Security Updates

Security Updates#

The Melissa Security Update site shows security vulnerabilities affecting Melissa products and services, and provides the information here as part of the ongoing effort to help you manage security risks and help keep your systems protected.

Please submit a Vulnerability Inquiry if you have any questions.

Identifier Number	Title	Status	Attestation Date
CVE-2025-24813	CVE-2025-24813 Apache Tomcat Vulnerability	Resolved	4/10/2025
CVE-2025-0283	CVE-2025-0283 Ivanti Connect Secure Policy Secure & ZTA Gateways	Resolved	2/7/2025
CVE-2025-0282	CVE-2025-0282 Ivanti Connect Secure Policy Secure & ZTA Gateways	Resolved	2/7/2025
CVE-2024-12686	CVE-2024-12686 BeyondTrust Command Injection Vulnerability	Resolved	1/30/2025
CVE-2024-12356	CVE-2024-12356 BeyondTrust Command Injection Vulnerability	Resolved	1/30/2025
CVE-2024-9474	CVE-2024-9474 Palo Alto PAN-OS: Privilege Escalation (PE) Vulnerability	Resolved	1/30/2025
CVE-2024-0012	CVE-2024-0012 Palo Alto PAN-OS: Authentication Bypass Vulnerability	Resolved	1/30/2025
CVE-2024-55956	CVE-2024-55956 Cleo Product Security Update	Resolved	12/23/2024
CVE-2024-50623	CVE-2024-50623 Cleo Product Security Advisory	Resolved	12/23/2024
MD-2024-0719	MD-2024-0719 CrowdStrike Outage	Resolved	7/19/2024
CVE-2024-5806	CVE-2024-5806 MOVEit Transfer	Resolved	7/1/2024
CISA-2024-0603	CISA-2024-0603 Snowflake Cyber Security Threat	Resolved	6/10/2024
CVE-2024-4040	CVE-2024-4040 CrushFTP Zero-day	Resolved	5/10/2024
CVE-2024-3094	CVE-2024-3094 XZ Utils Vulnerability	Resolved	4/23/2024
CISA-2024-0411	CISA-2024-0411 Compromise of Sisense Customer Data	Resolved	4/23/2024
CVE-2024-21626	CVE-2024-21626 Leaky Vessels Vulnerability	Resolved	3/27/2024
CVE-2023-46805	CVE-2023-46805 Ivanti Authentication Bypass Vulnerability	Resolved	1/29/2024
CVE-2023-39336	CVE-2023-39336 Ivanti Endpoint Manager Vulnerability	Resolved	1/29/2024
CVE-2024-21887	CVE-2024-21887 Ivanti Command Injection Vulnerability	Resolved	1/29/2024
CVE-2024-21591	CVE-2024-21591 Juniper Networks Junos OS Vulnerability	Resolved	1/29/2024
CVE-2023-50164	CVE-2023-50164 Apache Struts Critical Vulnerability	Resolved	12/15/2023
CVE-2023-42657	CVE-2023-42657 WS_FTP Server Directory Traversal	Resolved	11/28/2023
CVE-2023-40044	CVE-2023-40044 WS_FTP Server Ad Hoc Transfer Module .NET Deserialization Vulnerability	Resolved	11/28/2023
CVE-2023-4863	CVE-2023-4863 Libwebp Google Chrome Vulnerability	Resolved	11/28/2023
CVE-2023-4966	CVE-2023-4966 Citrix Information Disclosure	Resolved	11/27/2023
CVE-2023-38546	CVE-2023-38546 Libcurl Vulnerability	Resolved	10/30/2023
CVE-2023-38545	CVE-2023-38545 Curl Vulnerability	Resolved	10/30/2023
MD-2023-0802	MD-2023-0802 Microsoft Azure Breach	Resolved	8/2/2023
CVE-2023-35036	CVE-2023-35036 MOVEit Vulnerability	Resolved	6/13/2023
CVE-2023-34362	CVE-2023-34362 MOVEit Vulnerability	Resolved	6/13/2023
MD-2023-0124	MD-2023-0124 CircleCI Breach	Resolved	1/24/2023
CVE-2022-3786	CVE-2022-3786 OpenSSL v3.0 Vulnerability	Resolved	11/27/2022
CVE-2022-3602	CVE-2022-3602 OpenSSL v3.0 Vulnerability	Resolved	11/27/2022
CVE-2022-22973	CVE-2022-22973 VMware Vulnerability	Resolved	7/14/2022
CVE-2022-22972	CVE-2022-22972 VMware Vulnerability	Resolved	7/14/2022
CVE-2022-22960	CVE-2022-22960 VMware Vulnerability	Resolved	7/14/2022
CVE-2022-22954	CVE-2022-22954 VMware Vulnerability	Resolved	7/14/2022
CVE-2022-26134	CVE-2022-26134 Confluence OGNL Injection Vulnerability	Resolved	6/27/2022
CVE-2022-1388	CVE-2022-1388 F5 BIG-IP Vulnerability	Resolved	5/27/2022
CVE-2022-22965	CVE-2022-22965 Spring4Shell Vulnerability	Resolved	4/29/2022
CVE-2020-10148	CVE-2020-10148 SolarWinds SUNBURST	Resolved	12/14/2020