Microsoft Windows Remote Desktop Client code execution | CVE-2022-22017
NAME Microsoft Windows Remote Desktop Client code execution Platforms Affected:Microsoft Windows Server 2022 Microsoft Windows Server (Server Core installation) 2022...
Vulnerabilities
Daily Vulnerability Trends: 5-11-2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-29972CVE-2022-29972CVE-2022-26352Advisory: DotCMS Remote Code Execution (CVE-2022-26352)CVE-2022-1338CVE-2022-1338CVE-2017-11882my kaspersky blocked HEUR:Exploit.MSOffice.CVE-2017-11882.g on chrome what...
Daily Vulnerability Trends: 5-10-2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-26352Advisory: DotCMS Remote Code Execution (CVE-2022-26352)CVE-2022-1338CVE-2022-1338CVE-2022-29972CVE-2022-29972CVE-2022-22954VMSA-2022-0011 - Server Side Template Injection in...
Google Chrome Browser UI code execution | CVE-2022-1634
NAME Google Chrome Browser UI code execution Platforms Affected:Google Chrome 101.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote...
Node.js colors-help module code execution |
NAME Node.js colors-help module code execution Platforms Affected:Node.js colors-helpRisk Level:9.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js colors-help module could allow a remote attacker...
Red Planet Computers Laundry Management System username SQL injection |
NAME Red Planet Computers Laundry Management System username SQL injection Platforms Affected:Red Planet Computers Laundry Management System 1.0Risk Level:9.8Exploitability:UnprovenConsequences:Data Manipulation...
Node.js colors_express module code execution |
NAME Node.js colors_express module code execution Platforms Affected:Node.js colors_expressRisk Level:9.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js colors_express module could allow a remote attacker...
Flux project Flux2, helm-controller and kustomize-controller code execution | CVE-2022-24817
NAME Flux project Flux2, helm-controller and kustomize-controller code execution Platforms Affected:Flux project Flux2 0.28.5 Flux project kustomize-controller 0.22.3 Flux project...
SchedMD Slurm privilege escalation | CVE-2022-29501
NAME SchedMD Slurm privilege escalation Platforms Affected:SchedMD Slurm 20.11.6 SchedMD Slurm 20.02.6Risk Level:9.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION SchedMD Slurm could allow a...
WPS Office buffer overflow | CVE-2021-40399
NAME WPS Office buffer overflow Platforms Affected:Kingsoft WPS Office 11.2.0.10351Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION WPS Office is vulnerable to...
Flux project Flux2 and kustomize-controller directory traversal | CVE-2022-24877
NAME Flux project Flux2 and kustomize-controller directory traversal Platforms Affected:Flux project Flux2 0.28.5 Flux project kustomize-controller 0.23.0Risk Level:9.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION...
Google Chrome Permission Prompts code execution | CVE-2022-1635
NAME Google Chrome Permission Prompts code execution Platforms Affected:Google Chrome 101.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote...
QNAP QTS, QuTS hero, and QuTScloud command execution | CVE-2021-44051
NAME QNAP QTS, QuTS hero, and QuTScloud command execution Platforms Affected:QNAP QTS QNAP QuTS hero QNAP QuTScloudRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION...
F5 BIG-IP (Advanced WAF, APM, ASM) and Guided Configuration (GC) security bypass | CVE-2022-25946
NAME F5 BIG-IP (Advanced WAF, APM, ASM) and Guided Configuration (GC) security bypass Platforms Affected:F5 BIG-IP (APM) 14.1.0 F5 BIG-IP...
The Update Framework (TUF) go-tuf security bypass | CVE-2022-29173
NAME The Update Framework (TUF) go-tuf security bypass Platforms Affected:The Update Framework (TUF) go-tuf 0.2.0Risk Level:8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION The Update...
Google Chrome Performance APIs code execution | CVE-2022-1636
NAME Google Chrome Performance APIs code execution Platforms Affected:Google Chrome 101.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote...
Sophos Firewall cross-site scripting | CVE-2021-25268
NAME Sophos Firewall cross-site scripting Platforms Affected:Sophos Firewall 18.5 MR3 Sophos Firewall 18.5 MR2 Sophos Firewall 18.4Risk Level:8.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION...
Brocade SANnav security bypass | CVE-2022-28165
NAME Brocade SANnav security bypass Platforms Affected:Brocade SANnav 1.0 Brocade SANnav 2.0 Brocade SANnav 2.1Risk Level:8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Brocade SANnav...
Fujitsu IPCOM command execution | CVE-2022-29516
NAME Fujitsu IPCOM command execution Platforms Affected:Fujitsu IPCOM EX Fujitsu IPCOM EX2 Fujitsu IPCOM VE2 Fujitsu IPCOM VA2 Fujitsu IPCOM...
F5 BIG-IP (AFM, CGNAT, PEM) cross-site scripting | CVE-2022-28716
NAME F5 BIG-IP (AFM, CGNAT, PEM) cross-site scripting Platforms Affected:F5 BIG-IP (AFM) 15.1.0 F5 BIG-IP (PEM) 15.1.0 F5 BIG-IP (PEM)...
Google Chrome ANGLE code execution | CVE-2022-1639
NAME Google Chrome ANGLE code execution Platforms Affected:Google Chrome 101.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...
RubyGems RubyGems.org security bypass | CVE-2022-29176
NAME RubyGems RubyGems.org security bypass Platforms Affected:RubyGems RubyGems.orgRisk Level:9.9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION RubyGems RubyGems.org could allow a remote authenticated attacker to...
rsyslog buffer overflow | CVE-2022-24903
NAME rsyslog buffer overflow Platforms Affected:rsyslog rsyslog 8.2204.0Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION rsyslog is vulnerable to a heap-based buffer overflow, caused...
Google Chrome Web Contents code execution | CVE-2022-1637
NAME Google Chrome Web Contents code execution Platforms Affected:Google Chrome 101.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote...
