Daily Vulnerability Trends: Fri Nov 18 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2019-5482Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to...
Vulnerabilities
Apache SOAP code execution | CVE-2022-45378
NAME Apache SOAP code execution Platforms Affected:Apache SOAPRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache SOAP could allow a remote attacker to execute...
Jenkins Associated Files Plugin cross-site scripting | CVE-2022-45401
NAME Jenkins Associated Files Plugin cross-site scripting Platforms Affected:Jenkins Associated Files Plugin 0.2.1Risk Level:8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION Jenkins Associated Files Plugin...
Mozilla Firefox spoofing | CVE-2022-45420
NAME Mozilla Firefox spoofing Platforms Affected:Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Mozilla Firefox could allow a remote attacker to conduct spoofing attacks,...
Mozilla Firefox spoofing | CVE-2022-45418
NAME Mozilla Firefox spoofing Platforms Affected:Mozilla Firefox 106Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Mozilla Firefox could allow a remote attacker to conduct...
Jenkins JUnit Plugin cross-site scripting | CVE-2022-45380
NAME Jenkins JUnit Plugin cross-site scripting Platforms Affected:Jenkins JUnit Plugin 1159.v0b_396e1e07ddRisk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins JUnit Plugin is vulnerable to...
Mozilla Firefox spoofing | CVE-2022-45408
NAME Mozilla Firefox spoofing Platforms Affected:Mozilla Firefox 106Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Mozilla Firefox could allow a remote attacker to conduct...
Mozilla Firefox and Firefox ESR code execution | CVE-2022-45421
NAME Mozilla Firefox and Firefox ESR code execution Platforms Affected:Mozilla Firefox 106 Mozilla Firefox ESR 102.4Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Mozilla...
Mozilla Firefox and Firefox ESR code execution | CVE-2022-45412
NAME Mozilla Firefox and Firefox ESR code execution Platforms Affected:Mozilla Firefox 106Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Mozilla Firefox and Firefox ESR...
Mozilla Firefox spoofing | CVE-2022-45404
NAME Mozilla Firefox spoofing Platforms Affected:Mozilla Firefox 106Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Mozilla Firefox could allow a remote attacker to conduct...
Apache Jena SDB code execution | CVE-2022-45136
NAME Apache Jena SDB code execution Platforms Affected:Apache Jena SDB 3.17.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache Jena SDB could allow a...
Apache MINA SSHD code execution | CVE-2022-45047
NAME Apache MINA SSHD code execution Platforms Affected:Apache MINA SSHD 2.9.1Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache MINA SSHD could allow a...
Jenkins Naginator Plugin cross-site scripting | CVE-2022-45382
NAME Jenkins Naginator Plugin cross-site scripting Platforms Affected:Jenkins Naginator Plugin 1.18.1Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Naginator Plugin is vulnerable to...
Jenkins Script Security Plugin information disclosure | CVE-2022-45379
NAME Jenkins Script Security Plugin information disclosure Platforms Affected:Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fdeRisk Level:8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Jenkins Script Security Plugin...
Mozilla Firefox security bypass | CVE-2022-45415
NAME Mozilla Firefox security bypass Platforms Affected:Mozilla Firefox 106Risk Level:8.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Mozilla Firefox could allow a remote attacker to...
Apache Airflow command execution | CVE-2022-40127
NAME Apache Airflow command execution Platforms Affected:Apache Airflow 2.3.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache Airflow could allow a remote authenticated attacker...
Wasmtime information disclosure | CVE-2022-39393
NAME Wasmtime information disclosure Platforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Wasmtime could allow a remote attacker to obtain sensitive information, caused...
F5 BIG-IP security bypass | CVE-2022-41800
NAME F5 BIG-IP security bypass Platforms Affected:F5 BIG-IP 13.1.0 F5 BIG-IP 14.1.0 F5 BIG-IP (Advanced WAF) 15.1.0 F5 BIG-IP 16.1.0...
Canteen Management System file upload | CVE-2022-43265
NAME Canteen Management System file upload Platforms Affected:Risk Level:7.3Exploitability:HighConsequences:File Manipulation DESCRIPTION Canteen Management System could allow a remote attacker to...
Jenkins BART Plugin cross-site scripting | CVE-2022-45387
NAME Jenkins BART Plugin cross-site scripting Platforms Affected:Jenkins BART Plugin 1.0.3Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins BART Plugin is vulnerable to...
F5 BIG-IP and BIG-IQ cross-site request forgery | CVE-2022-41622
NAME F5 BIG-IP and BIG-IQ cross-site request forgery Platforms Affected:F5 BIG-IP 13.1.0 F5 BIG-IP 14.1.0 F5 BIG-IP 15.1.0 F5 BIG-IQ...
Daily Vulnerability Trends: Thu Nov 17 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-40684An authentication bypass using an alternate path or channel in Fortinet FortiOS...
Daily Vulnerability Trends: Wed Nov 16 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-1802 No description provided CVE-2022-41352An issue was discovered in Zimbra Collaboration (ZCS)...
Train Scheduler App cross-site scripting | CVE-2022-43079
NAME Train Scheduler App cross-site scripting Platforms Affected:Risk Level:7.2Exploitability:HighConsequences:Data Manipulation DESCRIPTION Train Scheduler App is vulnerable to cross-site scripting, caused...
