Vulnerabilities

Advantech iView SQL injection | CVE-2022-3323

September 30, 2022

NAME Advantech iView SQL injection Platforms Affected:Advantech iView 5.7.04.6469Risk Level:9.8Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION Advantech iView is vulnerable to SQL injection. A...

Carlo Gavazzi UWP and CPY Car Park Server default account | CVE-2022-22522

September 30, 2022

NAME Carlo Gavazzi UWP and CPY Car Park Server default account Platforms Affected:Carlo Gavazzi UWP 3.0 Carlo Gavazzi CPY Car...

Carlo Gavazzi UWP and CPY Car Park Server default account | CVE-2022-28812

September 30, 2022

NAME Carlo Gavazzi UWP and CPY Car Park Server default account Platforms Affected:Carlo Gavazzi UWP 3.0 Carlo Gavazzi CPY Car...

Carlo Gavazzi UWP and CPY Car Park Server SQL Injection | CVE-2022-22524

September 30, 2022

NAME Carlo Gavazzi UWP and CPY Car Park Server SQL Injection Platforms Affected:Carlo Gavazzi UWP 3.0 Carlo Gavazzi CPY Car...

Carlo Gavazzi UWP and CPY Car Park Server command execution | CVE-2022-28811

September 30, 2022

NAME Carlo Gavazzi UWP and CPY Car Park Server command execution Platforms Affected:Carlo Gavazzi UWP 3.0 Carlo Gavazzi CPY Car...

Vim buffer overflow | CVE-2022-3324

September 30, 2022

NAME Vim buffer overflow Platforms Affected:Vim Vim 9.0.0597Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Vim is vulnerable to a stack-based buffer...

Carlo Gavazzi UWP and CPY Car Park Server SQL Injection | CVE-2022-28813

September 30, 2022

NAME Carlo Gavazzi UWP and CPY Car Park Server SQL Injection Platforms Affected:Carlo Gavazzi UWP 3.0 Carlo Gavazzi CPY Car...

Matrix Android SDK2 security bypass | CVE-2022-39246

September 30, 2022

NAME Matrix Android SDK2 security bypass Platforms Affected:matrix.org Matrix Android SDK2 1.4.36Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Matrix Android SDK2 could allow...

matrix-js-sdk security bypass | CVE-2022-39250

September 30, 2022

NAME matrix-js-sdk security bypass Platforms Affected:matrix.org Matrix Javascript SDK 19.6.0Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION matrix-js-sdk could allow a remote attacker to...

TP-Link Archer AX10 code execution | CVE-2022-40486

September 30, 2022

NAME TP-Link Archer AX10 code execution Platforms Affected:TP-Link Archer AX10 firmware 1.3.1 Build 20220401 Rel. 57450(5553)Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION TP-Link...

matrix-ios-sdk security bypass | CVE-2022-39255

September 30, 2022

NAME matrix-ios-sdk security bypass Platforms Affected:matrix.org matrix-ios-sdk 0.23.18Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION matrix-ios-sdk could allow a remote attacker to bypass security...

Matrix Javascript SDK security bypass | CVE-2022-39251

September 30, 2022

NAME Matrix Javascript SDK security bypass Platforms Affected:matrix.org Matrix Javascript SDK 19.6.0Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Matrix Javascript SDK could allow...

matrix-nio security bypass | CVE-2022-39254

September 30, 2022

NAME matrix-nio security bypass Platforms Affected:matrix.org matrix-nio 0.19Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION matrix-nio could allow a remote attacker to bypass security...

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Mobility denial of service | CVE-2022-20856

September 30, 2022

NAME Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Mobility denial of service Platforms Affected:Cisco Catalyst...

Vulnerabilities

Advantech iView SQL injection | CVE-2022-3323

Carlo Gavazzi UWP and CPY Car Park Server default account | CVE-2022-22522

Carlo Gavazzi UWP and CPY Car Park Server default account | CVE-2022-28812

Carlo Gavazzi UWP and CPY Car Park Server SQL Injection | CVE-2022-22524

Carlo Gavazzi UWP and CPY Car Park Server command execution | CVE-2022-28811

Vim buffer overflow | CVE-2022-3324

Carlo Gavazzi UWP and CPY Car Park Server SQL Injection | CVE-2022-28813

Matrix Android SDK2 security bypass | CVE-2022-39246

matrix-js-sdk security bypass | CVE-2022-39250

TP-Link Archer AX10 code execution | CVE-2022-40486

matrix-ios-sdk security bypass | CVE-2022-39255

Matrix Javascript SDK security bypass | CVE-2022-39251

matrix-nio security bypass | CVE-2022-39254

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Mobility denial of service | CVE-2022-20856

Carlo Gavazzi UWP and CPY Car Park Server directory traversal | CVE-2022-28814

Matrix Android SDK2 security bypass | CVE-2022-39248

matrix-sdk-crypto security bypass | CVE-2022-39252

Daily Vulnerability Trends: Fri Sep 30 2022

Cisco IOS XE Wireless Controller Software denial of service | CVE-2022-20847

Motopress Hotel Booking Lite plugin for WordPress Add New cross-site scripting |

mailcow spoofing | CVE-2022-39258

Cisco IOS XE Software denial of service | CVE-2022-20837

Cisco IOS and Cisco IOS XE denial of service | CVE-2022-20919

Cisco IOS XE denial of service | CVE-2022-20848

[AKIRA] – Ransomware Victim: Fogelman Management Group

[LYNX] – Ransomware Victim: end2endtechnologies

[AKIRA] – Ransomware Victim: Oversea Casing

[LYNX] – Ransomware Victim: Vicarage Court Solicitors

CVE Alert: CVE-2025-1050

You may have missed