Daily Vulnerability Trends: Sat May 21 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-26923Active Directory Domain Services Elevation of Privilege Vulnerability.CVE-2022-26889The lack of sanitization in...
CVE
TIBCO BusinessConnect Trading Community Management cross-site request forgery | CVE-2022-22778
NAME TIBCO BusinessConnect Trading Community Management cross-site request forgery Platforms Affected:TIBCO BusinessConnect Trading Community Management 6.1.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION TIBCO...
TIBCO BusinessConnect Trading Community Management cross-site scripting | CVE-2022-22776
NAME TIBCO BusinessConnect Trading Community Management cross-site scripting Platforms Affected:TIBCO BusinessConnect Trading Community Management 6.1.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION TIBCO BusinessConnect...
VMware Workspace ONE Access, VMware Identity Manager, and VMware vRealize Automation security bypass | CVE-2022-22972
NAME VMware Workspace ONE Access, VMware Identity Manager, and VMware vRealize Automation security bypass Platforms Affected:VMware Identity Manager 3.3.3 VMware...
Mitsubishi Electric MELSEC and MELIPC Series denial of service | CVE-2022-25161
NAME Mitsubishi Electric MELSEC and MELIPC Series denial of service Platforms Affected:Mitsubishi Electric MELSEC iQ-F series MitsubishiElectric MELSEC iQ-F series...
TIBCO ActiveMatrix BPM cross-site scripting | CVE-2022-22775
NAME TIBCO ActiveMatrix BPM cross-site scripting Platforms Affected:TIBCO ActiveMatrix BPM 4.3.1 TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric 4.3.1Risk...
JFrog Artifactory privilege escalation | CVE-2022-0573
NAME JFrog Artifactory privilege escalation Platforms Affected:JFrog Artifactory 7.36Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION JFrog Artifactory could allow a remote authenticated attacker...
Daily Vulnerability Trends: Fri May 20 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-1771Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4975.CVE-2022-1774Exposure of Sensitive...
NVIDIA GPU Display Driver for Windows and Linux privilege escalation | CVE-2022-28181
NAME NVIDIA GPU Display Driver for Windows and Linux privilege escalation Platforms Affected:NVIDIA GPU Display Driver for Windows NVIDIA GPU...
HPE OneView cross-site scripting | CVE-2022-23706
NAME HPE OneView cross-site scripting Platforms Affected:HPE OneView 6.5Risk Level:8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION HPE OneView is vulnerable to cross-site scripting, caused...
VMware Workspace ONE Access, VMware Identity Manager, and VMware vRealize Automation security bypass | CVE-2022-22972
NAME VMware Workspace ONE Access, VMware Identity Manager, and VMware vRealize Automation security bypass Platforms Affected:VMware Identity Manager 3.3.3 VMware...
OpenCart Skyoftech So Listing Tabs module code execution | CVE-2022-24108
NAME OpenCart Skyoftech So Listing Tabs module code execution Platforms Affected:OpenCart Skyoftech So Listing Tabs module 2.2.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION...
NVIDIA GPU Display Driver for Windows privilege escalation | CVE-2022-28182
NAME NVIDIA GPU Display Driver for Windows privilege escalation Platforms Affected:NVIDIA GPU Display Driver for WindowsRisk Level:8.5Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION NVIDIA...
Daily Vulnerability Trends: Thu May 19 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-26688 No description provided CVE-2022-26727 No description provided CVE-2022-22676 No description provided...
Node.js titles module code execution |
NAME Node.js titles module code execution Platforms Affected:Node.js titlesRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js titles module could allow a remote attacker...
Multiple Zyxel devices command execution | CVE-2022-30525
NAME Multiple Zyxel devices command execution Platforms Affected:Zyxel USG FLEX series firmware ZLD 4.30 Zyxel USG FLEX series firmware ZLD...
Jenkins vboxwrapper Plugin cross-site scripting | CVE-2022-30968
NAME Jenkins vboxwrapper Plugin cross-site scripting Platforms Affected:Jenkins vboxwrapper Plugin 1.3Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins vboxwrapper Plugin is vulnerable to...
Jenkins Application Detector Plugin cross-site scripting | CVE-2022-30960
NAME Jenkins Application Detector Plugin cross-site scripting Platforms Affected:Jenkins Application Detector Plugin 1.0.8Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Application Detector Plugin...
Jenkins Autocomplete Parameter Plugin cross-site scripting | CVE-2022-30970
NAME Jenkins Autocomplete Parameter Plugin cross-site scripting Platforms Affected:Jenkins Autocomplete Parameter Plugin 1.1Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Autocomplete Parameter Plugin...
Jenkins Random String Parameter Plugin cross-site scripting | CVE-2022-30966
NAME Jenkins Random String Parameter Plugin cross-site scripting Platforms Affected:Jenkins Random String Parameter Plugin 1.0Risk Level:8Exploitability:HighConsequences:Gain Access DESCRIPTION Jenkins Random...
Jenkins Rundeck Plugin cross-site scripting | CVE-2022-30956
NAME Jenkins Rundeck Plugin cross-site scripting Platforms Affected:Jenkins Rundeck Plugin 3.6.10Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Rundeck Plugin is vulnerable to...
Jenkins Promoted Builds (Simple) Plugin cross-site scripting | CVE-2022-30965
NAME Jenkins Promoted Builds (Simple) Plugin cross-site scripting Platforms Affected:Jenkins Promoted Builds (Simple) Plugin 1.9Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Promoted...
Jenkins Selection tasks Plugin cross-site scripting | CVE-2022-30967
NAME Jenkins Selection tasks Plugin cross-site scripting Platforms Affected:Jenkins Selection tasks Plugin 1.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Selection tasks Plugin...
IpMatcher server-side request forgery | CVE-2021-33318
NAME IpMatcher server-side request forgery Platforms Affected:NuGet IpMatcher 1.0.4.1Risk Level:8.1Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION IpMatcher is vulnerable to server-side request...
