Vulnerabilities

Covid19 Directory SQL injection |

March 31, 2022

NAME Covid19 Directory SQL injection Platforms Affected:SourcecCodester Covid-19 Directory on Vaccination System 1.0Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Covid19 Directory on Vaccination...

Trend Micro Apex Central file upload | CVE-2022-26871

March 31, 2022

NAME Trend Micro Apex Central file upload Platforms Affected:Trend Micro Apex CentralRisk Level:8.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Trend Micro Apex Central could...

NETGEAR R6700v3 code execution | CVE-2022-27641

March 31, 2022

NAME NETGEAR R6700v3 code execution Platforms Affected:NETGEAR R6700v3Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION NETGEAR R6700v3 could allow a remote attacker to execute...

Google Chrome Tab Strip code execution | CVE-2022-1136

March 31, 2022

NAME Google Chrome Tab Strip code execution Platforms Affected:Google Chrome 100.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote...

VetBosSel Fingerprint Attendance SQL injection |

March 31, 2022

NAME VetBosSel Fingerprint Attendance SQL injection Platforms Affected:VetBosSel Fingerprint Attendance 1.0Risk Level:9.8Exploitability:Proof of ConceptConsequences:Data Manipulation DESCRIPTION VetBosSel Fingerprint Attendance is...

Hospital Patient Records Management System cross-site scripting | CVE-2022-26244

March 31, 2022

NAME Hospital Patient Records Management System cross-site scripting Platforms Affected:Sourcecodester Hospital's Patient Records Management System 1.0Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Hospital...

Jenkins SiteMonitor Plugin cross-site scripting | CVE-2022-28153

March 31, 2022

NAME Jenkins SiteMonitor Plugin cross-site scripting Platforms Affected:Jenkins SiteMonitor Plugin 0.6Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins SiteMonitor Plugin is vulnerable to...

Jenkins Continuous Integration with Toad Edge Plugin cross-site scripting | CVE-2022-28145

March 31, 2022

NAME Jenkins Continuous Integration with Toad Edge Plugin cross-site scripting Platforms Affected:Jenkins Continuous Integration with Toad Edge Plugin 2.3Risk Level:8Exploitability:HighConsequences:Cross-Site...

Covid19 Directory SQL injection |

March 31, 2022

Google Chrome WebUI buffer overflow | CVE-2022-1143

March 31, 2022

NAME Google Chrome WebUI buffer overflow Platforms Affected:Google Chrome 100.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome is vulnerable to a heap-based...

DHC Vision eQMS cross-site scripting | CVE-2022-24957

March 31, 2022

NAME DHC Vision eQMS cross-site scripting Platforms Affected:DHC vision eQMS 5.4.8.322Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION DHC Vision eQMS is vulnerable to...

Google Chrome QR Code Generator code execution | CVE-2022-1127

March 31, 2022

NAME Google Chrome QR Code Generator code execution Platforms Affected:Google Chrome 100.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a...

Marky code execution | CVE-2022-26205

March 31, 2022

NAME Marky code execution Platforms Affected:Marky Marky 3686565726c65756eRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Marky could allow a remote attacker to execute arbitrary...

Google Chrome File Manager code execution | CVE-2022-1141

March 31, 2022

NAME Google Chrome File Manager code execution Platforms Affected:Google Chrome 100.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote...

Google Chrome WebRTC code execution | CVE-2022-1133

March 31, 2022

NAME Google Chrome WebRTC code execution Platforms Affected:Google Chrome 100.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...

Jenkins Bitbucket Server Integration Plugin cross-site scripting | CVE-2022-28133

March 31, 2022

NAME Jenkins Bitbucket Server Integration Plugin cross-site scripting Platforms Affected:Jenkins Bitbucket Server Integration Plugin 3.1.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Bitbucket...

Google Chrome version 97.0.4692.99-CVE-2022-0311

March 25, 2022

NAME Google - Chrome Platforms Affected:ChromeRisk Level:lowCVE Type:Heap-based buffer overflow DESCRIPTION CVE-2022-0311 is a heap-based buffer overflow vulnerability impacting Google...

pip mitmproxy package request smuggling | CVE-2022-24766

March 25, 2022

NAME pip mitmproxy package request smuggling Platforms Affected:pip mitmproxy package 7.0.4 pip mitmproxy package 7.0.3Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION pip mitmproxy...

Lexar F35 security bypass | CVE-2021-46390

March 25, 2022

NAME Lexar F35 security bypass Platforms Affected:Lexar F35 1.0.34.0Risk Level:8.8Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION Lexar F35 could allow a local authenticated...

Inventory Management System Edit-Details.php SQL injection |

March 25, 2022

NAME Inventory Management System Edit-Details.php SQL injection Platforms Affected:VetBosSel Inventory Management System 1.0Risk Level:7.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION Inventory Management System is...

Multiple HP printer models information disclosure | CVE-2022-24292

March 25, 2022

NAME Multiple HP printer models information disclosure Platforms Affected:HP OfficeJet Pro 8210 Printer series HP PageWide 352dw Printer HP PageWide...

Multiple HP printer models buffer overflow | CVE-2022-24293

March 25, 2022

NAME Multiple HP printer models buffer overflow Platforms Affected:HP OfficeJet Pro 8210 Printer series HP PageWide 352dw Printer HP PageWide...

GARO Wallbox GLB/GTB/GTC default account | CVE-2021-45877

March 25, 2022

NAME GARO Wallbox GLB/GTB/GTC default account Platforms Affected:GARO Wallbox GLB/GTB/GTC 185Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION GARO Wallbox GLB/GTB/GTC contains default hardcoded...

Delta Electronics DIAEnergie SQL injection | CVE-2022-26059

March 25, 2022

NAME Delta Electronics DIAEnergie SQL injection Platforms Affected:Delta Electronics DIAEnergie 1.7.5Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Delta Electronics DIAEnergie is vulnerable to...

Vulnerabilities

Covid19 Directory SQL injection |

Trend Micro Apex Central file upload | CVE-2022-26871

NETGEAR R6700v3 code execution | CVE-2022-27641

Google Chrome Tab Strip code execution | CVE-2022-1136

VetBosSel Fingerprint Attendance SQL injection |

Hospital Patient Records Management System cross-site scripting | CVE-2022-26244

Jenkins SiteMonitor Plugin cross-site scripting | CVE-2022-28153

Jenkins Continuous Integration with Toad Edge Plugin cross-site scripting | CVE-2022-28145

Covid19 Directory SQL injection |

Google Chrome WebUI buffer overflow | CVE-2022-1143

DHC Vision eQMS cross-site scripting | CVE-2022-24957

Google Chrome QR Code Generator code execution | CVE-2022-1127

Marky code execution | CVE-2022-26205

Google Chrome File Manager code execution | CVE-2022-1141

Google Chrome WebRTC code execution | CVE-2022-1133

Jenkins Bitbucket Server Integration Plugin cross-site scripting | CVE-2022-28133

Google Chrome version 97.0.4692.99-CVE-2022-0311

pip mitmproxy package request smuggling | CVE-2022-24766

Lexar F35 security bypass | CVE-2021-46390

Inventory Management System Edit-Details.php SQL injection |

Multiple HP printer models information disclosure | CVE-2022-24292

Multiple HP printer models buffer overflow | CVE-2022-24293

GARO Wallbox GLB/GTB/GTC default account | CVE-2021-45877

Delta Electronics DIAEnergie SQL injection | CVE-2022-26059

CISA: CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware

CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases Nine Industrial Control Systems Advisories

CISA: CISA Partners with ASD’s ACSC, CCCS, NCSC-UK, and Other International and US Organizations to Release Guidance on Edge Devices

You may have missed