Daily Vulnerability Trends: Fri Sep 09 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-28219Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an...
Vulnerabilities
HP Support Assistant privilege escalation | CVE-2022-38395
NAME HP Support Assistant privilege escalation Platforms Affected:HP Support Assistant 9Risk Level:8.2Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION HP Support Assistant could allow a...
Tenda G3 devices buffer overflow | CVE-2022-36587
NAME Tenda G3 devices buffer overflow Platforms Affected:Tenda G3 15.11.0.6(7663)_EN_TDERisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Tenda G3 devices are vulnerable to a...
Cognex 3D-A1000 Dimensioning System security bypass | CVE-2022-1525
NAME Cognex 3D-A1000 Dimensioning System security bypass Platforms Affected:Cognex 3D-A1000 Dimensioning System Firmware 1.0.3 (3354)Risk Level:9.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Cognex 3D-A1000...
MediaTek Android privilege escalation | CVE-2022-26469
NAME MediaTek Android privilege escalation Platforms Affected:MediaTek AndroidRisk Level:8.4Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION MediaTek Android could allow a local attacker to gain...
Google ChromeOS Ash code execution | CVE-2022-3071
NAME Google ChromeOS Ash code execution Platforms Affected:Google Chrome OS 105.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google ChromeOS could allow a remote...
Cognex 3D-A1000 Dimensioning System privilege escalation | CVE-2022-1368
NAME Cognex 3D-A1000 Dimensioning System privilege escalation Platforms Affected:Cognex 3D-A1000 Dimensioning System Firmware 1.0.3 (3354)Risk Level:9.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Cognex 3D-A1000...
TOTOLINK A3002R information disclosure | CVE-2022-40111
NAME TOTOLINK A3002R information disclosure Platforms Affected:TOTOLINK A3002R 1.1.1-B20200824.0128Risk Level:9.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION TOTOLINK A3002R could allow a remote attacker to...
Daily Vulnerability Trends: Thu Sep 08 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-2639An integer coercion error was found in the openvswitch kernel module. Given...
Vim code execution | CVE-2022-3099
NAME Vim code execution Platforms Affected:Vim Vim 9.0.0321Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Vim could allow a remote attacker to...
Hitachi RAID Manager Storage Replication Adapter information disclosure | CVE-2022-34882
NAME Hitachi RAID Manager Storage Replication Adapter information disclosure Platforms Affected:Hitachi RAID Manager Storage Replication Adapter for Windows 02.01.04 Hitachi...
Multiple Mediatek Chipsets code execution | CVE-2022-26447
NAME Multiple Mediatek Chipsets code execution Platforms Affected:Mediatek MT6580 MediaTek MT8167 MediaTek MT8183 MediaTek MT8362A MediaTek MT8385 Mediatek MT6735 Mediatek...
Apache IoTDB session hijacking | CVE-2022-38369
NAME Apache IoTDB session hijacking Platforms Affected:Apache IoTDB 0.13.0Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache IoTDB could allow a remote attacker to...
Doctor’s Appointment System security bypass | CVE-2022-36202
NAME Doctor's Appointment System security bypass Platforms Affected:Sourcecodester Doctor's Appointment System 1.0Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Doctor's Appointment System could allow...
Hyperledger Indy-Node code execution | CVE-2022-31020
NAME Hyperledger Indy-Node code execution Platforms Affected:Hyperledger Indy Node 1.12.4Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Hyperledger Indy-Node could allow a remote authenticated...
Blackboard Learn privilege escalation | CVE-2022-39196
NAME Blackboard Learn privilege escalation Platforms Affected:Blackboard Learn 1.10.1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Blackboard Learn could allow a remote authenticated attacker...
Zyxel NAS326 code execution | CVE-2022-34747
NAME Zyxel NAS326 code execution Platforms Affected:Zyxel NAS326 5.20 Zyxel NAS326 5.19Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Zyxel NAS326 could allow a...
pfSense pfBlockerNG command execution | CVE-2022-31814
NAME pfSense pfBlockerNG command execution Platforms Affected:pfSense pfBlockerNG 2.1.4_26Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION pfSense pfBlockerNG could allow a remote attacker to...
RPA Technology Mobile Mouse code execution |
NAME RPA Technology Mobile Mouse code execution Platforms Affected:RPA Technology Mobile Mouse 3.6.0.4Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION RPA Technology...
Bitdefender GravityZone Cloud Console code execution | CVE-2022-2830
NAME Bitdefender GravityZone Cloud Console code execution Platforms Affected:Bitdefender GravityZone Console On-Premise 6.29.1 Bitdefender GravityZone Cloud Console 6.27.2-1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access...
Daily Vulnerability Trends: Wed Sep 07 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-2639An integer coercion error was found in the openvswitch kernel module. Given...
Daily Vulnerability Trends: Tue Sep 06 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-28799The TikTok application before 23.7.3 for Android allows account takeover. A crafted...
SFTPGo security bypass | CVE-2022-36071
NAME SFTPGo security bypass Platforms Affected:SFTPGo SFTPGo 2.2.0 SFTPGo SFTPGo 2.3.3Risk Level:8.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION SFTPGo could allow a remote authenticated...
NodeBB cross-site request forgery | CVE-2022-36076
NAME NodeBB cross-site request forgery Platforms Affected:NodeBB NodeBB 1.17.1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION NodeBB is vulnerable to cross-site request forgery, caused...
