Daily Vulnerability Trends: Thu Feb 02 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-26485Removing an XSLT parameter during processing could have lead to an exploitable...
Vulnerabilities
femanager extension for TYPO3 security bypass |
NAME__________femanager extension for TYPO3 security bypassPlatforms Affected:TYPO3 Femanager extension TYPO3 6.3.0 TYPO3 femanager extension for TYPO3 6.0.0 TYPO3 femanager extension...
Apache Portable Runtime (APR) integer overflow | CVE-2022-28331
NAME__________Apache Portable Runtime (APR) integer overflowPlatforms Affected:Apache Portable Runtime 1.7.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Portable Runtime (APR) could allow a remote...
EFence SQL injection | CVE-2023-22900
NAME__________EFence SQL injectionPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________EFence is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements...
Apache Portable Runtime (APR) integer overflow | CVE-2022-24963
NAME__________Apache Portable Runtime (APR) integer overflowPlatforms Affected:Apache Portable Runtime 1.7.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Portable Runtime (APR) could allow a remote...
Apache Portable Runtime (APR) integer overflow | CVE-2022-25147
NAME__________Apache Portable Runtime (APR) integer overflowPlatforms Affected:Apache Portable Runtime 1.6.1Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Portable Runtime (APR) could allow a remote...
ContentStudio Plugin for WordPress security bypass | CVE-2023-0558
NAME__________ContentStudio Plugin for WordPress security bypassPlatforms Affected:WordPress ContentStudio Plugin for WordPress 1.2.5Risk Level:8.2Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________ContentStudio Plugin for WordPress could allow...
ChangingTech MegaServiSignAdapter code execution | CVE-2022-39060
NAME__________ChangingTech MegaServiSignAdapter code executionPlatforms Affected:ChangingTech MegaServiSignAdapter 1.0.17.0823Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ChangingTech MegaServiSignAdapter could allow a remote attacker to execute arbitrary code...
FreshTomato command execution | CVE-2022-42484
NAME__________FreshTomato command executionPlatforms Affected:FreshTomato FreshTomato 2022.5Risk Level:9.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________FreshTomato could allow a remote authenticated attacker to execute arbitrary commands on...
Apache Linkis code execution | CVE-2022-44645
NAME__________Apache Linkis code executionPlatforms Affected:Apache Linkis 1.3.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Linkis could allow a remote authenticated attacker to execute arbitrary...
BaiCells Nova 227, Nova 233, Nova 243, and Nova 246 LTE TDD eNodeB devices code execution | CVE-2023-24508
NAME__________BaiCells Nova 227, Nova 233, Nova 243, and Nova 246 LTE TDD eNodeB devices code executionPlatforms Affected:BaiCells Nova 246 RTS/RTD...
Daily Vulnerability Trends: Wed Feb 01 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-47966Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow...
QNAP running QTS and running QTS code execution | CVE-2022-27596
NAME__________QNAP running QTS and running QTS code executionPlatforms Affected:QNAP QTS 5.0.1 QNAP QuTS hero h5.0.1Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________QNAP running QTS...
OpenMage LTS command execution | CVE-2021-39217
NAME__________OpenMage LTS command executionPlatforms Affected:OpenMage Magento-lts 20.0.8 OpenMage Magento-lts 19.4.12Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________OpenMage LTS could allow a remote authenticated attacker...
OpenMage LTS code execution | CVE-2021-41144
NAME__________OpenMage LTS code executionPlatforms Affected:OpenMage Magento-lts 20.0.8 OpenMage Magento-lts 19.4.12Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________OpenMage LTS could allow a remote authenticated attacker...
BaiCells Nova 227, Nova 233, Nova 243, and Nova 246 LTE TDD eNodeB devices code execution | CVE-2023-24508
NAME__________BaiCells Nova 227, Nova 233, Nova 243, and Nova 246 LTE TDD eNodeB devices code executionPlatforms Affected:BaiCells Nova 246 RTS/RTD...
Discourse denial of service | CVE-2023-23621
NAME__________Discourse denial of servicePlatforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Discourse is vulnerable to a denial of service, caused by a regular...
Eta code execution | CVE-2022-25967
NAME__________Eta code executionPlatforms Affected:Eta Eta 1.14.2Risk Level:8.1Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Eta could allow a remote attacker to execute arbitrary code...
Siretta QUARTZ-GOLD command execution | CVE-2022-42490
NAME__________Siretta QUARTZ-GOLD command executionPlatforms Affected:Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Siretta QUARTZ-GOLD could allow a remote attacker to execute arbitrary commands...
Daily Vulnerability Trends: Tue Jan 31 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-35394Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool...
BaiCells Nova 227, Nova 233, Nova 243, and Nova 246 LTE TDD eNodeB devices code execution | CVE-2023-24508
NAME__________BaiCells Nova 227, Nova 233, Nova 243, and Nova 246 LTE TDD eNodeB devices code executionPlatforms Affected:BaiCells Nova 246 RTS/RTD...
Daily Vulnerability Trends: Mon Jan 30 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2020-28362Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.CVE-2022-23529** REJECT...
Siretta QUARTZ-GOLD command execution |
NAME__________Siretta QUARTZ-GOLD command executionPlatforms Affected:Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Siretta QUARTZ-GOLD could allow a remote attacker to execute arbitrary commands...
Argo Project Argo CD security bypass | CVE-2023-22736
NAME__________Argo Project Argo CD security bypassPlatforms Affected:Argo Project Argo CD 2.5.7 Argo Project Argo CD 2.6.0-rc4 Argo Project Argo CD...
