Daily Vulnerability Trends: Tue Feb 28 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2020-28362Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.CVE-2023-0179 No...
Vulnerabilities
Cisco Firepower 4100, 9300 Security Appliances, and UCS Fabric Interconnects command execution | CVE-2023-20015
NAME__________Cisco Firepower 4100, 9300 Security Appliances, and UCS Fabric Interconnects command executionPlatforms Affected:Cisco UCS 6200 Series Fabric Interconnects Cisco UCS...
Audiocodes Device Manager Express directory traversal | CVE-2022-24629
NAME__________Audiocodes Device Manager Express directory traversalPlatforms Affected:Audiocodes Device Manager Express 7.8.20002.47752Risk Level:4.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Audiocodes Device Manager Expresscould allow a remote...
Daily Vulnerability Trends: Mon Feb 27 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-46877By confusing the browser, the fullscreen notification could have been delayed or...
Apple iOS, iPadOS and macOS Ventura privilege escalation | CVE-2023-23530
NAME__________Apple iOS, iPadOS and macOS Ventura privilege escalationPlatforms Affected:Apple macOS Ventura 13.1 Apple iOS 16.2 Apple iPadOS 16.2Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges...
Apple iOS, iPadOS and macOS Ventura information disclosure | CVE-2023-23520
NAME__________Apple iOS, iPadOS and macOS Ventura information disclosurePlatforms Affected:Apple macOS Ventura 13.1 Apple iOS 16.2 Apple iPadOS 16.2Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information...
Cisco Firepower 4100, 9300 Security Appliances, and UCS Fabric Interconnects command execution | CVE-2023-20015
NAME__________Cisco Firepower 4100, 9300 Security Appliances, and UCS Fabric Interconnects command executionPlatforms Affected:Cisco UCS 6200 Series Fabric Interconnects Cisco UCS...
Apple iOS, iPadOS and macOS Ventura privilege escalation | CVE-2023-23531
NAME__________Apple iOS, iPadOS and macOS Ventura privilege escalationPlatforms Affected:Apple macOS Ventura 13.1 Apple iOS 16.2 Apple iPadOS 16.2Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges...
JetBrains TeamCity weak security | CVE-2022-48342
NAME__________JetBrains TeamCity weak securityPlatforms Affected:Risk Level:5.2Exploitability:UnprovenConsequences:Configuration DESCRIPTION__________JetBrains TeamCity could provide weaker than expected security, caused by jVMTI being enabled by...
Bumsys cross-site scripting | CVE-2023-0995
NAME__________Bumsys cross-site scriptingPlatforms Affected:Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Bumsys is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...
JetBrains TeamCity cross-site scripting | CVE-2022-48344
NAME__________JetBrains TeamCity cross-site scriptingPlatforms Affected:Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________JetBrains TeamCity is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
MuYuCMS directory traversal | CVE-2023-1002
NAME__________MuYuCMS directory traversalPlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________MuYuCMS could allow a remote attacker to traverse directories on the system, caused by...
JetBrains TeamCity cross-site scripting | CVE-2022-48343
NAME__________JetBrains TeamCity cross-site scriptingPlatforms Affected:Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________JetBrains TeamCity is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Gradio default account | CVE-2023-25823
NAME__________Gradio default accountPlatforms Affected:Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Gradio contains default hardcoded credentials. A remote attacker could exploit this vulnerability to gain...
Cisco Firepower 4100, 9300 Security Appliances, and UCS Fabric Interconnects command execution | CVE-2023-20015
NAME__________Cisco Firepower 4100, 9300 Security Appliances, and UCS Fabric Interconnects command executionPlatforms Affected:Cisco UCS 6200 Series Fabric Interconnects Cisco UCS...
Sales Tracker Management System SQL injection | CVE-2023-0986
NAME__________Sales Tracker Management System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Sales Tracker Management System is vulnerable to SQL injection. A remote...
Sourcecodester Medical Certificate Generator App cross-site scripting | CVE-2023-1006
NAME__________Sourcecodester Medical Certificate Generator App cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Sourcecodester Medical Certificate Generator App is vulnerable to cross-site scripting,...
SquaredUp Dashboard Server cross-site scripting | CVE-2022-46785
NAME__________SquaredUp Dashboard Server cross-site scriptingPlatforms Affected:Risk Level:6.1Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________SquaredUp Dashboard Server SCOM Edition, SquaredUp Dashboard Server Azure Edition, and SquaredUp...
SquaredUp Dashboard Server open redirect | CVE-2022-46784
NAME__________SquaredUp Dashboard Server open redirectPlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Other DESCRIPTION__________SquaredUp Dashboard Server SCOM Edition, SquaredUp Dashboard Server Azure Edition, and SquaredUp Dashboard...
mod-gnutls denial of service | CVE-2023-25824
NAME__________mod-gnutls denial of servicePlatforms Affected:mod_gnutls mod_gnutls 0.12.0 mod_gnutls mod_gnutls 0.9.0Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________mod-gnutls is vulnerable to a denial of...
IBM Maximo Application Suite information disclosure | CVE-2022-43923
NAME__________IBM Maximo Application Suite information disclosurePlatforms Affected:IBM Maximo Application Suite 8.8.0 IBM Maximo Application Suite 8.9.0Risk Level:6.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM Maximo...
Online Pizza Ordering System cross-site request forgery | CVE-2023-0988
NAME__________Online Pizza Ordering System cross-site request forgeryPlatforms Affected:Risk Level:4.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Online Pizza Ordering System is vulnerable to cross-site...
Apple iOS, iPadOS and macOS Ventura information disclosure | CVE-2023-23520
NAME__________Apple iOS, iPadOS and macOS Ventura information disclosurePlatforms Affected:Apple macOS Ventura 13.1 Apple iOS 16.2 Apple iPadOS 16.2Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information...
Apple iOS, iPadOS and macOS Ventura privilege escalation | CVE-2023-23531
NAME__________Apple iOS, iPadOS and macOS Ventura privilege escalationPlatforms Affected:Apple macOS Ventura 13.1 Apple iOS 16.2 Apple iPadOS 16.2Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges...
