Vulnerabilities

MOXA NPort 5110 device denial of service | CVE-2022-2044

July 28, 2022

NAME MOXA NPort 5110 device denial of service Platforms Affected:MOXA NPort 5110 2.10Risk Level:8.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION MOXA NPort 5110...

Joplin command execution | CVE-2022-35131

July 28, 2022

NAME Joplin command execution Platforms Affected:Joplin Joplin 2022-05Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Joplin could allow a remote attacker to...

IIS extensions are on the rise as backdoors to servers

July 28, 2022

The Microsoft 365 Defender Research Team has warned that attackers are increasingly leveraging Internet Information Services (IIS) extensions as covert backdoors into...

Daily Vulnerability Trends: Thu Jul 28 2022

July 28, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-32502 No description provided CVE-2022-32510 No description provided CVE-2022-26134In affected versions of...

Ceph security bypass | CVE-2022-0670

July 27, 2022

NAME Ceph security bypass Platforms Affected:Ceph Ceph 17.2Risk Level:8.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Ceph could allow a remote authenticated attacker to bypass...

Node.js machine-mapper module code execution |

July 27, 2022

NAME Node.js machine-mapper module code execution Platforms Affected:Node.js machine-mapperRisk Level:9.8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION Node.js machine-mapper module could allow a remote attacker...

Node.js deere-ui-toggle-group module code execution |

July 27, 2022

NAME Node.js deere-ui-toggle-group module code execution Platforms Affected:Node.js deere-ui-toggle-groupRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js deere-ui-toggle-group module could allow a remote attacker...

Node.js wm-accounts-auth-core module code execution |

July 27, 2022

NAME Node.js wm-accounts-auth-core module code execution Platforms Affected:Node.js wm-accounts-auth-coreRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js wm-accounts-auth-core module could allow a remote attacker...

Sourcecodester Hospital Information System SQL injection |

July 27, 2022

NAME Sourcecodester Hospital Information System SQL injection Platforms Affected:Source Code & Projects Hospital Information System 1.0Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Sourcecodester...

Node.js chat-orion-sdk module code execution |

July 27, 2022

NAME Node.js chat-orion-sdk module code execution Platforms Affected:Node.js chat-orion-sdkRisk Level:9.8Exploitability:HighConsequences:Gain Access DESCRIPTION Node.js chat-orion-sdk module could allow a remote attacker...

Node.js peekatchuysharmlesspackage module code execution |

July 27, 2022

NAME Node.js peekatchuysharmlesspackage module code execution Platforms Affected:Node.js peekatchuysharmlesspackageRisk Level:9.8Exploitability:HighConsequences:Gain Access DESCRIPTION Node.js peekatchuysharmlesspackage module could allow a remote attacker...

Node.js hft-frontend-test module code execution |

July 27, 2022

NAME Node.js hft-frontend-test module code execution Platforms Affected:Node.js hft-frontend-testRisk Level:9.8Exploitability:HighConsequences:Gain Access DESCRIPTION Node.js hft-frontend-test module could allow a remote attacker...

Node.js astar-portal-test-depconf module code execution |

July 27, 2022

NAME Node.js astar-portal-test-depconf module code execution Platforms Affected:Node.js astar-portal-test-depconfRisk Level:9.8Exploitability:HighConsequences:Gain Access DESCRIPTION Node.js astar-portal-test-depconf module could allow a remote attacker...

Mozilla Firefox code execution | CVE-2022-2505

July 27, 2022

NAME Mozilla Firefox code execution Platforms Affected:Mozilla Firefox 102 Mozilla Firefox ESR 102Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Mozilla Firefox could allow...

Node.js flipper-server-companion module code execution |

July 27, 2022

NAME Node.js flipper-server-companion module code execution Platforms Affected:Node.js flipper-server-companionRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js flipper-server-companion module could allow a remote attacker...

FileWave security bypass | CVE-2022-34907

July 27, 2022

NAME FileWave security bypass Platforms Affected:FileWave FileWave 14.6 FileWave FileWave 14.7Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION FileWave could allow a remote attacker...

Node.js amplify-category-api-dynamodb-simulator module code execution |

July 27, 2022

NAME Node.js amplify-category-api-dynamodb-simulator module code execution Platforms Affected:Node.js amplify-category-api-dynamodb-simulatorRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js amplify-category-api-dynamodb-simulator module could allow a remote attacker...

Node.js jworkflow module code execution |

July 27, 2022

NAME Node.js jworkflow module code execution Platforms Affected:Node.js jworkflowRisk Level:9.8Exploitability:HighConsequences:Gain Access DESCRIPTION Node.js jworkflow module could allow a remote attacker...

Zephyr code execution | CVE-2022-1041

July 27, 2022

NAME Zephyr code execution Platforms Affected:Zephyr Project Zephyr 3.0Risk Level:8.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Zephyr could allow a remote authenticated attacker to...

Node.js wm-accounts-sdk module code execution |

July 27, 2022

NAME Node.js wm-accounts-sdk module code execution Platforms Affected:Node.js wm-accounts-sdkRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js wm-accounts-sdk module could allow a remote attacker...

Cloudflare WARP Client security bypass | CVE-2022-2225

July 27, 2022

NAME Cloudflare WARP Client security bypass Platforms Affected:Cloudflare WARP Client for Windows 2022.5 Cloudflare WARP Client for Linux 2022.5 Cloudflare...

Node.js support-center-components module code execution |

July 27, 2022

NAME Node.js support-center-components module code execution Platforms Affected:Node.js support-center-componentsRisk Level:9.8Exploitability:HighConsequences:Gain Access DESCRIPTION Node.js support-center-components module could allow a remote attacker...

Node.js wm-shared-consts module code execution |

July 27, 2022

NAME Node.js wm-shared-consts module code execution Platforms Affected:Node.js wm-shared-constsRisk Level:9.8Exploitability:HighConsequences:Gain Access DESCRIPTION Node.js wm-shared-consts module could allow a remote attacker...

Zephyr code execution | CVE-2022-1042

July 27, 2022

Vulnerabilities

MOXA NPort 5110 device denial of service | CVE-2022-2044

Joplin command execution | CVE-2022-35131

IIS extensions are on the rise as backdoors to servers

Daily Vulnerability Trends: Thu Jul 28 2022

Ceph security bypass | CVE-2022-0670

Node.js machine-mapper module code execution |

Node.js deere-ui-toggle-group module code execution |

Node.js wm-accounts-auth-core module code execution |

Sourcecodester Hospital Information System SQL injection |

Node.js chat-orion-sdk module code execution |

Node.js peekatchuysharmlesspackage module code execution |

Node.js hft-frontend-test module code execution |

Node.js astar-portal-test-depconf module code execution |

Mozilla Firefox code execution | CVE-2022-2505

Node.js flipper-server-companion module code execution |

FileWave security bypass | CVE-2022-34907

Node.js amplify-category-api-dynamodb-simulator module code execution |

Node.js jworkflow module code execution |

Zephyr code execution | CVE-2022-1041

Node.js wm-accounts-sdk module code execution |

Cloudflare WARP Client security bypass | CVE-2022-2225

Node.js support-center-components module code execution |

Node.js wm-shared-consts module code execution |

Zephyr code execution | CVE-2022-1042

Cobalt Strike Beacon Detected – 193[.]112[.]83[.]36:8080

Cobalt Strike Beacon Detected – 60[.]204[.]245[.]37:8080

Cobalt Strike Beacon Detected – 118[.]24[.]117[.]221:8080

Cobalt Strike Beacon Detected – 47[.]120[.]13[.]85:8889

Cobalt Strike Beacon Detected – 20[.]41[.]73[.]175:8080

You may have missed