Daily Vulnerability Trends: Mon Sep 19 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-34728Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from...
Vulnerabilities
Huawei EMUI privilege escalation | CVE-2022-39007
NAME Huawei EMUI privilege escalation Platforms Affected:Huawei EMUI 12.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Huawei EMUI could allow a remote attacker to...
Huawei EMUI privilege escalation | CVE-2022-38999
NAME Huawei EMUI privilege escalation Platforms Affected:Huawei EMUI 12.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Huawei EMUI could allow a remote attacker to...
Aspire Software OASES (Open Aviation Strategic Engineering System) code execution | CVE-2022-40337
NAME Aspire Software OASES (Open Aviation Strategic Engineering System) code execution Platforms Affected:Aspire Software OASES 8.8.0.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Aspire...
Huawei EMUI security bypass | CVE-2022-39008
NAME Huawei EMUI security bypass Platforms Affected:Huawei EMUI 12.0.0Risk Level:9.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Huawei EMUI could allow a remote attacker to...
Huawei EMUI and Magic UI code execution | CVE-2022-39002
NAME Huawei EMUI and Magic UI code execution Platforms Affected:Huawei EMUI 10.1.1 Huawei EMUI 10.1.0 Huawei EMUI 10.0.0 Huawei Magic...
Huawei EMUI and Magic UI buffer overflow | CVE-2022-39003
NAME Huawei EMUI and Magic UI buffer overflow Platforms Affected:Huawei EMUI 10.1.1 Huawei EMUI 10.1.0 Huawei Magic UI 3.1.1 Huawei...
Open5GS denial of service | CVE-2022-39063
NAME Open5GS denial of service Platforms Affected:Open5GS Open5GS 2.4.9Risk Level:8.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION Open5GS is vulnerable to a denial of...
Daily Vulnerability Trends: Sun Sep 18 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2019-5418There is a File Content Disclosure vulnerability in Action View
Node.js testfromhere module code execution |
NAME Node.js testfromhere module code execution Platforms Affected:Node.js testfromhereRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js testfromhere module could allow a remote attacker...
Node.js ganache-cli-coverage module code execution |
NAME Node.js ganache-cli-coverage module code execution Platforms Affected:Node.js ganache-cli-coverageRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js ganache-cli-coverage module could allow a remote attacker...
Node.js jose-openid-client module code execution |
NAME Node.js jose-openid-client module code execution Platforms Affected:Node.js jose-openid-clientRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js jose-openid-client module could allow a remote attacker...
Node.js test_swarthy module code execution |
NAME Node.js test_swarthy module code execution Platforms Affected:Node.js test_swarthyRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js test_swarthy module could allow a remote attacker...
Node.js @elisaid/elisaid-js-client module code execution |
NAME Node.js @elisaid/elisaid-js-client module code execution Platforms Affected:Node.js @elisaid/elisaid-js-clientRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js @elisaid/elisaid-js-client module could allow a remote attacker...
Node.js angular-remove-diacritics module code execution |
NAME Node.js angular-remove-diacritics module code execution Platforms Affected:Node.js angular-remove-diacriticsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js angular-remove-diacritics module could allow a remote attacker...
Rdiffweb cross-site request forgery | CVE-2022-3221
NAME Rdiffweb cross-site request forgery Platforms Affected:rdiffweb rdiffweb 2.4.1 Rdiffweb Rdiffweb 2.4.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Rdiffweb is vulnerable to cross-site...
Daily Vulnerability Trends: Sat Sep 17 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-29021A buffer overflow vulnerability exists in the razerkbd driver of OpenRazer up...
D-Link DIR-2150 buffer overflow | CVE-2022-40718
NAME D-Link DIR-2150 buffer overflow Platforms Affected:D-Link DIR-2150Risk Level:8.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION D-Link DIR-2150 is vulnerable to a stack-based...
D-Link DIR-2150 command execution | CVE-2022-40719
NAME D-Link DIR-2150 command execution Platforms Affected:D-Link DIR-2150Risk Level:8.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION D-Link DIR-2150 could allow a remote attacker...
Bento4 code execution | CVE-2022-40737
NAME Bento4 code execution Platforms Affected:Bento4 Bento4 1.6.0-639Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Bento4 could allow a remote attacker to...
D-Link DIR-2150 command execution | CVE-2022-3210
NAME D-Link DIR-2150 command execution Platforms Affected:D-Link DIR-2150Risk Level:8.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION D-Link DIR-2150 could allow a remote attacker...
Node.js @iamexperiences/ecos-telemetry module code execution |
NAME Node.js @iamexperiences/ecos-telemetry module code execution Platforms Affected:Node.js @iamexperiences/ecos-telemetryRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js @iamexperiences/ecos-telemetry module could allow a remote attacker...
Node.js @iamexperiences/react-auth module code execution |
NAME Node.js @iamexperiences/react-auth module code execution Platforms Affected:Node.js @iamexperiences/react-authRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js @iamexperiences/react-auth module could allow a remote attacker...
GLPI SQL injection | CVE-2022-35947
NAME GLPI SQL injection Platforms Affected:GLPI GLPI 10.0.0 GLPI GLPI 9.1Risk Level:10Exploitability:HighConsequences:Data Manipulation DESCRIPTION GLPI is vulnerable to SQL injection....
