Daily Vulnerability Trends: Sun May 15 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2017-11882Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2,...
vulnerability
Daily Vulnerability Trends: Sat May 14 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-0778The BN_mod_sqrt() function, which computes a modular square root, contains a bug...
Daily Vulnerability Trends: Fri May 13 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-40444Microsoft MSHTML Remote Code Execution VulnerabilityCVE-2022-30525A OS command injection vulnerability in the...
Daily Vulnerability Trends: 5-11-2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-29972CVE-2022-29972CVE-2022-26352Advisory: DotCMS Remote Code Execution (CVE-2022-26352)CVE-2022-1338CVE-2022-1338CVE-2017-11882my kaspersky blocked HEUR:Exploit.MSOffice.CVE-2017-11882.g on chrome what...
Daily Vulnerability Trends: 5-10-2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-26352Advisory: DotCMS Remote Code Execution (CVE-2022-26352)CVE-2022-1338CVE-2022-1338CVE-2022-29972CVE-2022-29972CVE-2022-22954VMSA-2022-0011 - Server Side Template Injection in...
CVE-2021-38694
Summary: SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection. Reference Links(if available): https://orangeo.tech/post/2021/12/24/First-CVEs.html https://play.google.com/store/apps/details?id=th.co.softvibe.saraban&hl=en&gl=US CVSS Score (if available) v2: /...
CVE-2021-38696
Summary: SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the...
CVE-2021-46483
Summary: Jsish v3.5.0 was discovered to contain a heap buffer overflow via BooleanConstructor at src/jsiBool.c. Reference Links(if available): https://github.com/pcmacdon/jsish/issues/62 CVSS...
CVE-2021-46482
Summary: Jsish v3.5.0 was discovered to contain a heap buffer overflow via NumberConstructor at src/jsiNumber.c. Reference Links(if available): https://github.com/pcmacdon/jsish/issues/66 CVSS...
CVE-2021-41550
Summary: Leostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code. Reference Links(if available): https://leostream.com/wp-content/uploads/2018/11/Leostream_release_notes.pdf https://www.leostream.com/resource/leostream-connection-broker-9-0/ CVSS Score...
CVE-2021-30952
Summary: An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1,...
CVE-2021-30953
Summary: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1,...
CVE-2021-30954
Summary: A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey...
CVE-2021-30984
Summary: A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1,...
CVE-2021-28507
Summary: An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfig...
Expat (aka libexpat) buffer overflow | CVE-2022-23852
NAME Expat (aka libexpat) buffer overflow Platforms Affected:libexpat libexpat 2.4.3Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Expat (aka libexpat) could allow a remote...
CVE-2015-7547
Summary: Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU...
CVE-2022-0244
Summary: An issue has been discovered in GitLab CE/EE affecting all versions starting with 14.5. Arbitrary file read was possible...
CVE-2021-46104
Summary: An issue was discovered in webp_server_go 0.4.0. There is a directory traversal vulnerability that can read arbitrary file information...
CVE-2021-43860
Summary: Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate...
CVE-2022-23046
Summary: PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the "subnet" parameter while searching a subnet...
CVE-2021-44701
Summary: Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free...
CVE-2022-23094
Summary: Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash)...
CVE-2021-44049
Summary: CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local user to gain elevated privileges via a...
