Daily Vulnerability Trends: Sat Nov 05 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-32250net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able...
Vulnerabilities
Cisco Identity Services Engine cross-site request forgery | CVE-2022-20961
NAME Cisco Identity Services Engine cross-site request forgery Platforms Affected:Cisco Identity Services Engine 2.2 Cisco Identity Services Engine 2.6 Patch...
Cisco BroadWorks CommPilot Application Software code execution | CVE-2022-20958
NAME Cisco BroadWorks CommPilot Application Software code execution Platforms Affected:Cisco BroadWorks CommPilot Application SoftwareRisk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Cisco BroadWorks CommPilot...
Canteen Management System SQL injection | CVE-2022-43232
NAME Canteen Management System SQL injection Platforms Affected:Risk Level:7.2Exploitability:HighConsequences:Data Manipulation DESCRIPTION Canteen Management System is vulnerable to SQL injection. A...
Cisco Identity Services Engine security bypass | CVE-2022-20956
NAME Cisco Identity Services Engine security bypass Platforms Affected:Cisco Identity Services EngineRisk Level:8.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Cisco Identity Services Engine could...
Daily Vulnerability Trends: Fri Nov 04 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2202-3602 No description provided CVE-2022-31692Spring Security, versions 5.7 prior to 5.7.5 and...
Fortinet FortiADC cross-site scripting | CVE-2022-35851
NAME Fortinet FortiADC cross-site scripting Platforms Affected:Fortinet FortiADC 7.1.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Fortinet FortiADC is vulnerable to cross-site scripting, caused...
Fortinet FortiADC cross-site scripting | CVE-2022-38374
NAME Fortinet FortiADC cross-site scripting Platforms Affected:Fortinet FortiADC 6.2.0 Fortinet FortiADC 7.0.2 Fortinet FortiADC 7.0.0 Fortinet FortiADC 6.2.4Risk Level:8.8Exploitability:HighConsequences:Cross-Site Scripting...
Sanitization Management System SQL injection | CVE-2022-43355
NAME Sanitization Management System SQL injection Platforms Affected:Risk Level:7.2Exploitability:HighConsequences:Data Manipulation DESCRIPTION Sanitization Management System is vulnerable to SQL injection. A...
XenSource Xen Xenstore privilege escalation | CVE-2022-42320
NAME XenSource Xen Xenstore privilege escalation Platforms Affected:XenSource XenRisk Level:8.4Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION XenSource Xen could allow a local attacker to...
IP-COM EW9 command execution | CVE-2022-43367
NAME IP-COM EW9 command execution Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION IP-COM EW9 could allow a remote attacker to execute arbitrary...
Fortinet FortiAnalyzer and Fortinet FortiManager cross-site scripting | CVE-2022-39950
NAME Fortinet FortiAnalyzer and Fortinet FortiManager cross-site scripting Platforms Affected:Risk Level:8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION Fortinet FortiAnalyzer and Fortinet FortiManager are vulnerable...
Daily Vulnerability Trends: Thu Nov 03 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-22241An Improper Input Validation vulnerability in the J-Web component of Juniper Networks...
Daily Vulnerability Trends: Wed Nov 02 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-3786A buffer overrun can be triggered in X.509 certificate verification, specifically in...
xf-test-csrf |
NAME xf-test-csrf Platforms Affected:Risk Level:10Exploitability:FunctionalConsequences: DESCRIPTION xf-test-csrf CVSS 3.0 Information Privileges Required: NoneUser Interaction: NoneScope: UnchangedAccess Vector: Access Complexity: LowConfidentiality...
Daily Vulnerability Trends: Tue Nov 01 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-42889Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated...
Apache Geode cross-site scripting | CVE-2022-34870
NAME Apache Geode cross-site scripting Platforms Affected:Apache Geode 1.15.0Risk Level:7.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Apache Geode is vulnerable to cross-site scripting, caused...
Daily Vulnerability Trends: Sun Oct 30 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-40684An authentication bypass using an alternate path or channel in Fortinet FortiOS...
Apache Flume code execution | CVE-2022-42468
NAME Apache Flume code execution Platforms Affected:Apache Flume 1.4.0 Apache Flume 1.5.0 Apache Flume 1.6.0 Apache Flume 1.7.0 Apache Flume...
GnuPG Libksba buffer overflow | CVE-2022-3515
NAME GnuPG Libksba buffer overflow Platforms Affected:GnuPG Libksba 1.6.1Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION GnuPG Libksba could allow a remote attacker to...
Apache Linkis code execution | CVE-2022-39944
NAME Apache Linkis code execution Platforms Affected:Apache Linkis 1.0.0 Apache Linkis 1.1.0 Apache Linkis 1.2.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache Linkis...
Google Chrome V8 code execution | CVE-2022-3723
NAME Google Chrome V8 code execution Platforms Affected:Google Chrome 107.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...
cURL libcurl security bypass | CVE-2022-32221
NAME cURL libcurl security bypass Platforms Affected:cURL libcurl 7.7 cURL libcurl 7.85.0Risk Level:8.2Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION cURL libcurl could allow a...
Daily Vulnerability Trends: Sat Oct 29 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-39144A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262),...
