Daily Vulnerability Trends: Sat Dec 17 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-31705VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in...
Vulnerabilities
Daily Vulnerability Trends: Thu Dec 15 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-32250net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able...
Daily Vulnerability Trends: Wed Dec 14 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-27518Unauthenticated remote arbitrary code executionCVE-2022-3602A buffer overrun can be triggered in X.509...
Daily Vulnerability Trends: Tue Dec 13 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-3602A buffer overrun can be triggered in X.509 certificate verification, specifically in...
Daily Vulnerability Trends: Mon Dec 12 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-42703mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to...
Proofpoint Enterprise Protection cross-site scripting | CVE-2022-46332
NAME Proofpoint Enterprise Protection cross-site scripting Platforms Affected:Risk Level:9.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION Proofpoint Enterprise Protection is vulnerable to cross-site scripting, caused...
Node.js pdfmake module code execution | CVE-2022-46161
NAME Node.js pdfmake module code execution Platforms Affected:Risk Level:10Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Node.js pdfmake module could allow a remote...
Cisco IP Phone 7800 and 8800 Series firmware buffer overflow | CVE-2022-20968
NAME Cisco IP Phone 7800 and 8800 Series firmware buffer overflow Platforms Affected:Cisco IP Phone 7800 Series Cisco IP Phone...
Sophos Mobile External Entity Injection | CVE-2022-3980
NAME Sophos Mobile External Entity Injection Platforms Affected:Sophos Mobile 9.7.4 Sophos Mobile 5.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Sophos Mobile is vulnerable...
Schmorpforge Software rxvt-unicode code execution | CVE-2022-4170
NAME Schmorpforge Software rxvt-unicode code execution Platforms Affected:Schmorpforge Software rxvt-unicode 9.25 Schmorpforge Software rxvt-unicode 9.26Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Schmorpforge Software...
Daily Vulnerability Trends: Sun Dec 11 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-44228Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1)...
Daily Vulnerability Trends: Sat Dec 10 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-41717An attacker can cause excessive memory growth in a Go server accepting...
PaddlePaddle code execution | CVE-2022-46742
NAME PaddlePaddle code execution Platforms Affected:Risk Level:10Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION PaddlePaddle could allow a remote attacker to execute arbitrary...
FortiOS and FortiProxy security bypass | CVE-2022-35843
NAME FortiOS and FortiProxy security bypass Platforms Affected:Fortinet FortiOS 6.0.0 Fortinet FortiOS 6.2.0 Fortinet FortiOS 6.4.0 Fortinet FortiProxy 2.0.0 Fortinet...
Sophos firewall command execution | CVE-2022-3226
NAME Sophos firewall command execution Platforms Affected:Sophos Firewall 19.4Risk Level:9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Sophos firewall could allow a remote autheticated attacker...
Node.js simple-git module code execution | CVE-2022-25912
NAME Node.js simple-git module code execution Platforms Affected:Node.js simple-git 3.14.1Risk Level:8.1Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Node.js simple-git module could allow...
Aruba Networks ClearPass Policy Manager SQL injection | CVE-2022-43530
NAME Aruba Networks ClearPass Policy Manager SQL injection Platforms Affected:Aruba Networks ClearPass Policy Manager 6.9 Aruba Networks ClearPass Policy Manager...
daloRADIUS cross-site scripting | CVE-2022-23475
NAME daloRADIUS cross-site scripting Platforms Affected:daloRADIUS daloRADIUS 1.2Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION daloRADIUS is vulnerable to cross-site scripting, caused by improper...
Sophos firewall code execution | CVE-2022-3713
NAME Sophos firewall code execution Platforms Affected:Sophos Firewall 19.4Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Sophos firewall could allow a remote attacker to...
Sophos firewall cross-site scripting | CVE-2022-3709
NAME Sophos firewall cross-site scripting Platforms Affected:Sophos Firewall 19.4Risk Level:8.4Exploitability:HighConsequences:Gain Access DESCRIPTION Sophos firewall is vulnerable to cross-site scripting, caused...
Daily Vulnerability Trends: Thu Dec 08 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-22555A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c....
Lazy Mouse app for Android code execution | CVE-2022-45481
NAME Lazy Mouse app for Android code execution Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Lazy Mouse app for Android could allow...
Cacti command injection | CVE-2022-46169
NAME Cacti command injection Platforms Affected:Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Cacti could allow a remote attacker to execute arbitrary...
Alarm instance management command execution | CVE-2022-45462
NAME Alarm instance management command execution Platforms Affected:Alarm instance management Alarm instance managementRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Alarm instance management could...
