... | [
"T1078"
] | [
"T1068"
] | [] | [
"T1068",
"T1078"
] | [
"T1027",
"T1036.001",
"T1539",
"T1553.002",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_cve"
] | 19.1 |
CVE-2019-3750 | Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the "Temp\IC\ICDebugLog.txt" to any targeted file. This issue occurs beca... | [] | [
"T1485"
] | [] | [
"T1485"
] | [
"T1027.006",
"T1027.009",
"T1036",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1547.009",
"T1550.004",
"T1564.009",
"T1574.002",
"T1574.005",
"T1574.008",
"T1574.010",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2013-5054 | Microsoft Office 2013 and 2013 RT allows remote attackers to discover authentication tokens via a crafted response to a file-open request for an Office file on a web site, as exploited in the wild in 2013, aka "Token Hijacking Vulnerability." | [] | [] | [] | [
"T1212",
"T1528"
] | [
"T1007",
"T1016",
"T1018",
"T1033",
"T1036.005",
"T1046",
"T1049",
"T1057",
"T1069",
"T1082",
"T1083",
"T1087",
"T1111",
"T1120",
"T1124",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1135",
"T1217",
"T1528",
"T1539",
"T1550.004",
"T1562.003",
"T1574.006",
"T... | [
"ctid_cve"
] | 19.1 | |
CVE-2018-7496 | An Information Exposure issue was discovered in OSIsoft PI Vision versions 2017 and prior. The server response header and referrer-policy response header each provide unintended information disclosure. | [] | [] | [] | [
"T1190",
"T1211"
] | [
"T1007",
"T1016",
"T1018",
"T1033",
"T1036.005",
"T1046",
"T1049",
"T1057",
"T1069",
"T1082",
"T1083",
"T1087",
"T1111",
"T1120",
"T1124",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1135",
"T1217",
"T1528",
"T1539",
"T1550.004",
"T1562.003",
"T1574.006",
"T... | [
"ctid_cve"
] | 19.1 | |
CVE-2010-2884 | Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial ... | [] | [] | [] | [
"T1068"
] | [] | [
"ctid_cve"
] | 19.1 | |
CVE-2019-3728 | RSA BSAFE Crypto-C Micro Edition versions from 4.0.0.0 before 4.0.5.4 and from 4.1.0 before 4.1.4, RSA BSAFE Micro Edition Suite versions from 4.0.0 before 4.0.13 and from 4.1.0 before 4.4 and RSA Crypto-C versions from 6.0.0 through 6.4.* are vulnerable to an out-of-bounds read vulnerability when processing DSA signat... | [] | [
"T1489"
] | [] | [
"T1489"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2018-15758 | Privilege Escalation in spring-security-oauth2 | Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2 prior to 2.2.3, and 2.1 prior to 2.1.3, and 2.0 prior to 2.0.16, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can craft a request to the approval endpoint that can modify t... | [
"T1190"
] | [
"T1068"
] | [] | [
"T1068",
"T1190"
] | [] | [
"ctid_cve"
] | 19.1 |
CVE-2021-31166 | HTTP Protocol Stack Remote Code Execution Vulnerability | HTTP Protocol Stack Remote Code Execution Vulnerability | [
"T1190"
] | [
"T1059"
] | [] | [
"T1059",
"T1190"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_kev"
] | 19.1 |
CVE-2018-15376 | Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write Vulnerabilities | A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerability is due to the presence of certain te... | [
"T1091",
"T1204.002",
"T1566"
] | [
"T1499.004",
"T1574"
] | [] | [
"T1091",
"T1204.002",
"T1499.004",
"T1566",
"T1574"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 |
CVE-2014-6293 | SQL injection vulnerability in the Statistics (ke_stats) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in February 2014. | [] | [] | [] | [
"T1059",
"T1190"
] | [
"T1027",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2015-2502 | Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," as exploited in the wild in August 2015. | [] | [] | [] | [
"T1189",
"T1203"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2008-2992 | Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104. | [
"T1204.002"
] | [] | [] | [
"T1203",
"T1204.002"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve",
"ctid_kev"
] | 19.1 | |
CVE-2020-5350 | Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 contain a command injection vulnerability in the ACM component. A remote authenticated malicious user with root privileges could inject parameters in the ACM component APIs that could lead to manipulation of passwords and execution of malici... | [] | [
"T1059"
] | [
"T1098"
] | [
"T1059",
"T1098"
] | [
"T1027",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2019-3788 | UAA redirect-uri allows wildcard in the subdomain | Cloud Foundry UAA Release, versions prior to 71.0, allows clients to be configured with an insecure redirect uri. Given a UAA client was configured with a wildcard in the redirect uri's subdomain, a remote malicious unauthenticated user can craft a phishing link to get a UAA access code from the victim. | [
"T1566.002"
] | [] | [
"T1036"
] | [
"T1036",
"T1566.002"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 |
CVE-2014-0322 | Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the wild in January and February 2014. | [] | [] | [] | [
"T1068"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2021-22205 | An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution. | [
"T1190"
] | [
"T1059",
"T1498"
] | [
"T1496",
"T1498"
] | [
"T1059",
"T1190",
"T1496",
"T1498"
] | [
"T1027",
"T1027.006",
"T1027.009",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1562.003",
"T1564.009",
"T1574.006",
"T1574.007",
"T1606"
] | [
"ctid_kev"
] | 19.1 | |
CVE-2014-3413 | The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote attackers to obtain sensitive information and consequently obtain administrative control by leveraging database access. | [] | [] | [] | [
"T1190",
"T1499.004"
] | [
"T1014",
"T1027.009",
"T1037",
"T1040",
"T1078.001",
"T1080",
"T1083",
"T1110",
"T1134",
"T1185",
"T1505.003",
"T1505.005",
"T1542.003",
"T1543",
"T1543.001",
"T1543.003",
"T1543.004",
"T1546.001",
"T1546.004",
"T1546.008",
"T1546.016",
"T1547",
"T1547.006",
"T1548",
... | [
"ctid_cve"
] | 19.1 | |
CVE-2015-5119 | Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corru... | [
"T1059.007",
"T1203",
"T1204.001",
"T1566.002"
] | [
"T1105"
] | [
"T1055.001",
"T1071.001"
] | [
"T1055.001",
"T1059.007",
"T1071.001",
"T1105",
"T1203",
"T1204.001",
"T1566.002"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_kev"
] | 19.1 | |
CVE-2018-19831 | The ToOwner() function of a smart contract implementation for Cryptbond Network (CBN), an tradable Ethereum ERC20 token, allows attackers to change the owner of the contract, because the function does not check the caller's identity. | [] | [] | [] | [
"T1068",
"T1565"
] | [
"T1014",
"T1027.009",
"T1037",
"T1040",
"T1080",
"T1134",
"T1185",
"T1505.003",
"T1505.005",
"T1542.003",
"T1543",
"T1543.001",
"T1543.003",
"T1543.004",
"T1546.001",
"T1546.004",
"T1546.008",
"T1546.016",
"T1547",
"T1547.006",
"T1548",
"T1550.001",
"T1553.004",
"T1556.... | [
"ctid_cve"
] | 19.1 | |
CVE-2020-5539 | GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and Ver.3.0 do not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and then alter or disclose the information via unspecified vectors. | [] | [] | [] | [
"T1005",
"T1068",
"T1565.001"
] | [
"T1005",
"T1012",
"T1014",
"T1027.009",
"T1037",
"T1080",
"T1083",
"T1134.001",
"T1505.005",
"T1542.003",
"T1543",
"T1543.001",
"T1543.003",
"T1543.004",
"T1546.001",
"T1546.004",
"T1546.008",
"T1546.016",
"T1547",
"T1547.006",
"T1550.004",
"T1552.002",
"T1553.004",
"T1... | [
"ctid_cve"
] | 19.1 | |
CVE-2020-1190 | An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1144, CVE-2020-1184, CVE-2020-1185,... | [] | [
"T1068"
] | [] | [
"T1068"
] | [] | [
"ctid_cve"
] | 19.1 | |
CVE-2020-3580 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities | Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. T... | [
"T1204.001"
] | [
"T1059"
] | [
"T1217"
] | [
"T1059",
"T1204.001",
"T1217"
] | [
"T1027",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_kev"
] | 19.1 |
CVE-2018-11069 | RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. A remote attacker may be able to recover a RSA key. | [
"T1110"
] | [
"T1600"
] | [] | [
"T1110",
"T1600"
] | [
"T1036.001",
"T1040",
"T1083",
"T1553.002",
"T1565.002",
"T1574.005",
"T1574.010",
"T1611"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2016-1409 | The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016. | [] | [] | [] | [
"T1189",
"T1203"
] | [
"T1027",
"T1036.001",
"T1539",
"T1553.002",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2020-5279 | Improper Access Control for certain legacy controller in PrestaShop | In PrestaShop between versions 1.5.0.0 and 1.7.6.5, there are improper access control since the the version 1.5.0.0 for legacy controllers. - admin-dev/index.php/configure/shop/customer-preferences/ - admin-dev/index.php/improve/international/translations/ - admin-dev/index.php/improve/international/geolocation/ - admi... | [] | [
"T1190"
] | [] | [
"T1190"
] | [
"T1005",
"T1012",
"T1014",
"T1027.009",
"T1037",
"T1080",
"T1083",
"T1134.001",
"T1505.005",
"T1542.003",
"T1543",
"T1543.001",
"T1543.003",
"T1543.004",
"T1546.001",
"T1546.004",
"T1546.008",
"T1546.016",
"T1547",
"T1547.006",
"T1550.004",
"T1552.002",
"T1553.004",
"T1... | [
"ctid_cve"
] | 19.1 |
CVE-2020-15143 | Remote Code Execution in SyliusResourceBundle | In SyliusResourceBundle before versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4, rrequest parameters injected inside an expression evaluated by `symfony/expression-language` package haven't been sanitized properly. This allows the attacker to access any public service by manipulating that request parameter, allowing for Remote ... | [
"T1133"
] | [
"T1059"
] | [] | [
"T1059",
"T1133"
] | [
"T1027",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_cve"
] | 19.1 |
CVE-2019-6522 | Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot. | [] | [
"T1005",
"T1499.004"
] | [] | [
"T1005",
"T1499.004"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2020-3397 | Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability | A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation o... | [
"T1190"
] | [
"T1499.004"
] | [] | [
"T1190",
"T1499.004"
] | [
"T1027",
"T1036.001",
"T1539",
"T1553.002",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_cve"
] | 19.1 |
CVE-2018-7499 | In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-based buffer overflow vulnerabilities have been identified, which may allow an att... | [] | [
"T1499.004",
"T1574"
] | [] | [
"T1499.004",
"T1574"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2018-20838 | ampforwp_save_steps_data in the AMP for WP plugin before 0.9.97.21 for WordPress allows stored XSS. | [] | [] | [] | [
"T1203"
] | [
"T1027",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2019-3763 | The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain an information exposure vulnerability. The Office 365 user password may get logged in a plain text format in the Office 365 connector debug log file. An authenticated malicious local user with acc... | [] | [
"T1552"
] | [
"T1078"
] | [
"T1078",
"T1552"
] | [
"T1007",
"T1016",
"T1018",
"T1033",
"T1036.005",
"T1046",
"T1049",
"T1057",
"T1069",
"T1082",
"T1083",
"T1087",
"T1111",
"T1120",
"T1124",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1135",
"T1217",
"T1528",
"T1539",
"T1550.004",
"T1562.003",
"T1574.006",
"T... | [
"ctid_cve"
] | 19.1 | |
CVE-2012-6081 | Multiple unrestricted file upload vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it ... | [] | [] | [] | [
"T1190",
"T1505.003"
] | [] | [
"ctid_cve"
] | 19.1 | |
CVE-2017-7533 | Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions. | [] | [] | [] | [
"T1068",
"T1499"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1499.004",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2025-22457 | A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution. | [
"T1190"
] | [
"T1059"
] | [] | [
"T1059",
"T1190"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_kev"
] | 19.1 | |
CVE-2012-1675 | The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by performing a remote regis... | [] | [] | [] | [
"T1190",
"T1499.004"
] | [] | [
"ctid_cve"
] | 19.1 | |
CVE-2017-11774 | Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability." | [] | [] | [] | [
"T1190"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2020-3216 | Cisco IOS XE SD-WAN Software Authentication Bypass Vulnerability | A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An atta... | [] | [
"T1068"
] | [
"T1059"
] | [
"T1059",
"T1068"
] | [
"T1014",
"T1027.009",
"T1037",
"T1040",
"T1080",
"T1134",
"T1185",
"T1505.003",
"T1505.005",
"T1542.003",
"T1543",
"T1543.001",
"T1543.003",
"T1543.004",
"T1546.001",
"T1546.004",
"T1546.008",
"T1546.016",
"T1547",
"T1547.006",
"T1548",
"T1550.001",
"T1553.004",
"T1556.... | [
"ctid_cve"
] | 19.1 |
CVE-2019-1031 | Microsoft Office SharePoint XSS Vulnerability | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
The attacker ... | [] | [
"T1059"
] | [
"T1005",
"T1036",
"T1485",
"T1565"
] | [
"T1005",
"T1036",
"T1059",
"T1485",
"T1565"
] | [
"T1027",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_cve"
] | 19.1 |
CVE-2020-5326 | Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with physical access to the system could perform unauthorized changes to the BIOS Setup configuration settings without requiring ... | [] | [
"T1068"
] | [
"T1542.001"
] | [
"T1068",
"T1542.001"
] | [
"T1014",
"T1027.009",
"T1037",
"T1040",
"T1080",
"T1134",
"T1185",
"T1505.003",
"T1505.005",
"T1542.003",
"T1543",
"T1543.001",
"T1543.003",
"T1543.004",
"T1546.001",
"T1546.004",
"T1546.008",
"T1546.016",
"T1547",
"T1547.006",
"T1548",
"T1550.001",
"T1553.004",
"T1556.... | [
"ctid_cve"
] | 19.1 | |
CVE-2019-5591 | A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server. | [
"T1133"
] | [
"T1557"
] | [
"T1005"
] | [
"T1005",
"T1133",
"T1557"
] | [
"T1014",
"T1027.009",
"T1037",
"T1040",
"T1080",
"T1134",
"T1185",
"T1505.003",
"T1505.005",
"T1542.003",
"T1543",
"T1543.001",
"T1543.003",
"T1543.004",
"T1546.001",
"T1546.004",
"T1546.008",
"T1546.016",
"T1547",
"T1547.006",
"T1548",
"T1550.001",
"T1553.004",
"T1556.... | [
"ctid_kev"
] | 19.1 | |
CVE-2020-15505 | A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers... | [
"T1190"
] | [
"T1059"
] | [] | [
"T1059",
"T1190"
] | [
"T1036",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1574.002",
"T1574.008",
"T1606"
] | [
"ctid_kev"
] | 19.1 | |
CVE-2019-1270 | An elevation of privilege vulnerability exists in Windows store installer where WindowsApps directory is vulnerable to symbolic link attack, aka 'Microsoft Windows Store Installer Elevation of Privilege Vulnerability'. | [
"T1202"
] | [
"T1485",
"T1565"
] | [] | [
"T1202",
"T1485",
"T1565"
] | [
"T1027.006",
"T1027.009",
"T1036",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1547.009",
"T1550.004",
"T1564.009",
"T1574.002",
"T1574.005",
"T1574.008",
"T1574.010",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2020-6820 | Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1. | [] | [] | [] | [
"T1055",
"T1189"
] | [] | [
"ctid_cve"
] | 19.1 | |
CVE-2020-11068 | Potential Buffer Overflow in LoRaMac-node | In LoRaMac-node before 4.4.4, a reception buffer overflow can happen due to the received buffer size not being checked. This has been fixed in 4.4.4. | [] | [
"T1499.004",
"T1574"
] | [] | [
"T1499.004",
"T1574"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 |
CVE-2020-3120 | Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability | A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check... | [] | [
"T1499"
] | [] | [
"T1499"
] | [] | [
"ctid_cve"
] | 19.1 |
CVE-2023-0386 | A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on t... | [
"T1055.012",
"T1548.001"
] | [
"T1543"
] | [
"T1685"
] | [
"T1055.012",
"T1543",
"T1548.001",
"T1685"
] | [
"T1014",
"T1027.006",
"T1027.009",
"T1037",
"T1080",
"T1505.005",
"T1542.003",
"T1543",
"T1543.001",
"T1543.003",
"T1543.004",
"T1546.001",
"T1546.004",
"T1546.008",
"T1546.016",
"T1547",
"T1547.006",
"T1553.004",
"T1556.006",
"T1562.001",
"T1562.002",
"T1562.004",
"T1562... | [
"ctid_kev"
] | 19.1 | |
CVE-2020-3126 | Cisco Webex Meetings Multimedia Viewer Vulnerability | vulnerability within the Multimedia Viewer feature of Cisco Webex Meetings could allow an authenticated, remote attacker to bypass security protections. The vulnerability is due to missing security warning dialog boxes when a room host views shared multimedia files. An authenticated, remote attacker could exploit this ... | [
"T1190"
] | [
"T1080",
"T1204.002"
] | [] | [
"T1080",
"T1190",
"T1204.002"
] | [
"T1027",
"T1036.001",
"T1539",
"T1553.002",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_cve"
] | 19.1 |
CVE-2019-13608 | Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks. | [] | [
"T1059"
] | [
"T1003",
"T1005",
"T1046",
"T1078"
] | [
"T1003",
"T1005",
"T1046",
"T1059",
"T1078"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_kev"
] | 19.1 | |
CVE-2007-5659 | Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655. | [
"T1204.002"
] | [] | [] | [
"T1204.002"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_kev"
] | 19.1 | |
CVE-2009-4324 | Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009. | [
"T1204.002"
] | [
"T1071.001"
] | [] | [
"T1071.001",
"T1203",
"T1204.002"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve",
"ctid_kev"
] | 19.1 | |
CVE-2013-3900 | WinVerifyTrust Signature Validation Vulnerability | Why is Microsoft republishing a CVE from 2013?
We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. While the format is different from the... | [] | [] | [] | [
"T1190",
"T1539"
] | [
"T1040",
"T1083",
"T1211",
"T1491",
"T1542.002",
"T1556",
"T1557.002",
"T1565.002",
"T1574.005",
"T1574.010",
"T1584.002",
"T1611"
] | [
"ctid_cve"
] | 19.1 |
CVE-2019-13720 | Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | [] | [] | [] | [
"T1189",
"T1203"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2019-16782 | Possible Information Leak / Session Hijack Vulnerability in Rack | There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses so... | [
"T1110"
] | [
"T1563"
] | [] | [
"T1110",
"T1563"
] | [
"T1007",
"T1016",
"T1018",
"T1033",
"T1036.005",
"T1046",
"T1049",
"T1057",
"T1069",
"T1082",
"T1083",
"T1087",
"T1111",
"T1120",
"T1124",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1135",
"T1217",
"T1528",
"T1539",
"T1550.004",
"T1562.003",
"T1574.006",
"T... | [
"ctid_cve"
] | 19.1 |
CVE-2009-1671 | Multiple buffer overflows in the Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allow remote attackers to execute arbitrary code via a long string argument to the (1) setInstallerType, (2) setAdditionalPackages, (3) compareVersion, (4) getStaticCLSI... | [] | [] | [] | [
"T1203"
] | [
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2016-1010 | Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified v... | [
"T1574"
] | [] | [] | [
"T1574"
] | [] | [
"ctid_kev"
] | 19.1 | |
CVE-2025-25181 | A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter. | [
"T1055",
"T1068"
] | [
"T1485"
] | [] | [
"T1055",
"T1068",
"T1485"
] | [
"T1027",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_kev"
] | 19.1 | |
CVE-2025-43200 | This issue was addressed with improved checks. This issue is fixed in iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.1 and iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, visionOS 2.3.1, watchOS 11.3.1. A logic issue existed when processing a malici... | [
"T1203"
] | [
"T1105"
] | [
"T1005"
] | [
"T1005",
"T1105",
"T1203"
] | [] | [
"ctid_kev"
] | 19.1 | |
CVE-2013-5576 | administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . (dot), as exploited in th... | [] | [] | [] | [
"T1190",
"T1505.003"
] | [
"T1027",
"T1036.001",
"T1539",
"T1553.002",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2018-20250 | In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path. | [] | [] | [] | [
"T1203",
"T1204.002"
] | [
"T1036",
"T1134",
"T1134.001",
"T1134.002",
"T1134.003",
"T1528",
"T1539",
"T1550.004",
"T1574.002",
"T1574.008",
"T1606"
] | [
"ctid_cve"
] | 19.1 | |
CVE-2019-10149 | A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution. | [] | [] | [] | [
"T1190",
"T1203"
] | [
"T1027",
"T1562.003",
"T1574.006",
"T1574.007"
] | [
"ctid_cve"
] | 19.1 |
vulnerability-attack-techniques
This dataset maps 1,207 CVEs to MITRE ATT&CK (Enterprise) techniques, joining hand-curated mappings from the MITRE Center for Threat-Informed Defense (CTID) with vulnerability descriptions from CIRCL/vulnerability-scores. It is intended for training and evaluating models that suggest candidate ATT&CK techniques from a vulnerability description: CVSS tells you how bad a vulnerability is, CWE what kind of flaw it is — ATT&CK tells defenders what adversary behavior to expect and detect.
Every label in the techniques column was written by an analyst following the CTID
"Mapping ATT&CK to CVE for Impact" methodology,
which assigns each CVE up to three kinds of techniques: an exploitation
technique (how it is exploited), a primary impact (what exploitation
directly yields), and a secondary impact (what the attacker can do next).
Label sources
label_sources |
CVEs | Origin |
|---|---|---|
ctid_cve |
788 | attack_to_cve (2021), ATT&CK v9 era |
ctid_kev |
392 | Mappings Explorer KEV mappings, ATT&CK 16.1 |
| both | 27 |
All technique IDs are normalized to enterprise ATT&CK v19.1: techniques revoked
since the original mappings are remapped to their successor via the STIX
revoked-by relationships (e.g. T1562 Impair Defenses → T1685 Disable or
Modify Tools), and Mobile/ICS techniques are dropped (enterprise domain only).
⚠️ techniques vs techniques_derived
The techniques_derived column contains labels from the automatically derived
CVE → CWE → CAPEC → ATT&CK chain maintained by
CVE2CAPEC. Do not train on this
column. Analysis of the chain shows a median fan-out of 4–20 techniques per
CVE and top-frequency techniques (e.g. T1574.007 on 53% of 2024 CVEs) that are
artifacts of the cross-framework table expansion, not descriptions of real
adversary behavior. The column is included as:
- a candidate prior at inference time (restrict suggestions to techniques compatible with the CWE chain);
- a baseline that a trained model must beat;
- a comparison column for studying where the deterministic chain diverges from analyst judgment.
The full source analysis is documented in the VulnTrain documentation.
Fields
| Field | Type | Description |
|---|---|---|
id |
string | CVE identifier |
title |
string | Vulnerability title |
description |
string | Vulnerability description in English (model input) |
exploitation_techniques |
list[string] | CTID exploitation technique(s) |
primary_impact |
list[string] | CTID primary impact technique(s) |
secondary_impact |
list[string] | CTID secondary impact technique(s) |
techniques |
list[string] | Union of all curated techniques — the training target |
techniques_derived |
list[string] | CVE2CAPEC weak labels — not for training |
label_sources |
list[string] | ctid_cve and/or ctid_kev |
attack_version |
string | Enterprise ATT&CK version the IDs are normalized to |
Label statistics
192 distinct techniques; 66 with at least 5 examples. Most CVEs carry 1–3 techniques. Top techniques: T1190 Exploit Public-Facing Application (348), T1059 Command and Scripting Interpreter (262), T1203 Exploitation for Client Execution (213), T1068 Exploitation for Privilege Escalation (189).
Known limitations
- Size: ~1,200 CVEs supports a proof-of-concept, not a production model.
- Selection bias: both label sources over-represent exploited-in-the-wild vulnerabilities (the KEV set by construction).
- Inherent task ceiling: a CVE description describes a flaw, while ATT&CK describes attacker behavior around it — even human annotators disagree on such mappings. Models trained on this data should suggest candidate techniques for analyst review, not produce authoritative mappings.
Usage
from datasets import load_dataset
dataset = load_dataset("CIRCL/vulnerability-attack-techniques")
for entry in dataset["train"].select(range(3)):
print(entry["id"], entry["techniques"], "-", entry["description"][:80])
Licensing of upstream sources
The CTID mappings are Apache-2.0. Descriptions come from
CIRCL/vulnerability-scores
(CC BY 4.0). The techniques_derived column is derived from the GPLv3
CVE2CAPEC project. MITRE ATT&CK® is a
registered trademark of The MITRE Corporation; ATT&CK content is used in
accordance with the MITRE ATT&CK terms of use.
References
- Vulnerability-Lookup — the vulnerability data source
- VulnTrain — generation pipeline (
vulntrain-dataset-attack-generation) - Methodology documentation
- MITRE CTID attack_to_cve and Mappings Explorer
- CVE2CAPEC by Galeax
- Downloads last month
- -