Vim code execution | CVE-2022-3352
NAME Vim code execution Platforms Affected:Vim Vim 9.0.0613Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Vim could allow a remote attacker to...
Vulnerabilities
SolarWinds Orion Platform cross-site scripting | CVE-2022-36965
NAME SolarWinds Orion Platform cross-site scripting Platforms Affected:SolarWinds Orion Platform 2022.2Risk Level:7.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION SolarWinds Orion Platform is vulnerable to...
Node.js deriv-api-product module code execution |
NAME Node.js deriv-api-product module code execution Platforms Affected:Node.js deriv-api-productRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js deriv-api-product module could allow a remote attacker...
Node.js apl-client12345 module code execution |
NAME Node.js apl-client12345 module code execution Platforms Affected:Node.js apl-client12345Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js apl-client12345 module could allow a remote attacker...
Node.js hyperwallet-node module code execution |
NAME Node.js hyperwallet-node module code execution Platforms Affected:Node.js hyperwallet-nodeRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js hyperwallet-node module could allow a remote attacker...
Node.js y0ngtest module code execution |
NAME Node.js y0ngtest module code execution Platforms Affected:Node.js y0ngtestRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js y0ngtest module could allow a remote attacker...
Node.js flp_hk module code execution |
NAME Node.js flp_hk module code execution Platforms Affected:Node.js flp_hkRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js flp_hk module could allow a remote attacker...
Node.js @cat-digital-workspace/shared-ui-core module code execution |
NAME Node.js @cat-digital-workspace/shared-ui-core module code execution Platforms Affected:Node.js @cat-digital-workspace/shared-ui-coreRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js @cat-digital-workspace/shared-ui-core module could allow a remote attacker...
Node.js chia-docs module code execution |
NAME Node.js chia-docs module code execution Platforms Affected:Node.js chia-docsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js chia-docs module could allow a remote attacker...
Sourcecodester Best Student Result Management System SQL injection | CVE-2022-40887
NAME Sourcecodester Best Student Result Management System SQL injection Platforms Affected:Sourcecodester Best Student Result Management System 1.0Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION...
Node.js yyzreverseshell4 module code execution |
NAME Node.js yyzreverseshell4 module code execution Platforms Affected:Node.js yyzreverseshell4Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js yyzreverseshell4 module could allow a remote attacker...
SolarWinds Orion Platform privilege escalation | CVE-2022-36961
NAME SolarWinds Orion Platform privilege escalation Platforms Affected:SolarWinds Orion Platform 2022.2Risk Level:8Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION SolarWinds Orion Platform could allow a...
Node.js whitebit-docs module code execution |
NAME Node.js whitebit-docs module code execution Platforms Affected:Node.js whitebit-docsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js whitebit-docs module could allow a remote attacker...
Discourse file upload | CVE-2022-36066
NAME Discourse file upload Platforms Affected:Discourse Discourse 2.9.0.beta5 Discourse Discourse 2.9.0.beta9Risk Level:9.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Discourse could allow a remote authenticated...
Node.js s23fun module code execution |
NAME Node.js s23fun module code execution Platforms Affected:Node.js s23funRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js s23fun module could allow a remote attacker...
Node.js flashloan module code execution |
NAME Node.js flashloan module code execution Platforms Affected:Node.js flashloanRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js flashloan module could allow a remote attacker...
Google Chrome Custom Elements code execution | CVE-2022-3370
NAME Google Chrome Custom Elements code execution Platforms Affected:Google Chrome 106.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote...
Chamilo code execution | CVE-2022-40407
NAME Chamilo code execution Platforms Affected:Chamilo Chamilo 1.11.16Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Chamilo could allow a remote authenticated attacker to execute...
Node.js tangeshaiou module code execution |
NAME Node.js tangeshaiou module code execution Platforms Affected:Node.js tangeshaiouRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js tangeshaiou module could allow a remote attacker...
Node.js binary-bot module code execution |
NAME Node.js binary-bot module code execution Platforms Affected:Node.js binary-botRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js binary-bot module could allow a remote attacker...
Node.js namatnawbyteweb6 module code execution |
NAME Node.js namatnawbyteweb6 module code execution Platforms Affected:Node.js namatnawbyteweb6Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js namatnawbyteweb6 module could allow a remote attacker...
Node.js apl-client module code execution |
NAME Node.js apl-client module code execution Platforms Affected:Node.js apl-clientRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js apl-client module could allow a remote attacker...
Daily Vulnerability Trends: Sat Oct 01 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-31813Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers...
Carlo Gavazzi UWP and CPY Car Park Server cross-site scripting | CVE-2022-28816
NAME Carlo Gavazzi UWP and CPY Car Park Server cross-site scripting Platforms Affected:Carlo Gavazzi UWP 3.0 Carlo Gavazzi CPY Car...
