Daily Vulnerability Trends: Wed Jul 20 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-2097AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised...
Vulnerabilities
Node.js ys-mozi-metrics module code execution |
NAME Node.js ys-mozi-metrics module code execution Platforms Affected:Node.js ys-mozi-metricsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js ys-mozi-metrics module could allow a remote attacker...
Node.js @contasimples/simples-react-uiOpen module code execution |
NAME Node.js @contasimples/simples-react-uiOpen module code execution Platforms Affected:Node.js @contasimples/simples-react-uiRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js @contasimples/simples-react-uiOpen module could allow a remote attacker...
AROX School ERP Pro file upload | CVE-2022-32119
NAME AROX School ERP Pro file upload Platforms Affected:AROX Solution AROX School ERP Pro 1.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION AROX School...
Node.js mozi-metrics code execution |
NAME Node.js mozi-metrics code execution Platforms Affected:Node.js mozi-metricsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js mozi-metrics could allow a remote attacker to execute...
Apache Spark command execution | CVE-2022-33891
NAME Apache Spark command execution Platforms Affected:Apache Spark 3.1.2 Apache Spark 3.0.3 Apache Spark 3.1.1 Apache Spark 3.2.0 Apache Spark...
Accusoft ImageGear code execution | CVE-2022-29465
NAME Accusoft ImageGear code execution Platforms Affected:Accusoft ImageGear 20.0Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Accusoft ImageGear could allow a remote attacker to...
Node.js eslint-plugin-internal module code execution |
NAME Node.js eslint-plugin-internal module code execution Platforms Affected:Node.js eslint-plugin-internalRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js eslint-plugin-internal module could allow a remote attacker...
Apache CloudStack XML external entity | CVE-2022-35741
NAME Apache CloudStack XML external entity Platforms Affected:Apache CloudStack 4.5.0 Apache CloudStack 4.16.1.0 Apache CloudStack 4.17.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache...
Daily Vulnerability Trends: Tue Jul 19 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-44228Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1)...
Daily Vulnerability Trends: Mon Jul 18 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-22029Windows Network File System Remote Code Execution Vulnerability. This CVE ID is...
Honeywell Alerton Ascent Control Module (ACM) code execution | CVE-2022-30244
NAME Honeywell Alerton Ascent Control Module (ACM) code execution Platforms Affected:Honeywell Alerton Ascent Control Module (ACM) 2022-05-04Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION...
Node.js html-live-player module code execution |
NAME Node.js html-live-player module code execution Platforms Affected:Node.js html-live-playerRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js html-live-player module could allow a remote attacker...
Schneider Electric SpaceLogic C-Bus Home Controller command execution | CVE-2022-34753
NAME Schneider Electric SpaceLogic C-Bus Home Controller command execution Platforms Affected:Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) 1.31.460Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access...
Honeywell Alerton Visual Logic code execution | CVE-2022-30243
NAME Honeywell Alerton Visual Logic code execution Platforms Affected:Honeywell Alerton Visual Logic 2022-05-04Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Honeywell Alerton Visual Logic...
Node.js indy-vdr-shared module code execution |
NAME Node.js indy-vdr-shared module code execution Platforms Affected:Node.js indy-vdr-sharedRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js indy-vdr-shared module could allow a remote attacker...
Node.js releasebuildr module code execution |
NAME Node.js releasebuildr module code execution Platforms Affected:Node.js releasebuildrRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js releasebuildr module could allow a remote attacker...
Node.js @releasebuildr/ui module code execution |
NAME Node.js @releasebuildr/ui module code execution Platforms Affected:Node.js @releasebuildr/uiRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js @releasebuildr/ui module could allow a remote attacker...
Siemens EN100 Ethernet modules denial of service | CVE-2022-30938
NAME Siemens EN100 Ethernet modules denial of service Platforms Affected:Siemens EN100 Ethernet module IEC 61850 variant 4.20 Siemens EN100 Ethernet...
Schneider Electric Easergy P5 buffer overflow | CVE-2022-34756
NAME Schneider Electric Easergy P5 buffer overflow Platforms Affected:Schneider Electric Easergy P5 01.401.102Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Schneider Electric Easergy P5...
Siemens SCALANCE X Switch Devices brute force | CVE-2022-26647
NAME Siemens SCALANCE X Switch Devices brute force Platforms Affected:Siemens SCALANCE X200-4P IRT (6GK5200-4AH00- 2BA3) Siemens SCALANCE X200-4P IRT (6GK5200-4AH10-...
Node.js patrick-test2 module code execution |
NAME Node.js patrick-test2 module code execution Platforms Affected:Node.js patrick-test2Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js patrick-test2 module could allow a remote attacker...
Siemens SIMATIC eaSie Core Package security bypass | CVE-2021-44222
NAME Siemens SIMATIC eaSie Core Package security bypass Platforms Affected:Siemens SIMATIC eaSie Core Package 21Risk Level:10Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Siemens SIMATIC...
Juniper Networks Junos Space Security Director Policy Enforcer weak security |
NAME Juniper Networks Junos Space Security Director Policy Enforcer weak security Platforms Affected:Juniper Networks Junos Space Security Director Policy EnforcerRisk...
