RubyGems cgi gem HTTP response splitting | CVE-2021-33621
NAME RubyGems cgi gem HTTP response splitting Platforms Affected:RubyGems cgi gem 0.1.0 RubyGems cgi gem 0.1.0.1 RubyGems cgi gem 0.1.1...
Vulnerabilities
Optilink Networks OP-XT71000N devices cross-site request forgery | CVE-2020-23592
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices...
Apache Airflow Pig Provider and Apache Airflow command execution | CVE-2022-40189
NAME Apache Airflow Pig Provider and Apache Airflow command execution Platforms Affected:Apache Airflow 2.2.5 Apache Airflow Pig Provider 3.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain...
Optilink Networks OP-XT71000N devices command execution | CVE-2020-23583
NAME Optilink Networks OP-XT71000N devices command execution Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices could...
Optilink Networks OP-XT71000N devices cross-site request forgery | CVE-2020-23593
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices...
Daily Vulnerability Trends: Thu Nov 24 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-41049Windows Mark of the Web Security Feature Bypass Vulnerability. This CVE ID...
wpForo Forum plugin for WordPress cross-site request forgery | CVE-2022-40192
NAME wpForo Forum plugin for WordPress cross-site request forgery Platforms Affected:WordPress wpForo Forum plugin for WordPress 2.0.9Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION...
MyBB cross-site scripting | CVE-2022-43707
NAME MyBB cross-site scripting Platforms Affected:Risk Level:9.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION MyBB is vulnerable to cross-site scripting, caused by improper validation of...
Daily Vulnerability Trends: Wed Nov 23 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-45461The Java Admin Console in Veritas NetBackup through 10.1 and related Veritas...
Daily Vulnerability Trends: Tue Nov 22 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-44228Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1)...
Daily Vulnerability Trends: Mon Nov 21 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-41622 No description provided CVE-2022-20867A vulnerability in web-based management interface of the...
Daily Vulnerability Trends: Sun Nov 20 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-1388On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to...
Daily Vulnerability Trends: Sat Nov 19 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-20867A vulnerability in web-based management interface of the of Cisco Email Security...
BACKCLICK Professional session hijacking | CVE-2022-44007
NAME BACKCLICK Professional session hijacking Platforms Affected:Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION BACKCLICK Professional could allow a remote attacker to hijack a...
BACKCLICK Professional information disclosure | CVE-2022-44004
NAME BACKCLICK Professional information disclosure Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION BACKCLICK Professional could allow a remote attacker to bypass security...
BACKCLICK Professional command execution | CVE-2022-44000
NAME BACKCLICK Professional command execution Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION BACKCLICK Professional could allow a remote attacker to execute arbitrary...
BACKCLICK Professional command execution | CVE-2022-43999
NAME BACKCLICK Professional command execution Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION BACKCLICK Professional could allow a remote attacker to execute arbitrary...
Daily Vulnerability Trends: Fri Nov 18 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2019-5482Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to...
Apache SOAP code execution | CVE-2022-45378
NAME Apache SOAP code execution Platforms Affected:Apache SOAPRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache SOAP could allow a remote attacker to execute...
Jenkins Associated Files Plugin cross-site scripting | CVE-2022-45401
NAME Jenkins Associated Files Plugin cross-site scripting Platforms Affected:Jenkins Associated Files Plugin 0.2.1Risk Level:8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION Jenkins Associated Files Plugin...
Mozilla Firefox spoofing | CVE-2022-45420
NAME Mozilla Firefox spoofing Platforms Affected:Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Mozilla Firefox could allow a remote attacker to conduct spoofing attacks,...
Mozilla Firefox spoofing | CVE-2022-45418
NAME Mozilla Firefox spoofing Platforms Affected:Mozilla Firefox 106Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Mozilla Firefox could allow a remote attacker to conduct...
Jenkins JUnit Plugin cross-site scripting | CVE-2022-45380
NAME Jenkins JUnit Plugin cross-site scripting Platforms Affected:Jenkins JUnit Plugin 1159.v0b_396e1e07ddRisk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins JUnit Plugin is vulnerable to...
Mozilla Firefox spoofing | CVE-2022-45408
NAME Mozilla Firefox spoofing Platforms Affected:Mozilla Firefox 106Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Mozilla Firefox could allow a remote attacker to conduct...
