IBM PowerVM VIOS denial of service | CVE-2022-35643
NAME IBM PowerVM VIOS denial of service Platforms Affected:IBM PowerVM VIOS 3.1Risk Level:9.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION IBM PowerVM VIOS 3.1 could...
CVE
Daily Vulnerability Trends: Sat Jul 30 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-32744 No description provided CVE-2022-20186In kbase_mem_alias of mali_kbase_mem_linux.c, there is a possible...
McAfee Agent Smart Installer for Windows code execution | CVE-2022-2313
NAME McAfee Agent Smart Installer for Windows code execution Platforms Affected:McAfee Agent Smart Installer for Windows 5.7.6Risk Level:8.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION...
JustSystems JUST Online Update for J-License privilege escalation |
NAME JustSystems JUST Online Update for J-License privilege escalation Platforms Affected:JustSystems JUST Online Update for J-LicenseRisk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION JustSystems...
EnterpriseDT CompleteFTP Server directory traversal | CVE-2022-2560
NAME EnterpriseDT CompleteFTP Server directory traversal Platforms Affected:EnterpriseDT CompleteFTP Server 22.1Risk Level:8.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION EnterpriseDT CompleteFTP Server could allow a...
Loan Management System login SQL injection |
NAME Loan Management System login SQL injection Platforms Affected:Sourcecodester Loan Management System 1.0Risk Level:9.8Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION Loan Management System is...
Apache Calcite Avatica code execution | CVE-2022-36364
NAME Apache Calcite Avatica code execution Platforms Affected:Apache Calcite Avatica 1.21.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache Calcite Avatica could allow a...
Synology CardDAV Server SQL injection | CVE-2022-27613
NAME Synology CardDAV Server SQL injection Platforms Affected:Synology CardDAV Server for DSM 6.2Risk Level:8.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION Synology CardDAV Server is...
Daily Vulnerability Trends: Fri Jul 29 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-20186In kbase_mem_alias of mali_kbase_mem_linux.c, there is a possible arbitrary code execution due...
PEGA Infinity security bypass | CVE-2022-24083
NAME PEGA Infinity security bypass Platforms Affected:PEGA Infinity 7.3.1 PEGA Infinity 8.7.2Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION PEGA Infinity could allow a...
PCProtect Endpoint privilege escalation |
NAME PCProtect Endpoint privilege escalation Platforms Affected:PCProtect Endpoint 5.17.470Risk Level:8.4Exploitability:Proof of ConceptConsequences:Gain Privileges DESCRIPTION PCProtect Endpoint could allow a local...
Jenkins CLIF Performance Testing Plugin directory traversal | CVE-2022-36894
NAME Jenkins CLIF Performance Testing Plugin directory traversal Platforms Affected:jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfb_fRisk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Jenkins CLIF...
Node.js autolinker module security bypass |
NAME Node.js autolinker module security bypass Platforms Affected:Node.js AutolinkerRisk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Node.js autolinker module could allow a remote attacker...
MOXA NPort 5110 device denial of service | CVE-2022-2044
NAME MOXA NPort 5110 device denial of service Platforms Affected:MOXA NPort 5110 2.10Risk Level:8.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION MOXA NPort 5110...
Joplin command execution | CVE-2022-35131
NAME Joplin command execution Platforms Affected:Joplin Joplin 2022-05Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Joplin could allow a remote attacker to...
Western Digital My Cloud devices cross-site scripting | CVE-2022-22999
NAME Western Digital My Cloud devices cross-site scripting Platforms Affected:Western Digital My CloudRisk Level:8.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Western Digital My Cloud...
SolarView Compact file upload | CVE-2022-35239
NAME SolarView Compact file upload Platforms Affected:Contec SolarView Compact SV-CPT-MC310 7.23 Contec SolarView Compact SV-CPT-MC310F 7.23Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION SolarView...
IIS extensions are on the rise as backdoors to servers
The Microsoft 365 Defender Research Team has warned that attackers are increasingly leveraging Internet Information Services (IIS) extensions as covert backdoors into...
Daily Vulnerability Trends: Thu Jul 28 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-32502 No description provided CVE-2022-32510 No description provided CVE-2022-26134In affected versions of...
Ceph security bypass | CVE-2022-0670
NAME Ceph security bypass Platforms Affected:Ceph Ceph 17.2Risk Level:8.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Ceph could allow a remote authenticated attacker to bypass...
Node.js machine-mapper module code execution |
NAME Node.js machine-mapper module code execution Platforms Affected:Node.js machine-mapperRisk Level:9.8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION Node.js machine-mapper module could allow a remote attacker...
Node.js deere-ui-toggle-group module code execution |
NAME Node.js deere-ui-toggle-group module code execution Platforms Affected:Node.js deere-ui-toggle-groupRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js deere-ui-toggle-group module could allow a remote attacker...
Node.js peekatchuysharmlesspackage module code execution |
NAME Node.js peekatchuysharmlesspackage module code execution Platforms Affected:Node.js peekatchuysharmlesspackageRisk Level:9.8Exploitability:HighConsequences:Gain Access DESCRIPTION Node.js peekatchuysharmlesspackage module could allow a remote attacker...
Node.js hft-frontend-test module code execution |
NAME Node.js hft-frontend-test module code execution Platforms Affected:Node.js hft-frontend-testRisk Level:9.8Exploitability:HighConsequences:Gain Access DESCRIPTION Node.js hft-frontend-test module could allow a remote attacker...
