Daily Vulnerability Trends: Sun May 22 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-22960VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege...
CVE
VMware Workspace ONE Access, VMware Identity Manager, and VMware vRealize Automation security bypass | CVE-2022-22972
NAME VMware Workspace ONE Access, VMware Identity Manager, and VMware vRealize Automation security bypass Platforms Affected:VMware Identity Manager 3.3.3 VMware...
countly-server information disclosure | CVE-2022-29174
NAME countly-server information disclosure Platforms Affected:countly-server countly-server 22.03.6 countly-server countly-server 21.11.3Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION countly-server could allow a remote attacker...
Synopsys Strapi information disclosure | CVE-2022-30617
NAME Synopsys Strapi information disclosure Platforms Affected:Synopsys Strapi 3.6.9 Synopsys Strapi 4.0.0-beta.15Risk Level:8.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Synopsys Strapi could allow a...
Popcorn Time cross-site scripting | CVE-2022-25229
NAME Popcorn Time cross-site scripting Platforms Affected:Popcorn Time Popcorn Time 0.4.7Risk Level:8.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION Popcorn Time is vulnerable to cross-site...
Mobotix Control Center (MxCC) information disclosure | CVE-2022-30018
NAME Mobotix Control Center (MxCC) information disclosure Platforms Affected:Mobotix Control Center (MxCC) 2.5.4.5Risk Level:8.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Mobotix Control Center (MxCC)...
Spring Security security bypass | CVE-2022-22978
NAME Spring Security security bypass Platforms Affected:Spring Spring Security 5.5.6 Spring Spring Security 5.6.3Risk Level:8.2Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Spring Security could...
mailcow command execution | CVE-2022-31245
NAME mailcow command execution Platforms Affected:mailcow mailcow 2022-05c mailcow mailcow 2022-05bRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION mailcow could allow a remote authenticated...
Daily Vulnerability Trends: Sat May 21 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-26923Active Directory Domain Services Elevation of Privilege Vulnerability.CVE-2022-26889The lack of sanitization in...
TIBCO BusinessConnect Trading Community Management cross-site request forgery | CVE-2022-22778
NAME TIBCO BusinessConnect Trading Community Management cross-site request forgery Platforms Affected:TIBCO BusinessConnect Trading Community Management 6.1.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION TIBCO...
TIBCO BusinessConnect Trading Community Management cross-site scripting | CVE-2022-22776
NAME TIBCO BusinessConnect Trading Community Management cross-site scripting Platforms Affected:TIBCO BusinessConnect Trading Community Management 6.1.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION TIBCO BusinessConnect...
VMware Workspace ONE Access, VMware Identity Manager, and VMware vRealize Automation security bypass | CVE-2022-22972
NAME VMware Workspace ONE Access, VMware Identity Manager, and VMware vRealize Automation security bypass Platforms Affected:VMware Identity Manager 3.3.3 VMware...
Mitsubishi Electric MELSEC and MELIPC Series denial of service | CVE-2022-25161
NAME Mitsubishi Electric MELSEC and MELIPC Series denial of service Platforms Affected:Mitsubishi Electric MELSEC iQ-F series MitsubishiElectric MELSEC iQ-F series...
TIBCO ActiveMatrix BPM cross-site scripting | CVE-2022-22775
NAME TIBCO ActiveMatrix BPM cross-site scripting Platforms Affected:TIBCO ActiveMatrix BPM 4.3.1 TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric 4.3.1Risk...
JFrog Artifactory privilege escalation | CVE-2022-0573
NAME JFrog Artifactory privilege escalation Platforms Affected:JFrog Artifactory 7.36Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION JFrog Artifactory could allow a remote authenticated attacker...
Daily Vulnerability Trends: Fri May 20 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-1771Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4975.CVE-2022-1774Exposure of Sensitive...
NVIDIA GPU Display Driver for Windows and Linux privilege escalation | CVE-2022-28181
NAME NVIDIA GPU Display Driver for Windows and Linux privilege escalation Platforms Affected:NVIDIA GPU Display Driver for Windows NVIDIA GPU...
HPE OneView cross-site scripting | CVE-2022-23706
NAME HPE OneView cross-site scripting Platforms Affected:HPE OneView 6.5Risk Level:8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION HPE OneView is vulnerable to cross-site scripting, caused...
VMware Workspace ONE Access, VMware Identity Manager, and VMware vRealize Automation security bypass | CVE-2022-22972
NAME VMware Workspace ONE Access, VMware Identity Manager, and VMware vRealize Automation security bypass Platforms Affected:VMware Identity Manager 3.3.3 VMware...
OpenCart Skyoftech So Listing Tabs module code execution | CVE-2022-24108
NAME OpenCart Skyoftech So Listing Tabs module code execution Platforms Affected:OpenCart Skyoftech So Listing Tabs module 2.2.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION...
NVIDIA GPU Display Driver for Windows privilege escalation | CVE-2022-28182
NAME NVIDIA GPU Display Driver for Windows privilege escalation Platforms Affected:NVIDIA GPU Display Driver for WindowsRisk Level:8.5Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION NVIDIA...
Daily Vulnerability Trends: Thu May 19 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-26688 No description provided CVE-2022-26727 No description provided CVE-2022-22676 No description provided...
Node.js titles module code execution |
NAME Node.js titles module code execution Platforms Affected:Node.js titlesRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js titles module could allow a remote attacker...
Multiple Zyxel devices command execution | CVE-2022-30525
NAME Multiple Zyxel devices command execution Platforms Affected:Zyxel USG FLEX series firmware ZLD 4.30 Zyxel USG FLEX series firmware ZLD...
