Security Updates

Security Updates#

The Melissa Security Update site shows security vulnerabilities affecting Melissa products and services, and provides the information here as part of the ongoing effort to help you manage security risks and help keep your systems protected.

Please submit a Vulnerability Inquiry if you have any questions.

Identifier Number

Title

Status

Attestation Date

CVE 2025-0283

Statement on CVE 2025-0283 Ivanti Connect Secure Policy Secure & ZTA Gateways

Resolved

Jan 08, 2025

CVE 2025-0282

Statement on CVE 2025-0282 Ivanti Connect Secure Policy Secure & ZTA Gateways

Resolved

CVE 2024-4577

Statement on CVE 2024-4577 PHP Zero-day

Resolved

Aug 22, 2024

MD-2024-0822

Statement on MD-2024-0822 Pollyfill.io JavaScript

Resolved

Aug 22, 2024

MD-2024-0719

Statement on MD-2024-0719 CrowdStrike Outage

Resolved

Jul 19, 2024

CVE 2024-5806

Statement on CVE 2024-5806 MOVEit Transfer Bug

Resolved

Jul 01, 2024

CISA-2024-0603

Statement on CISA-2024-0603 Detecting and Preventing Unauthorized User Access for Snowflake Customers

Resolved

Jun 10, 2024

CISA-2024-0411

Statement on CISA-2024-0411 Compromise of Sisense Customer Data

Resolved

May 23, 2024

CVE 2024-4040

Statement on CVE 2024-4040 CrushFTP Zero-day

Resolved

May 10, 2024

CVE 2024-3094

Statement on CVE 2024-3094 Leaky Vessels Vulnerability

Resolved

Apr 23, 2024

CVE 2024-21626

Statement on CVE 2024-21626 Leaky Vessels Vulnerability

Resolved

Mar 27, 2024

CVE 2023-39336

Statement on CVE 2023-39336 Ivanti Juniper SonicWall

Resolved

Jan 29, 2024

MD-2023-1221

Statement on MD-2023-1221 Apache Struts Critical Vulnerability

Resolved

Dec 21, 2023

MD-2023-1114

Statement on MD-2023-1114 ServiceNow Security Vulnerability

Resolved

Nov 14, 2023

MD-2023-1018

Statement on MD-2023-1018 Curl, Libcurl Vulnerability

Resolved

Oct 18, 2023

CVE 2023-4966

Statement on CVE 2023-4966 Citrix Unauthenticated Sensitive Information Disclosure

Resolved

Oct 10, 2023

MD-2023-0811

Statement on MD-2023-0811 Microsoft Azure Breach

Resolved

Aug 11, 2023

CVE 2023-35708

Statement on CVE 2023-35708 MOVEit vulnerability

Resolved

Jun 28, 2023

CVE 2023-35036

Statement on CVE 2023-35036 MOVEit vulnerability

Resolved

CVE 2023-34362

Statement on CVE 2023-34362 MOVEit vulnerability

Resolved

MD-2023-0124

Statement on MD-2023-0124 CircleCI Vulnerability

Resolved

Jan 24, 2023

CVE 2022-3602

Statement on CVE 2022-3602 OpenSSL v3.0 Vulnerability

Resolved

Nov 27, 2022

CVE 2022-42889

Statement on CVE 2022-42889 Text4Shell Vulnerability

Resolved

Oct 26, 2022

CVE 2022-26134

Statement on CVE 2022-26134 OGNL Injection Vulnerability

Resolved

Jun 27, 2022

CVE 2022-22973

Statement on CVE 2022-22973 VMware Vulnerabilities

Resolved

Jul 15, 2022

CVE 2022-22972

Statement on CVE 2022-22972 VMware Vulnerabilities

Resolved

CVE 2022-22960

Statement on CVE 2022-22960 VMware Vulnerabilities

Resolved

CVE 2022-22954

Statement on CVE 2022-22954 VMware Vulnerabilities

Resolved

CVE 2022-1388

Statement on CVE 2022-1388 F5 BIG-IP Vulnerability

Resolved

May 27, 2022

CVE 2022-22965

Statement on CVE 2022-22965 Spring4Shell Vulnerability

Resolved

Apr 29, 2022

CVE 2021-44228

Statement on CVE 2021-44228 Apache Log4j2

Resolved

Dec 13, 2021

CVE 2021-27065

Statement on CVE 2021-27065 MS Exchange Vulnerability

Resolved

Mar 2, 2021

CVE 2021-26858

Statement on CVE 2021-26858 MS Exchange Vulnerability

Resolved

CVE 2021-26857

Statement on CVE 2021-26857 MS Exchange Vulnerability

Resolved

CVE 2021-26855

Statement on CVE 2021-26855 MS Exchange Vulnerability

Resolved

CVE 2021-27078

Statement on CVE 2021-27078 MS Exchange Vulnerability

Resolved

Mar 2, 2021

CVE 2021-26854

Statement on CVE 2021-26854 MS Exchange Vulnerability

Resolved

CVE 2021-26412

Statement on CVE 2021-26412 MS Exchange Vulnerability

Resolved

CVE 2020-10148

Statement on CVE 2020-10148 SolarWinds Orion API Vulnerability

Resolved

Jan 14, 2021