Daily Vulnerability Trends: Sat Aug 06 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-20841 No description provided CVE-2022-30699NLnet Labs Unbound, up to and including version...
Vulnerabilities
Quest KACE Systems Management Appliance (SMA) security bypass | CVE-2022-30285
NAME Quest KACE Systems Management Appliance (SMA) security bypass Platforms Affected:Quest KACE Systems Management Appliance 12.0Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Quest...
Node.js ctv-appletv3-router module code execution |
NAME Node.js ctv-appletv3-router module code execution Platforms Affected:Node.js ctv-appletv3-routerRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js ctv-appletv3-router module could allow a remote attacker...
VMware Workspace ONE Access, Identity Manager and vRealize Automation code execution | CVE-2022-31658
NAME VMware Workspace ONE Access, Identity Manager and vRealize Automation code execution Platforms Affected:VMware vRealize Automation 7.6 VMware Workspace ONE...
D-Link DIR820LA1 devices buffer overflow | CVE-2022-34973
NAME D-Link DIR820LA1 devices buffer overflow Platforms Affected:D-Link DIR820LA1 FW106B02Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION D-Link DIR820LA1 devices are vulnerable to a...
Node.js chawla-init-3 module code execution |
NAME Node.js chawla-init-3 module code execution Platforms Affected:Node.js chawla-init-3Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js chawla-init-3 module could allow a remote attacker...
Node.js @employee-experience/common module code execution |
NAME Node.js @employee-experience/common module code execution Platforms Affected:Node.js @employee-experience/commonRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js @employee-experience/common module could allow a remote attacker...
Mealie cross-site scripting | CVE-2022-34619
NAME Mealie cross-site scripting Platforms Affected:Mealie Mealie 0.5.5Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Mealie is vulnerable to cross-site scripting, caused by improper...
BookWyrm brute force | CVE-2022-35925
NAME BookWyrm brute force Platforms Affected:BookWyrm BookWyrm 0.4.4Risk Level:9.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION BookWyrm is vulnerable to a brute force attack, caused...
Node.js video-live-config module code execution |
NAME Node.js video-live-config module code execution Platforms Affected:Node.js video-live-configRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js video-live-config module could allow a remote attacker...
Node.js ctv-tachyon-wrapper module code execution |
NAME Node.js ctv-tachyon-wrapper module code execution Platforms Affected:Node.js ctv-tachyon-wrapperRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js ctv-tachyon-wrapper module could allow a remote attacker...
VMware Workspace ONE Access, Identity Manager and vRealize Automation code execution | CVE-2022-31659
NAME VMware Workspace ONE Access, Identity Manager and vRealize Automation code execution Platforms Affected:VMware vRealize Automation 7.6 VMware Workspace ONE...
NextAuth.js security bypass | CVE-2022-35924
NAME NextAuth.js security bypass Platforms Affected:NextAuth.js NextAuth.js 4.10.2 NextAuth.js NextAuth.js 3.29.9Risk Level:9.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION NextAuth.js could allow a remote attacker...
Node.js lwc-playground module code execution |
NAME Node.js lwc-playground module code execution Platforms Affected:Node.js lwc-playgroundRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js lwc-playground module could allow a remote attacker...
VMware Workspace ONE Access, Identity Manager and vRealize Automation privilege escalation | CVE-2022-31660
NAME VMware Workspace ONE Access, Identity Manager and vRealize Automation privilege escalation Platforms Affected:VMware vRealize Automation 7.6 VMware Workspace ONE...
Quest KACE Systems Management Appliance (SMA) code execution | CVE-2022-29807
NAME Quest KACE Systems Management Appliance (SMA) code execution Platforms Affected:Quest KACE Systems Management Appliance 12.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Quest...
OMICard EDM code execution | CVE-2022-32965
NAME OMICard EDM code execution Platforms Affected:Peisheng Information OMICard EDM 5.8 Peisheng Information OMICard EDM 5.9 Peisheng Information OMICard EDM...
D-Link DIR810LA1 devices command execution | CVE-2022-34974
NAME D-Link DIR810LA1 devices command execution Platforms Affected:D-Link DIR810LA1 FW102B22Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION D-Link DIR810LA1 devices could allow a remote...
VMware Workspace ONE Access, Identity Manager and vRealize Automation security bypass | CVE-2022-31656
NAME VMware Workspace ONE Access, Identity Manager and vRealize Automation security bypass Platforms Affected:VMware vRealize Automation 7.6 VMware Workspace ONE...
OMICard EDM SQL injection | CVE-2022-32964
NAME OMICard EDM SQL injection Platforms Affected:Peisheng Information OMICard EDM 5.8 Peisheng Information OMICard EDM 5.9 Peisheng Information OMICard EDM...
Daily Vulnerability Trends: Fri Aug 05 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-33891The Apache Spark UI offers the possibility to enable ACLs via the...
TIBCO iWay Service Manager cross-site scripting | CVE-2022-30571
NAME TIBCO iWay Service Manager cross-site scripting Platforms Affected:TIBCO TIBCO iWay Service Manager 8.0.6 TIBCO TIBCO iWay Service Manager 8.0.5Risk...
Django security bypass | CVE-2022-36359
NAME Django security bypass Platforms Affected:Django Django 3.2.14 Django Django 4.0.6Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Django could allow a remote attacker...
Cisco Small Business RV Series Routers command execution | CVE-2022-20827
NAME Cisco Small Business RV Series Routers command execution Platforms Affected:Cisco RV260 Series Routers Cisco RV160 Series Routers Cisco RV340...
