Vulnerabilities

Node.js wm-shared-consts module code execution |

July 27, 2022

NAME Node.js wm-shared-consts module code execution Platforms Affected:Node.js wm-shared-constsRisk Level:9.8Exploitability:HighConsequences:Gain Access DESCRIPTION Node.js wm-shared-consts module could allow a remote attacker...

Zephyr code execution | CVE-2022-1042

July 27, 2022

NAME Zephyr code execution Platforms Affected:Zephyr Project Zephyr 3.0Risk Level:8.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Zephyr could allow a remote authenticated attacker to...

Mozilla Firefox code execution | CVE-2022-36320

July 27, 2022

NAME Mozilla Firefox code execution Platforms Affected:Mozilla Firefox 102Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Mozilla Firefox could allow a remote attacker to...

SonicWall urges customers to patch critical SQL injection bug ASAP

July 27, 2022

Cybersecurity hardware company, SonicWall, recently released a public security notice about a critical SQL injection flaw affecting its GMS (Global...

Daily Vulnerability Trends: Wed Jul 27 2022

July 27, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-34906A hard-coded cryptographic key is used in FileWave before 14.6.3 and 14.7.x...

Node.js amplify-category-api-e2e-core module code execution |

July 26, 2022

NAME Node.js amplify-category-api-e2e-core module code execution Platforms Affected:Node.js amplify-category-api-e2e-coreRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js amplify-category-api-e2e-core module could allow a remote attacker...

Apple iOS, iPadOS, and tvOS buffer overflow | CVE-2022-32788

July 26, 2022

NAME Apple iOS, iPadOS, and tvOS buffer overflow Platforms Affected:Apple iOS 15.5 Apple iPadOS 15.5 Apple tvOS 15.5Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access...

Node.js owncloud-guests module code execution |

July 26, 2022

NAME Node.js owncloud-guests module code execution Platforms Affected:Node.js owncloud-guestsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js owncloud-guests module could allow a remote attacker...

Node.js employers-routes module code execution |

July 26, 2022

NAME Node.js employers-routes module code execution Platforms Affected:Node.js employers-routesRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js employers-routes module could allow a remote attacker...

Node.js dependencies-zksync module code execution |

July 26, 2022

NAME Node.js dependencies-zksync module code execution Platforms Affected:Node.js dependencies-zksyncRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js dependencies-zksync module could allow a remote attacker...

Node.js defi-interfaces module code execution |

July 26, 2022

NAME Node.js defi-interfaces module code execution Platforms Affected:Node.js defi-interfacesRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js defi-interfaces module could allow a remote attacker...

WAVLINK WN535K2 and WN535K3 command execution | CVE-2022-2487

July 26, 2022

NAME WAVLINK WN535K2 and WN535K3 command execution Platforms Affected:Wavlink WN535K2 Wavlink WN535K3Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION WAVLINK WN535K2 and WN535K3 could...

Node.js bitmovin-internal module code execution |

July 26, 2022

NAME Node.js bitmovin-internal module code execution Platforms Affected:Node.js bitmovin-internalRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js bitmovin-internal module could allow a remote attacker...

Node.js stripe-demo-connect-standard-saas-platform module code execution |

July 26, 2022

NAME Node.js stripe-demo-connect-standard-saas-platform module code execution Platforms Affected:Node.js stripe-demo-connect-standard-saas-platformRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js stripe-demo-connect-standard-saas-platform module could allow a remote attacker...

Node.js lido-dao-test-dp module code execution |

July 26, 2022

NAME Node.js lido-dao-test-dp module code execution Platforms Affected:Node.js lido-dao-test-dpRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js lido-dao-test-dp module could allow a remote attacker...

Node.js route-sonar module code execution |

July 26, 2022

NAME Node.js route-sonar module code execution Platforms Affected:Node.js route-sonarRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js route-sonar module could allow a remote attacker...

Node.js elementor-developers-docs module code execution |

July 26, 2022

NAME Node.js elementor-developers-docs module code execution Platforms Affected:Node.js elementor-developers-docsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js elementor-developers-docs module could allow a remote attacker...

WAVLINK WN535K2 and WN535K3 command execution | CVE-2022-2486

July 26, 2022

Node.js @acrontum/filesystem-template module command execution | CVE-2022-21186

July 26, 2022

NAME Node.js @acrontum/filesystem-template module command execution Platforms Affected:Node.js @acrontum/filesystem-template 0.0.1Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Node.js @acrontum/filesystem-template module could allow...

Node.js wm-accounts-auth module code execution |

July 26, 2022

NAME Node.js wm-accounts-auth module code execution Platforms Affected:Node.js wm-accounts-authRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js wm-accounts-auth module could allow a remote attacker...

Skyhigh Secure Web Gateway security bypass | CVE-2022-2310

July 26, 2022

NAME Skyhigh Secure Web Gateway security bypass Platforms Affected:Trellix Skyhigh Secure Web Gateway 11.0 Trellix Skyhigh Secure Web Gateway 11.2.0...

Node.js shaikh-test module code execution |

July 26, 2022

NAME Node.js shaikh-test module code execution Platforms Affected:Node.js shaikh-testRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js shaikh-test module could allow a remote attacker...

WAVLINK WN535K2 and WN535K3 command execution | CVE-2022-2488

July 26, 2022

Node.js twilio-bugcrowd-poc-twilio-flex-ui-sample module code execution |

July 26, 2022

NAME Node.js twilio-bugcrowd-poc-twilio-flex-ui-sample module code execution Platforms Affected:Node.js twilio-bugcrowd-poc-twilio-flex-ui-sampleRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js twilio-bugcrowd-poc-twilio-flex-ui-sample module could allow a remote attacker...

Vulnerabilities

Node.js wm-shared-consts module code execution |

Zephyr code execution | CVE-2022-1042

Mozilla Firefox code execution | CVE-2022-36320

SonicWall urges customers to patch critical SQL injection bug ASAP

Daily Vulnerability Trends: Wed Jul 27 2022

Node.js amplify-category-api-e2e-core module code execution |

Apple iOS, iPadOS, and tvOS buffer overflow | CVE-2022-32788

Node.js owncloud-guests module code execution |

Node.js employers-routes module code execution |

Node.js dependencies-zksync module code execution |

Node.js defi-interfaces module code execution |

WAVLINK WN535K2 and WN535K3 command execution | CVE-2022-2487

Node.js bitmovin-internal module code execution |

Node.js stripe-demo-connect-standard-saas-platform module code execution |

Node.js lido-dao-test-dp module code execution |

Node.js route-sonar module code execution |

Node.js elementor-developers-docs module code execution |

WAVLINK WN535K2 and WN535K3 command execution | CVE-2022-2486

Node.js @acrontum/filesystem-template module command execution | CVE-2022-21186

Node.js wm-accounts-auth module code execution |

Skyhigh Secure Web Gateway security bypass | CVE-2022-2310

Node.js shaikh-test module code execution |

WAVLINK WN535K2 and WN535K3 command execution | CVE-2022-2488

Node.js twilio-bugcrowd-poc-twilio-flex-ui-sample module code execution |

Cobalt Strike Beacon Detected – 193[.]112[.]83[.]36:8080

Cobalt Strike Beacon Detected – 60[.]204[.]245[.]37:8080

Cobalt Strike Beacon Detected – 118[.]24[.]117[.]221:8080

Cobalt Strike Beacon Detected – 47[.]120[.]13[.]85:8889

Cobalt Strike Beacon Detected – 20[.]41[.]73[.]175:8080

You may have missed