Daily Vulnerability Trends: Mon Nov 07 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-25337Improper access control in clipboard service in Samsung mobile devices prior to...
CVE
Daily Vulnerability Trends: Sun Nov 06 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-42889Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated...
D-Link DIR-878 command execution | CVE-2022-43184
NAME D-Link DIR-878 command execution Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION D-Link DIR-878 could allow a remote attacker to execute arbitrary...
Rukovoditel cross-site scripting | CVE-2022-43167
NAME Rukovoditel cross-site scripting Platforms Affected:Risk Level:10Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Rukovoditel is vulnerable to cross-site scripting, caused by improper validation of...
Rukovoditel SQL injection | CVE-2022-43168
NAME Rukovoditel SQL injection Platforms Affected:Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Rukovoditel is vulnerable to SQL injection. A remote attacker could send...
Daily Vulnerability Trends: Sat Nov 05 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-32250net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able...
Canteen Management System SQL injection | CVE-2022-43232
NAME Canteen Management System SQL injection Platforms Affected:Risk Level:7.2Exploitability:HighConsequences:Data Manipulation DESCRIPTION Canteen Management System is vulnerable to SQL injection. A...
Cisco Identity Services Engine security bypass | CVE-2022-20956
NAME Cisco Identity Services Engine security bypass Platforms Affected:Cisco Identity Services EngineRisk Level:8.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Cisco Identity Services Engine could...
Cisco Identity Services Engine cross-site request forgery | CVE-2022-20961
NAME Cisco Identity Services Engine cross-site request forgery Platforms Affected:Cisco Identity Services Engine 2.2 Cisco Identity Services Engine 2.6 Patch...
Cisco BroadWorks CommPilot Application Software code execution | CVE-2022-20958
NAME Cisco BroadWorks CommPilot Application Software code execution Platforms Affected:Cisco BroadWorks CommPilot Application SoftwareRisk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Cisco BroadWorks CommPilot...
Daily Vulnerability Trends: Fri Nov 04 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2202-3602 No description provided CVE-2022-31692Spring Security, versions 5.7 prior to 5.7.5 and...
Fortinet FortiADC cross-site scripting | CVE-2022-35851
NAME Fortinet FortiADC cross-site scripting Platforms Affected:Fortinet FortiADC 7.1.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Fortinet FortiADC is vulnerable to cross-site scripting, caused...
Fortinet FortiADC cross-site scripting | CVE-2022-38374
NAME Fortinet FortiADC cross-site scripting Platforms Affected:Fortinet FortiADC 6.2.0 Fortinet FortiADC 7.0.2 Fortinet FortiADC 7.0.0 Fortinet FortiADC 6.2.4Risk Level:8.8Exploitability:HighConsequences:Cross-Site Scripting...
Sanitization Management System SQL injection | CVE-2022-43355
NAME Sanitization Management System SQL injection Platforms Affected:Risk Level:7.2Exploitability:HighConsequences:Data Manipulation DESCRIPTION Sanitization Management System is vulnerable to SQL injection. A...
XenSource Xen Xenstore privilege escalation | CVE-2022-42320
NAME XenSource Xen Xenstore privilege escalation Platforms Affected:XenSource XenRisk Level:8.4Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION XenSource Xen could allow a local attacker to...
IP-COM EW9 command execution | CVE-2022-43367
NAME IP-COM EW9 command execution Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION IP-COM EW9 could allow a remote attacker to execute arbitrary...
Fortinet FortiAnalyzer and Fortinet FortiManager cross-site scripting | CVE-2022-39950
NAME Fortinet FortiAnalyzer and Fortinet FortiManager cross-site scripting Platforms Affected:Risk Level:8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION Fortinet FortiAnalyzer and Fortinet FortiManager are vulnerable...
Daily Vulnerability Trends: Thu Nov 03 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-22241An Improper Input Validation vulnerability in the J-Web component of Juniper Networks...
Daily Vulnerability Trends: Wed Nov 02 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-3786A buffer overrun can be triggered in X.509 certificate verification, specifically in...
xf-test-csrf |
NAME xf-test-csrf Platforms Affected:Risk Level:10Exploitability:FunctionalConsequences: DESCRIPTION xf-test-csrf CVSS 3.0 Information Privileges Required: NoneUser Interaction: NoneScope: UnchangedAccess Vector: Access Complexity: LowConfidentiality...
Daily Vulnerability Trends: Tue Nov 01 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-42889Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated...
Apache Geode cross-site scripting | CVE-2022-34870
NAME Apache Geode cross-site scripting Platforms Affected:Apache Geode 1.15.0Risk Level:7.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Apache Geode is vulnerable to cross-site scripting, caused...
Daily Vulnerability Trends: Sun Oct 30 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-40684An authentication bypass using an alternate path or channel in Fortinet FortiOS...
cURL libcurl security bypass | CVE-2022-32221
NAME cURL libcurl security bypass Platforms Affected:cURL libcurl 7.7 cURL libcurl 7.85.0Risk Level:8.2Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION cURL libcurl could allow a...
