Amazon Photos vulnerability could have given attackers access to user files and data
Amazon has patched a flaw in the Amazon Photos app which could have allowed an attacker to steal and use...
Vulnerabilities
Update now! Mozilla fixes security vulnerabilities and introduces a new privacy feature for Firefox
Mozilla released version 102.0 of the Firefox browser to Release channel users on June 28, 2022. The new version fixes...
Daily Vulnerability Trends: Fri Jul 01 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-1134 No description provided CVE-2022-0847A flaw was found in the way the...
Advantech iView SQL injection | CVE-2022-2143
NAME Advantech iView SQL injection Platforms Affected:Advantech iView 5.7Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Advantech iView could allow a remote attacker to...
Simple Page Transition plugin for WordPress cross-site scripting |
NAME Simple Page Transition plugin for WordPress cross-site scripting Platforms Affected:WordPress Simple Page Transition Plugin for WordPress 1.4.1Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting...
Advantech iView SQL injection | CVE-2022-2137
NAME Advantech iView SQL injection Platforms Affected:Advantech iView 5.7Risk Level:8.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Advantech iView is vulnerable to SQL injection. A...
HOME SPOT CUBE2 command execution | CVE-2022-33948
NAME HOME SPOT CUBE2 command execution Platforms Affected:KDDI CORPORATION HOME SPOT CUBE2 V101 KDDI HOME SPOT CUBE2 V102Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access...
Motorola Solutions ACE1000 default account | CVE-2022-30270
NAME Motorola Solutions ACE1000 default account Platforms Affected:Motorola ACE1000Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Motorola Solutions ACE1000 contains default hardcoded credentials. A...
Vim denial of service | CVE-2022-2231
NAME Vim denial of service Platforms Affected:Vim Vim 8.2.5164Risk Level:7.8Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION Vim is vulnerable to a...
ILIAS security bypass | CVE-2022-31266
NAME ILIAS security bypass Platforms Affected:ILIAS ILIAS 7.10Risk Level:9.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION ILIAS could allow a remote attacker to bypass security...
Advantech iView SQL injection | CVE-2022-2136
NAME Advantech iView SQL injection Platforms Affected:Advantech iView 5.7Risk Level:8.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Advantech iView is vulnerable to SQL injection. A...
Advantech iView denial of service | CVE-2022-2138
NAME Advantech iView denial of service Platforms Affected:Advantech iView 5.7Risk Level:8.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION Advantech iView is vulnerable to a...
Advantech iView SQL injection | CVE-2022-2142
NAME Advantech iView SQL injection Platforms Affected:Advantech iView 5.7Risk Level:8.1Exploitability:HighConsequences:Data Manipulation DESCRIPTION Advantech iView is vulnerable to SQL injection. A...
Node.js underscore.deep module code execution | CVE-2022-31106
NAME Node.js underscore.deep module code execution Platforms Affected:Node.js underscore.deep 0.5.2Risk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js underscore.deep module could allow a remote...
Motorola Solutions ACE1000 default account | CVE-2022-30271
NAME Motorola Solutions ACE1000 default account Platforms Affected:Motorola ACE1000Risk Level:9.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Motorola Solutions ACE1000 contains default hardcoded SSH private...
Atlassian Jira Data Center and Server server-side request forgery | CVE-2022-26135
NAME Atlassian Jira Data Center and Server server-side request forgery Platforms Affected:Atlassian Jira Software Data Center 8.14.0 Atlassian Jira Software...
PrestaShop BlockWishList SQL injection | CVE-2022-31101
NAME PrestaShop BlockWishList SQL injection Platforms Affected:PrestaShop BlockWishList 2.0.0Risk Level:8.1Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION PrestaShop BlockWishList is vulnerable to SQL injection. A...
Daily Vulnerability Trends: Thu Jun 30 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-26809Remote Procedure Call Runtime Remote Code Execution Vulnerability. This CVE ID is...
Node.js consideration-deploy-bot module execution |
NAME Node.js consideration-deploy-bot module execution Platforms Affected:Node.js consideration-deploy-botRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js consideration-deploy-bot module could allow a remote attacker to...
Mozilla Firefox code execution | CVE-2022-2200
NAME Mozilla Firefox code execution Platforms Affected:Mozilla Firefox 101 Mozilla Firefox ESR 91.10 Mozilla Thunderbird 101 Mozilla Thunderbird 91.10Risk Level:8.8Exploitability:UnprovenConsequences:Gain...
Node.js en-conduit-schema module code execution |
NAME Node.js en-conduit-schema module code execution Platforms Affected:Node.js en-conduit-schemaRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js en-conduit-schema module could allow a remote attacker...
Node.js fk-react-lottie-player code execution |
NAME Node.js fk-react-lottie-player code execution Platforms Affected:Node.js fk-react-lottie-playerRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js fk-react-lottie-player could allow a remote attacker to execute...
Node.js parse-url module server-side request forgery | CVE-2022-2216
NAME Node.js parse-url module server-side request forgery Platforms Affected:Node.js parse-url 6.0.2 Node.js parse-url 6.0.1 Node.js parse-url 5.0.8 Node.js parse-url 5.0.7...
Mozilla Firefox code execution | CVE-2022-34485
NAME Mozilla Firefox code execution Platforms Affected:Mozilla Firefox 101Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Mozilla Firefox could allow a remote attacker to...
