CVE

Microsoft SharePoint Server code execution | CVE-2022-30157

June 15, 2022

NAME Microsoft SharePoint Server code execution Platforms Affected:Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 SP1 Microsoft SharePoint...

Microsoft Windows Network File System code execution | CVE-2022-30136

June 15, 2022

NAME Microsoft Windows Network File System code execution Platforms Affected:Microsoft Windows Server 2012 Microsoft Windows 8.1 x32 Microsoft Windows 8.1...

Apache Flume code execution | CVE-2022-25167

June 15, 2022

NAME Apache Flume code execution Platforms Affected:Apache Flume 1.4.0 Apache Flume 1.5.0 Apache Flume 1.6.0 Apache Flume 1.7.0 Apache Flume...

HP LaserJet Professional M1210 MFP Series system root path privilege escalation |

June 15, 2022

NAME HP LaserJet Professional M1210 MFP Series system root path privilege escalation Platforms Affected:HP LaserJet Professional M1210 MFP Series 20180815_1Risk...

Johnson Controls Metasys ADS ADX OAS Servers cross-site scripting | CVE-2022-21937

June 15, 2022

NAME Johnson Controls Metasys ADS ADX OAS Servers cross-site scripting Platforms Affected:Johnson Controls Metasys ADS/ADX/OAS 10 Johnson Controls Metasys ADS/ADX/OAS...

Microsoft Windows Kerberos security bypass | CVE-2022-30164

June 15, 2022

NAME Microsoft Windows Kerberos security bypass Platforms Affected:Microsoft Windows Server 2012 Microsoft Windows 8.1 x32 Microsoft Windows 8.1 x64 Microsoft...

Johnson Controls Metasys ADS ADX OAS Servers cross-site scripting | CVE-2022-21938

June 15, 2022

NAME Johnson Controls Metasys ADS ADX OAS Servers cross-site scripting Platforms Affected:Johnson Controls Metasys ADS/ADX/OAS 10 Johnson Controls Metasys ADS/ADX/OAS...

Microsoft SharePoint Server code execution | CVE-2022-30158

June 15, 2022

NAME Microsoft SharePoint Server code execution Platforms Affected:Microsoft SharePoint Server 2013 SP1 Microsoft SharePoint Foundation 2013 SP1 Microsoft SharePoint Enterprise...

Microsoft Windows Lightweight Directory Access Protocol (LDAP) code execution | CVE-2022-30153

June 15, 2022

NAME Microsoft Windows Lightweight Directory Access Protocol (LDAP) code execution Platforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1...

Daily Vulnerability Trends: Wed Jun 15 2022

June 15, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-29847In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is...

Dell SupportAssist Client Consumer and Dell SupportAssist Client Commercial cross-site scripting | CVE-2022-29095

June 14, 2022

NAME Dell SupportAssist Client Consumer and Dell SupportAssist Client Commercial cross-site scripting Platforms Affected:Dell SupportAssist Client Consumer 3.8 Dell SupportAssist...

Powertek PDU Firmware information disclosure | CVE-2022-33174

June 14, 2022

NAME Powertek PDU Firmware information disclosure Platforms Affected:Powertek PDU firmware 3.30.17Risk Level:8.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Powertek PDU Firmware could allow a...

NocoDB privilege escalation | CVE-2022-2063

June 14, 2022

NAME NocoDB privilege escalation Platforms Affected:NocoDB NocoDB 0.91.7Risk Level:9Exploitability:Proof of ConceptConsequences:Gain Privileges DESCRIPTION NocoDB could allow a remote authenticated attacker...

Biscuit security bypass | CVE-2022-31053

June 14, 2022

NAME Biscuit security bypass Platforms Affected:Biscuit Biscuit 1.0.0 Biscuit Biscuit 1.1.0Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Biscuit could allow a remote attacker...

Apache Hadoop buffer overflow | CVE-2021-37404

June 14, 2022

NAME Apache Hadoop buffer overflow Platforms Affected:Apache Hadoop 2.9.0 Apache Hadoop 3.0.0 Apache Hadoop 3.2.0 Apache Hadoop 2.10.1 Apache Hadoop...

Sourcecodester Money Transfer Management System | CVE-2021-44582

June 14, 2022

NAME Sourcecodester Money Transfer Management System Platforms Affected:Sourcecodester Money Transfer Management System 1.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Sourcecodester Money Transfer Management...

NocoDB security bypass | CVE-2022-2064

June 14, 2022

NAME NocoDB security bypass Platforms Affected:NocoDB NocoDB 0.91.8Risk Level:9.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION NocoDB could allow a remote authenticated attacker to bypass...

Couchbase Sync Gateway privilege escalation | CVE-2022-32563

June 14, 2022

NAME Couchbase Sync Gateway privilege escalation Platforms Affected:Couchbase Sync Gateway 3.0.1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Couchbase Sync Gateway could allow a...

Dolibarr ERP/CRM cross-site scripting | CVE-2022-2060

June 14, 2022

NAME Dolibarr ERP/CRM cross-site scripting Platforms Affected:Dolibarr Dolibarr ERP/CRM 3.0.0 Dolibarr Dolibarr ERP/CRM 3.3.1 Dolibarr Dolibarr ERP/CRM 3.5.3 Dolibarr Dolibarr...

Envoy denial of service | CVE-2022-29226

June 14, 2022

NAME Envoy denial of service Platforms Affected:Envoy Envoy 1.22.0Risk Level:10Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Envoy could allow a remote attacker to bypass...

NocoDB server-side request forgery | CVE-2022-2062

June 14, 2022

NAME NocoDB server-side request forgery Platforms Affected:NocoDB NocoDB 0.91.7Risk Level:9.1Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION NocoDB is vulnerable to server-side request...

Powertek PDU Firmware security bypass | CVE-2022-33175

June 14, 2022

NAME Powertek PDU Firmware security bypass Platforms Affected:Powertek PDU firmware 3.30.17Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Powertek PDU Firmware could allow a...

ITarian platform (SAAS / on-premise) code execution | CVE-2022-25152

June 14, 2022

NAME ITarian platform (SAAS / on-premise) code execution Platforms Affected:ITarian platform (SAAS / on-premise)Risk Level:9.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION ITarian platform (SAAS...

Lepin EP-KP001 security bypass | CVE-2022-29948

June 14, 2022

NAME Lepin EP-KP001 security bypass Platforms Affected:Lepin EP-KP001 KP001_V19Risk Level:8.2Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Lepin EP-KP001 could allow a remote attacker to...

CVE

Microsoft SharePoint Server code execution | CVE-2022-30157

Microsoft Windows Network File System code execution | CVE-2022-30136

Apache Flume code execution | CVE-2022-25167

HP LaserJet Professional M1210 MFP Series system root path privilege escalation |

Johnson Controls Metasys ADS ADX OAS Servers cross-site scripting | CVE-2022-21937

Microsoft Windows Kerberos security bypass | CVE-2022-30164

Johnson Controls Metasys ADS ADX OAS Servers cross-site scripting | CVE-2022-21938

Microsoft SharePoint Server code execution | CVE-2022-30158

Microsoft Windows Lightweight Directory Access Protocol (LDAP) code execution | CVE-2022-30153

Daily Vulnerability Trends: Wed Jun 15 2022

Dell SupportAssist Client Consumer and Dell SupportAssist Client Commercial cross-site scripting | CVE-2022-29095

Powertek PDU Firmware information disclosure | CVE-2022-33174

NocoDB privilege escalation | CVE-2022-2063

Biscuit security bypass | CVE-2022-31053

Apache Hadoop buffer overflow | CVE-2021-37404

Sourcecodester Money Transfer Management System | CVE-2021-44582

NocoDB security bypass | CVE-2022-2064

Couchbase Sync Gateway privilege escalation | CVE-2022-32563

Dolibarr ERP/CRM cross-site scripting | CVE-2022-2060

Envoy denial of service | CVE-2022-29226

NocoDB server-side request forgery | CVE-2022-2062

Powertek PDU Firmware security bypass | CVE-2022-33175

ITarian platform (SAAS / on-premise) code execution | CVE-2022-25152

Lepin EP-KP001 security bypass | CVE-2022-29948

CISA: CISA and Partners Release Call to Action to Close the National Software Understanding Gap

[EVEREST] – Ransomware Victim: Woodlake

[EVEREST] – Ransomware Victim: The Hoff Brand SL

[EVEREST] – Ransomware Victim: Volt Infrastructure

CVE Alert: CVE-2025-22780

You may have missed