Daily Vulnerability Trends: Thu Oct 06 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-2880 No description provided CVE-2022-41850 No description provided CVE-2022-40140An origin validation error...
Vulnerabilities
ZKTeco ZKSecurity BIO SQL injection | CVE-2022-36635
NAME ZKTeco ZKSecurity BIO SQL injection Platforms Affected:ZKTeco ZKSecurity BIO 4.1.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION ZKTeco ZKSecurity BIO is vulnerable to...
Veritas NetBackup SQL injection | CVE-2022-42303
NAME Veritas NetBackup SQL injection Platforms Affected:Veritas NetBackup 10.0Risk Level:8Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION Veritas NetBackup is vulnerable to SQL injection. A...
Veritas NetBackup directory traversal | CVE-2022-42308
NAME Veritas NetBackup directory traversal Platforms Affected:Veritas NetBackup 8.2Risk Level:9Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION Veritas NetBackup could allow a local attacker to...
Apache Airflow security bypass | CVE-2022-41672
NAME Apache Airflow security bypass Platforms Affected:Apache Airflow 2.4.0Risk Level:8.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Apache Airflow could allow a remote authenticated attacker...
ZKTeco ZKSecurity BIO privilege escalation | CVE-2022-36634
NAME ZKTeco ZKSecurity BIO privilege escalation Platforms Affected:ZKTeco ZKSecurity BIO 3.0.5.0_RRisk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION ZKTeco ZKSecurity BIO could allow a...
Veritas NetBackup SQL injection | CVE-2022-42304
NAME Veritas NetBackup SQL injection Platforms Affected:Veritas NetBackup 10.0Risk Level:8Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION Veritas NetBackup is vulnerable to SQL injection. A...
Veritas NetBackup SQL injection | CVE-2022-42302
NAME Veritas NetBackup SQL injection Platforms Affected:Veritas NetBackup 10.0Risk Level:9Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION Veritas NetBackup is vulnerable to SQL injection. A...
Johnson Controls Metasys ADX Server security bypass | CVE-2022-21936
NAME Johnson Controls Metasys ADX Server security bypass Platforms Affected:Johnson Controls Metasys ADX Server 12.0Risk Level:8.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Johnson Controls...
Centreon cross-site scripting | CVE-2022-39988
NAME Centreon cross-site scripting Platforms Affected:Centreon Centreon 22.04Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Centreon is vulnerable to cross-site scripting, caused by improper...
Daily Vulnerability Trends: Wed Oct 05 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-27925Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives...
Node.js isolated-vm module code execution | CVE-2022-39266
NAME Node.js isolated-vm module code execution Platforms Affected:Node.js isolated-vm 4.3.6Risk Level:9.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js isolated-vm module could allow a remote...
Node.js h3rmesk1t-npm-evil module code execution |
NAME Node.js h3rmesk1t-npm-evil module code execution Platforms Affected:Node.js h3rmesk1t-npm-evilRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js h3rmesk1t-npm-evil module could allow a remote attacker...
Node.js fe-extension module code execution |
NAME Node.js fe-extension module code execution Platforms Affected:Node.js fe-extensionRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js fe-extension module could allow a remote attacker...
Node.js ngdraggable-coyo module code execution |
NAME Node.js ngdraggable-coyo module code execution Platforms Affected:Node.js ngdraggable-coyoRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js ngdraggable-coyo module could allow a remote attacker...
Node.js hkcc module code execution |
NAME Node.js hkcc module code execution Platforms Affected:Node.js hkccRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js hkcc module could allow a remote attacker...
Node.js @sfdc-www/hgf-lwc-components module code execution |
NAME Node.js @sfdc-www/hgf-lwc-components module code execution Platforms Affected:Node.js @sfdc-www/hgf-lwc-componentsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js @sfdc-www/hgf-lwc-components module could allow a remote attacker...
Node.js wumonster_shell module code execution |
NAME Node.js wumonster_shell module code execution Platforms Affected:Node.js wumonster_shellRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js wumonster_shell module could allow a remote attacker...
Node.js bytectfxwan4n module code execution |
NAME Node.js bytectfxwan4n module code execution Platforms Affected:Node.js bytectfxwan4nRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js bytectfxwan4n module could allow a remote attacker...
Node.js ccctftest module code execution |
NAME Node.js ccctftest module code execution Platforms Affected:Node.js ccctftestRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js ccctftest module could allow a remote attacker...
Node.js wumonster module code execution |
NAME Node.js wumonster module code execution Platforms Affected:Node.js wumonsterRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js wumonster module could allow a remote attacker...
Node.js sfos-ui module code execution |
NAME Node.js sfos-ui module code execution Platforms Affected:Node.js sfos-uiRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js sfos-ui module could allow a remote attacker...
Microsoft Edge (Chromium-based) spoofing | CVE-2022-41035
NAME Microsoft Edge (Chromium-based) spoofing Platforms Affected:Microsoft Edge (Chromium-based) 106.0Risk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Microsoft Edge (Chromium-based) could allow a remote...
Actian Zen PSQL security bypass | CVE-2022-40756
NAME Actian Zen PSQL security bypass Platforms Affected:Actian Zen PSQL 15.11.004 Actian Zen PSQL 15.01.016 Actian Zen PSQL 14.21.021Risk Level:8.8Exploitability:UnprovenConsequences:Bypass...
