Vulnerabilities

SWHKD command execution |

April 17, 2022

NAME SWHKD command execution Platforms Affected:SWHKD SWHKD 1.1.5Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION SWHKD could allow a remote attacker to execute arbitrary...

Jenkins Extended Choice Parameter Plugin cross-site scripting | CVE-2022-29038

April 15, 2022

NAME Jenkins Extended Choice Parameter Plugin cross-site scripting Platforms Affected:Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86cRisk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Extended...

MinIO privilege escalation | CVE-2022-24842

April 15, 2022

NAME MinIO privilege escalation Platforms Affected:MinIO MinIO RELEASE.2021-12-09T06-19-41ZRisk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION MinIO could allow a remote authenticated attacker to gain...

Microsoft Windows Kerberos code execution | CVE-2022-24545

April 15, 2022

NAME Microsoft Windows Kerberos code execution Platforms Affected:Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 10 1809 for...

Aethon TUG Home Base Server information disclosure | CVE-2022-26423

April 15, 2022

NAME Aethon TUG Home Base Server information disclosure Platforms Affected:Aethon TUG Home Base Server 23 Aethon TUG Home Base Server...

Citrix XenMobile Server code execution | CVE-2022-26151

April 15, 2022

NAME Citrix XenMobile Server code execution Platforms Affected:Citrix XenMobile Server 10.13.0 Citrix XenMobile Server 10.14.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Citrix XenMobile...

Johnson Controls Metasys information disclosure | CVE-2021-36205

April 15, 2022

NAME Johnson Controls Metasys information disclosure Platforms Affected:Johnson Controls Metasys 10 Johnson Controls Metasys 11Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Johnson Controls...

Delta Controls enteliTOUCH cross-site scripting |

April 15, 2022

NAME Delta Controls enteliTOUCH cross-site scripting Platforms Affected:Delta Controls enteliTOUCH 3.40.3935 Delta Controls enteliTOUCH 3.40.3706 Delta Controls enteliTOUCH 3.33.4005Risk Level:7.2Exploitability:HighConsequences:Cross-Site...

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family denial of service | CVE-2022-20682

April 15, 2022

NAME Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family denial of service Platforms Affected:Cisco Catalyst 9800 Series...

Vyper integer overflow | CVE-2022-24845

April 15, 2022

NAME Vyper integer overflow Platforms Affected:Vyper Vyper 0.3.1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Vyper could allow a remote attacker to execute arbitrary...

Cisco IOS XE Software denial of service | CVE-2022-20678

April 15, 2022

NAME Cisco IOS XE Software denial of service Platforms Affected:Cisco IOS XE Software Cisco Cloud Services Router 1000V Series Cisco...

Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers denial of service | CVE-2022-20683

April 15, 2022

NAME Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers denial of service Platforms Affected:Cisco Catalyst 9800 Series...

Microsoft Windows Hyper-V Shared Virtual Hard Disks information disclosure | CVE-2022-24539

April 15, 2022

NAME Microsoft Windows Hyper-V Shared Virtual Hard Disks information disclosure Platforms Affected:Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft...

Jenkins Jira Plugin cross-site scripting | CVE-2022-29041

April 15, 2022

NAME Jenkins Jira Plugin cross-site scripting Platforms Affected:Jenkins Jira Plugin 3.7Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Jira Plugin is vulnerable to...

FLIPPED-AURORA Gin-vue-admin SQL injection | CVE-2022-24844

April 15, 2022

NAME FLIPPED-AURORA Gin-vue-admin SQL injection Platforms Affected:FLIPPED-AURORA Gin-vue-admin 2.5.0Risk Level:8.1Exploitability:HighConsequences:Data Manipulation DESCRIPTION FLIPPED-AURORA Gin-vue-admin is vulnerable to SQL injection. A...

McAfee ePolicy Orchestrator extension for McAfee Agent SQL injection | CVE-2022-1258

April 15, 2022

NAME McAfee ePolicy Orchestrator extension for McAfee Agent SQL injection Platforms Affected:McAfee ePO Extension for McAfee Agent 4.0 McAfee ePO...

Aethon TUG Home Base Server security bypass | CVE-2022-1066

April 15, 2022

NAME Aethon TUG Home Base Server security bypass Platforms Affected:Aethon TUG Home Base Server 23 Aethon TUG Home Base Server...

Microsoft Visual Studio code execution | CVE-2022-24765

April 15, 2022

NAME Microsoft Visual Studio code execution Platforms Affected:Microsoft Visual Studio 2019 16.0 Microsoft Visual Studio 2019 16.1 Microsoft Visual Studio...

Jenkins Credentials Plugin cross-site scripting | CVE-2022-29036

April 15, 2022

NAME Jenkins Credentials Plugin cross-site scripting Platforms Affected:Jenkins Credentials Plugin 1111.v35a_307992395Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Credentials Plugin is vulnerable to...

Jenkins Git Parameter Plugin cross-site scripting | CVE-2022-29040

April 15, 2022

NAME Jenkins Git Parameter Plugin cross-site scripting Platforms Affected:Jenkins Git Parameter Plugin 0.9.15Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Git Parameter Plugin...

Aethon TUG Home Base Server cross-site scripting | CVE-2022-27494

April 15, 2022

NAME Aethon TUG Home Base Server cross-site scripting Platforms Affected:Aethon TUG Home Base Server 23 Aethon TUG Home Base Server...

GeoWebCache code execution | CVE-2022-24846

April 15, 2022

NAME GeoWebCache code execution Platforms Affected:GeoWebCache GeoWebCache 1.19.2 GeoWebCache GeoWebCache 1.20.1Risk Level:9.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Geowebcache could allow a remote authenticated...

Grafana privilege escalation | CVE-2022-24812

April 15, 2022

NAME Grafana privilege escalation Platforms Affected:Grafana Grafana Enterprise 8.1.0 Grafana Grafana Enterprise 8.4.5Risk Level:8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Grafana could allow a...

Juniper Networks Junos OS cross-site scripting | CVE-2022-22182

April 15, 2022

NAME Juniper Networks Junos OS cross-site scripting Platforms Affected:Juniper Networks Junos OS 15.1 Juniper Networks Junos OS 18.3 Juniper Networks...

Vulnerabilities

SWHKD command execution |

Jenkins Extended Choice Parameter Plugin cross-site scripting | CVE-2022-29038

MinIO privilege escalation | CVE-2022-24842

Microsoft Windows Kerberos code execution | CVE-2022-24545

Aethon TUG Home Base Server information disclosure | CVE-2022-26423

Citrix XenMobile Server code execution | CVE-2022-26151

Johnson Controls Metasys information disclosure | CVE-2021-36205

Delta Controls enteliTOUCH cross-site scripting |

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family denial of service | CVE-2022-20682

Vyper integer overflow | CVE-2022-24845

Cisco IOS XE Software denial of service | CVE-2022-20678

Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers denial of service | CVE-2022-20683

Microsoft Windows Hyper-V Shared Virtual Hard Disks information disclosure | CVE-2022-24539

Jenkins Jira Plugin cross-site scripting | CVE-2022-29041

FLIPPED-AURORA Gin-vue-admin SQL injection | CVE-2022-24844

McAfee ePolicy Orchestrator extension for McAfee Agent SQL injection | CVE-2022-1258

Aethon TUG Home Base Server security bypass | CVE-2022-1066

Microsoft Visual Studio code execution | CVE-2022-24765

Jenkins Credentials Plugin cross-site scripting | CVE-2022-29036

Jenkins Git Parameter Plugin cross-site scripting | CVE-2022-29040

Aethon TUG Home Base Server cross-site scripting | CVE-2022-27494

GeoWebCache code execution | CVE-2022-24846

Grafana privilege escalation | CVE-2022-24812

Juniper Networks Junos OS cross-site scripting | CVE-2022-22182

CISA: Microsoft Releases January 2025 Security Updates

CVE Alert: CVE-2024-52938

CVE Alert: CVE-2024-56065

CVE Alert: CVE-2025-22828

CVE Alert: CVE-2024-56301

You may have missed