FortiOS and FortiProxy security bypass | CVE-2022-35843
NAME FortiOS and FortiProxy security bypass Platforms Affected:Fortinet FortiOS 6.0.0 Fortinet FortiOS 6.2.0 Fortinet FortiOS 6.4.0 Fortinet FortiProxy 2.0.0 Fortinet...
CVE
Sophos firewall command execution | CVE-2022-3226
NAME Sophos firewall command execution Platforms Affected:Sophos Firewall 19.4Risk Level:9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Sophos firewall could allow a remote autheticated attacker...
Node.js simple-git module code execution | CVE-2022-25912
NAME Node.js simple-git module code execution Platforms Affected:Node.js simple-git 3.14.1Risk Level:8.1Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Node.js simple-git module could allow...
Aruba Networks ClearPass Policy Manager SQL injection | CVE-2022-43530
NAME Aruba Networks ClearPass Policy Manager SQL injection Platforms Affected:Aruba Networks ClearPass Policy Manager 6.9 Aruba Networks ClearPass Policy Manager...
daloRADIUS cross-site scripting | CVE-2022-23475
NAME daloRADIUS cross-site scripting Platforms Affected:daloRADIUS daloRADIUS 1.2Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION daloRADIUS is vulnerable to cross-site scripting, caused by improper...
Sophos firewall code execution | CVE-2022-3713
NAME Sophos firewall code execution Platforms Affected:Sophos Firewall 19.4Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Sophos firewall could allow a remote attacker to...
Sophos firewall cross-site scripting | CVE-2022-3709
NAME Sophos firewall cross-site scripting Platforms Affected:Sophos Firewall 19.4Risk Level:8.4Exploitability:HighConsequences:Gain Access DESCRIPTION Sophos firewall is vulnerable to cross-site scripting, caused...
Daily Vulnerability Trends: Thu Dec 08 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-22555A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c....
Cacti command injection | CVE-2022-46169
NAME Cacti command injection Platforms Affected:Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Cacti could allow a remote attacker to execute arbitrary...
Alarm instance management command execution | CVE-2022-45462
NAME Alarm instance management command execution Platforms Affected:Alarm instance management Alarm instance managementRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Alarm instance management could...
Microsoft Edge (Chromium-based) privilege escalation | CVE-2022-44708
NAME Microsoft Edge (Chromium-based) privilege escalation Platforms Affected:Microsoft Edge for iOS Microsoft Edge (Chromium-based) 108.0Risk Level:8.3Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION Microsoft Edge...
PC Keyboard WiFi and Bluetooth app for Android code execution | CVE-2022-45479
NAME PC Keyboard WiFi and Bluetooth app for Android code execution Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION PC Keyboard WiFi and...
GitPython code execution | CVE-2022-24439
NAME GitPython code execution Platforms Affected:GitPython GitPython 3.1.20Risk Level:8.1Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION GitPython could allow a remote attacker to...
House Rental System file upload | CVE-2022-4276
NAME House Rental System file upload Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION House Rental System could allow a remote attacker to...
Lazy Mouse app for Android code execution | CVE-2022-45481
NAME Lazy Mouse app for Android code execution Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Lazy Mouse app for Android could allow...
Daily Vulnerability Trends: Wed Dec 07 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-44721CrowdStrike Falcon 6.44.15806 allows an administrative attacker to uninstall Falcon Sensor, bypassing...
MegaRAC BMC unauthorized access | CVE-2022-40242
NAME MegaRAC BMC unauthorized access Platforms Affected:AMI MegaRAC BMCRisk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION MegaRAC BMC could allow a remote attacker to...
Mitsubishi Electric MELSEC iQ-R Series devices denial of service | CVE-2022-40265
NAME Mitsubishi Electric MELSEC iQ-R Series devices denial of service Platforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION Mitsubishi Electric MELSEC iQ-R...
Sourcecodester Human Resource Management System file upload | CVE-2022-4273
NAME Sourcecodester Human Resource Management System file upload Platforms Affected:Risk Level:9.8Exploitability:HighConsequences:Gain Access DESCRIPTION Sourcecodester Human Resource Management System could allow...
MegaRAC BMC code execution | CVE-2022-40259
NAME MegaRAC BMC code execution Platforms Affected:AMI MegaRAC BMCRisk Level:9.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION MegaRAC BMC could allow a remote authenticated attacker...
Advanced Booking Calendar plugin for WordPress SQL injection | CVE-2022-45822
NAME Advanced Booking Calendar plugin for WordPress SQL injection Platforms Affected:Risk Level:10Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION Advanced Booking Calendar plugin for WordPress...
Daily Vulnerability Trends: Tue Dec 06 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-4116A vulnerability was found in quarkus. This security flaw happens in Dev...
Veritas NetBackup Flex Scale and Access Appliance privilege escalation | CVE-2022-46410
NAME Veritas NetBackup Flex Scale and Access Appliance privilege escalation Platforms Affected:Veritas Access Appliance 8.0.100 Veritas NetBackup Flex Scale 3.0Risk...
Apache Tapestry code execution | CVE-2022-46366
NAME Apache Tapestry code execution Platforms Affected:Apache Tapestry 3.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache Tapestry could allow a remote attacker to...
