Daily Vulnerability Trends: Sat Jun 25 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-2156 No description provided CVE-2022-30151Windows Ancillary Function Driver for WinSock Elevation of...
Vulnerabilities
SMA Technologies OpCon UNIX agent security bypass | US-CERT VU#142546
NAME SMA Technologies OpCon UNIX agent security bypass Platforms Affected:SMA Technologies OpCon UNIX agentRisk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION SMA Technologies OpCon...
VMware Tanzu Spring Data MongoDB code execution | CVE-2022-22980
NAME VMware Tanzu Spring Data MongoDB code execution Platforms Affected:VMware Tanzu Spring Data MongoDB 3.3.0 VMware Tanzu Spring Data MongoDB...
Bosch Ethernet switch PRA-ES8P2S privilege escalation | CVE-2022-32536
NAME Bosch Ethernet switch PRA-ES8P2S privilege escalation Platforms Affected:Bosch Ethernet switch PRA-ES8P2S 1.01.05Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Bosch Ethernet switch PRA-ES8P2S...
Cisco Adaptive Security Device Manager and Adaptive Security Appliance Software code execution | CVE-2022-20829
NAME Cisco Adaptive Security Device Manager and Adaptive Security Appliance Software code execution Platforms Affected:Cisco Adaptive Security Device Manager Cisco...
Bosch Ethernet switch PRA-ES8P2S command execution | CVE-2022-32534
NAME Bosch Ethernet switch PRA-ES8P2S command execution Platforms Affected:Bosch Ethernet switch PRA-ES8P2S 1.01.05Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Bosch Ethernet switch PRA-ES8P2S...
Daily Vulnerability Trends: Fri Jun 24 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-2156 No description provided CVE-2022-25167Apache Flume versions 1.4.0 through 1.9.0 are vulnerable...
iSpyConnect iSpy security bypass | CVE-2022-29775
NAME iSpyConnect iSpy security bypass Platforms Affected:iSpyconnect iSpy 7.2.2.0Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION iSpyConnect iSpy could allow a remote attacker to...
Siemens SIMATIC WinCC security bypass | CVE-2022-33139
NAME Siemens SIMATIC WinCC security bypass Platforms Affected:Siemens SIMATIC WinCC OA 3.16 Siemens SIMATIC WinCC OA 3.17 Siemens SIMATIC WinCC...
Jenkins Nested View Plugin cross-site scripting | CVE-2022-34182
NAME Jenkins Nested View Plugin cross-site scripting Platforms Affected:Jenkins Nested View Plugin 1.25Risk Level:8.8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Nested View Plugin...
Jenkins ontrack Jenkins Plugin cross-site scripting | CVE-2022-34192
NAME Jenkins ontrack Jenkins Plugin cross-site scripting Platforms Affected:Jenkins ontrack Jenkins Plugin 4.0.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins ontrack Jenkins Plugin...
Jenkins Readonly Parameter Plugin cross-site scripting | CVE-2022-34194
NAME Jenkins Readonly Parameter Plugin cross-site scripting Platforms Affected:Jenkins Readonly Parameter Plugin 1.0.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Readonly Parameter Plugin...
Jenkins Sauce OnDemand Plugin cross-site scripting | CVE-2022-34197
NAME Jenkins Sauce OnDemand Plugin cross-site scripting Platforms Affected:Jenkins Sauce OnDemand Plugin 1.204Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Sauce OnDemand Plugin...
Jenkins Dynamic Extended Choice Parameter Plugin cross-site scripting | CVE-2022-34186
NAME Jenkins Dynamic Extended Choice Parameter Plugin cross-site scripting Platforms Affected:Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION...
Jenkins REST List Parameter Plugin cross-site scripting | CVE-2022-34196
NAME Jenkins REST List Parameter Plugin cross-site scripting Platforms Affected:Jenkins REST List Parameter Plugin 1.5.2Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins REST...
Jenkins LTS and weekly cross-site scripting | CVE-2022-34170
NAME Jenkins LTS and weekly cross-site scripting Platforms Affected:Jenkins weekly 2.355 Jenkins LTS 2.332.3Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins LTS and...
Jenkins weekly cross-site scripting | CVE-2022-34172
NAME Jenkins weekly cross-site scripting Platforms Affected:Jenkins weekly 2.355Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins weekly is vulnerable to cross-site scripting, caused...
Jenkins Repository Connector Plugin cross-site scripting | CVE-2022-34195
NAME Jenkins Repository Connector Plugin cross-site scripting Platforms Affected:Jenkins Repository Connector Plugin 2.2.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Repository Connector Plugin...
Jenkins Stash Branch Parameter Plugin cross-site scripting | CVE-2022-34198
NAME Jenkins Stash Branch Parameter Plugin cross-site scripting Platforms Affected:Jenkins Stash Branch Parameter Plugin 0.3.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Stash...
Jenkins Filesystem List Parameter Plugin cross-site scripting | CVE-2022-34187
NAME Jenkins Filesystem List Parameter Plugin cross-site scripting Platforms Affected:Jenkins Filesystem List Parameter Plugin 0.0.7Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Filesystem...
Jenkins Hidden Parameter Plugin cross-site scripting | CVE-2022-34188
NAME Jenkins Hidden Parameter Plugin cross-site scripting Platforms Affected:Jenkins Hidden Parameter Plugin 0.0.4Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Hidden Parameter Plugin...
Jenkins Maven Metadata Plugin for Jenkins CI server Plugin cross-site scripting | CVE-2022-34190
NAME Jenkins Maven Metadata Plugin for Jenkins CI server Plugin cross-site scripting Platforms Affected:Jenkins Maven Metadata Plugin for Jenkins CI...
Phoenix Contact ProConOS/ProConOS eCLR privilege escalation | CVE-2022-31800
NAME Phoenix Contact ProConOS/ProConOS eCLR privilege escalation Platforms Affected:Phoenix Contact ProConOs Phoenix Contact MultiProg Phoenix Contact ProConOS eCLRRisk Level:9.8Exploitability:UnprovenConsequences:Gain Privileges...
SMA Technologies OpCon UNIX agent security bypass | US-CERT VU#142546
NAME SMA Technologies OpCon UNIX agent security bypass Platforms Affected:SMA Technologies OpCon UNIX agentRisk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION SMA Technologies OpCon...
