Vulnerabilities

Zephyr code execution | CVE-2022-1041

July 27, 2022

NAME Zephyr code execution Platforms Affected:Zephyr Project Zephyr 3.0Risk Level:8.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Zephyr could allow a remote authenticated attacker to...

Node.js wm-accounts-sdk module code execution |

July 27, 2022

NAME Node.js wm-accounts-sdk module code execution Platforms Affected:Node.js wm-accounts-sdkRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js wm-accounts-sdk module could allow a remote attacker...

Cloudflare WARP Client security bypass | CVE-2022-2225

July 27, 2022

NAME Cloudflare WARP Client security bypass Platforms Affected:Cloudflare WARP Client for Windows 2022.5 Cloudflare WARP Client for Linux 2022.5 Cloudflare...

Node.js support-center-components module code execution |

July 27, 2022

NAME Node.js support-center-components module code execution Platforms Affected:Node.js support-center-componentsRisk Level:9.8Exploitability:HighConsequences:Gain Access DESCRIPTION Node.js support-center-components module could allow a remote attacker...

Node.js wm-shared-consts module code execution |

July 27, 2022

NAME Node.js wm-shared-consts module code execution Platforms Affected:Node.js wm-shared-constsRisk Level:9.8Exploitability:HighConsequences:Gain Access DESCRIPTION Node.js wm-shared-consts module could allow a remote attacker...

Zephyr code execution | CVE-2022-1042

July 27, 2022

Mozilla Firefox code execution | CVE-2022-36320

July 27, 2022

NAME Mozilla Firefox code execution Platforms Affected:Mozilla Firefox 102Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Mozilla Firefox could allow a remote attacker to...

Orange Station Garage Billing Software login.php file upload |

July 27, 2022

NAME Orange Station Garage Billing Software login.php file upload Platforms Affected:Sourcecodester Orange Station Garage Billing Software 1.0Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain...

Node.js defisaver-v3-contracts-test module code execution |

July 27, 2022

NAME Node.js defisaver-v3-contracts-test module code execution Platforms Affected:Node.js defisaver-v3-contracts-testRisk Level:9.8Exploitability:HighConsequences:Gain Access DESCRIPTION Node.js defisaver-v3-contracts-test module could allow a remote attacker...

SonicWall urges customers to patch critical SQL injection bug ASAP

July 27, 2022

Cybersecurity hardware company, SonicWall, recently released a public security notice about a critical SQL injection flaw affecting its GMS (Global...

Daily Vulnerability Trends: Wed Jul 27 2022

July 27, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-34906A hard-coded cryptographic key is used in FileWave before 14.6.3 and 14.7.x...

Node.js amplify-category-api-e2e-core module code execution |

July 26, 2022

NAME Node.js amplify-category-api-e2e-core module code execution Platforms Affected:Node.js amplify-category-api-e2e-coreRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js amplify-category-api-e2e-core module could allow a remote attacker...

Apple iOS, iPadOS, and tvOS buffer overflow | CVE-2022-32788

July 26, 2022

NAME Apple iOS, iPadOS, and tvOS buffer overflow Platforms Affected:Apple iOS 15.5 Apple iPadOS 15.5 Apple tvOS 15.5Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access...

Node.js owncloud-guests module code execution |

July 26, 2022

NAME Node.js owncloud-guests module code execution Platforms Affected:Node.js owncloud-guestsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js owncloud-guests module could allow a remote attacker...

Node.js employers-routes module code execution |

July 26, 2022

NAME Node.js employers-routes module code execution Platforms Affected:Node.js employers-routesRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js employers-routes module could allow a remote attacker...

Node.js dependencies-zksync module code execution |

July 26, 2022

NAME Node.js dependencies-zksync module code execution Platforms Affected:Node.js dependencies-zksyncRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js dependencies-zksync module could allow a remote attacker...

Node.js defi-interfaces module code execution |

July 26, 2022

NAME Node.js defi-interfaces module code execution Platforms Affected:Node.js defi-interfacesRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js defi-interfaces module could allow a remote attacker...

Node.js lido-dao-test-dp module code execution |

July 26, 2022

NAME Node.js lido-dao-test-dp module code execution Platforms Affected:Node.js lido-dao-test-dpRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js lido-dao-test-dp module could allow a remote attacker...

Node.js route-sonar module code execution |

July 26, 2022

NAME Node.js route-sonar module code execution Platforms Affected:Node.js route-sonarRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js route-sonar module could allow a remote attacker...

Node.js elementor-developers-docs module code execution |

July 26, 2022

NAME Node.js elementor-developers-docs module code execution Platforms Affected:Node.js elementor-developers-docsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js elementor-developers-docs module could allow a remote attacker...

WAVLINK WN535K2 and WN535K3 command execution | CVE-2022-2486

July 26, 2022

NAME WAVLINK WN535K2 and WN535K3 command execution Platforms Affected:Wavlink WN535K2 Wavlink WN535K3Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION WAVLINK WN535K2 and WN535K3 could...

Node.js @acrontum/filesystem-template module command execution | CVE-2022-21186

July 26, 2022

NAME Node.js @acrontum/filesystem-template module command execution Platforms Affected:Node.js @acrontum/filesystem-template 0.0.1Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Node.js @acrontum/filesystem-template module could allow...

Node.js wm-accounts-auth module code execution |

July 26, 2022

NAME Node.js wm-accounts-auth module code execution Platforms Affected:Node.js wm-accounts-authRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js wm-accounts-auth module could allow a remote attacker...

Skyhigh Secure Web Gateway security bypass | CVE-2022-2310

July 26, 2022

NAME Skyhigh Secure Web Gateway security bypass Platforms Affected:Trellix Skyhigh Secure Web Gateway 11.0 Trellix Skyhigh Secure Web Gateway 11.2.0...

Vulnerabilities

Zephyr code execution | CVE-2022-1041

Node.js wm-accounts-sdk module code execution |

Cloudflare WARP Client security bypass | CVE-2022-2225

Node.js support-center-components module code execution |

Node.js wm-shared-consts module code execution |

Zephyr code execution | CVE-2022-1042

Mozilla Firefox code execution | CVE-2022-36320

Orange Station Garage Billing Software login.php file upload |

Node.js defisaver-v3-contracts-test module code execution |

SonicWall urges customers to patch critical SQL injection bug ASAP

Daily Vulnerability Trends: Wed Jul 27 2022

Node.js amplify-category-api-e2e-core module code execution |

Apple iOS, iPadOS, and tvOS buffer overflow | CVE-2022-32788

Node.js owncloud-guests module code execution |

Node.js employers-routes module code execution |

Node.js dependencies-zksync module code execution |

Node.js defi-interfaces module code execution |

Node.js lido-dao-test-dp module code execution |

Node.js route-sonar module code execution |

Node.js elementor-developers-docs module code execution |

WAVLINK WN535K2 and WN535K3 command execution | CVE-2022-2486

Node.js @acrontum/filesystem-template module command execution | CVE-2022-21186

Node.js wm-accounts-auth module code execution |

Skyhigh Secure Web Gateway security bypass | CVE-2022-2310

CVE Alert: CVE-2025-27839

CVE Alert: CVE-2025-1261

CVE Alert: CVE-2024-12460

CVE Alert: CVE-2024-13890

CVE Alert: CVE-2025-1504

You may have missed