Daily Vulnerability Trends: Sat Apr 08 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-28205 No description provided CVE-2021-44228Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases...
Vulnerabilities
D-Link DIR-882 information disclosure | CVE-2023-26925
NAME__________D-Link DIR-882 information disclosurePlatforms Affected:Risk Level:5.3Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________D-Link DIR-882 could allow a remote attacker to obtain sensitive information,...
MediaWiki denial of service | CVE-2023-29141
NAME__________MediaWiki denial of servicePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________MediaWiki is vulnerable to a denial of service, caused by an auto-block...
GrowthExperiments extension for MediaWiki information disclosure | CVE-2023-29137
NAME__________GrowthExperiments extension for MediaWiki information disclosurePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________GrowthExperiments extension for MediaWiki could allow a remote attacker to obtain...
GrowthExperiments extension for MediaWiki information disclosure | CVE-2023-29140
NAME__________GrowthExperiments extension for MediaWiki information disclosurePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________GrowthExperiments extension for MediaWiki could allow a remote attacker to obtain...
CheckUser extension for MediaWiki denial of service | CVE-2023-29139
NAME__________CheckUser extension for MediaWiki denial of servicePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________CheckUser extension for MediaWiki is vulnerable to a denial...
Team Heateor WordPress Social Comments Plugin for WordPress cross-site scripting | CVE-2023-23977
NAME__________Team Heateor WordPress Social Comments Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Team Heateor WordPress Social Comments Plugin Plugin for WordPress...
WP Google Map Plugin for WordPress cross-site scripting | CVE-2023-23978
NAME__________WP Google Map Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WordPress Plugin for Google Maps 4.3.9Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________WP Google Map...
Qualcomm Chipsets information disclosure | CVE-2022-25731
NAME__________Qualcomm Chipsets information disclosurePlatforms Affected:Qualcomm ChipsetsRisk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Qualcomm Chipsets could allow a remote attacker to obtain sensitive information, caused...
Qualcomm Chipsets denial of service | CVE-2022-33270
NAME__________Qualcomm Chipsets denial of servicePlatforms Affected:Qualcomm ChipsetsRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Qualcomm Chipsets is vulnerable to a denial of service, caused...
Quectel AG550QCN command execution | CVE-2023-26921
NAME__________Quectel AG550QCN command executionPlatforms Affected:Risk Level:7.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Quectel AG550QCN could allow a remote attacker to execute arbitrary commands...
Qualcomm Chipsets denial of service | CVE-2022-25739
NAME__________Qualcomm Chipsets denial of servicePlatforms Affected:Qualcomm ChipsetsRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Qualcomm Chipsets is vulnerable to a denial of service, caused...
Bigfork Silverstripe Form Capture cross-site scripting | CVE-2023-28851
NAME__________Bigfork Silverstripe Form Capture cross-site scriptingPlatforms Affected:Bigfork Silverstripe Form Capture 0.2.0 Bigfork Silverstripe Form Capture 0.2.3 Bigfork Silverstripe Form Capture...
Qualcomm Chipsets denial of service | CVE-2022-33223
NAME__________Qualcomm Chipsets denial of servicePlatforms Affected:Qualcomm ChipsetsRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Qualcomm Chipsets is vulnerable to a denial of service, caused...
Pimcore Perspective Editor cross-site scripting | CVE-2023-28850
NAME__________Pimcore Perspective Editor cross-site scriptingPlatforms Affected:Pimcore Perspective Editor 1.5.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Pimcore Perspective Editor is vulnerable to cross-site scripting, caused...
Qualcomm Chipsets information disclosure | CVE-2022-25737
NAME__________Qualcomm Chipsets information disclosurePlatforms Affected:Qualcomm ChipsetsRisk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Qualcomm Chipsets could allow a remote attacker to obtain sensitive information, caused...
Nextcloud products security bypass | CVE-2023-28999
NAME__________Nextcloud products security bypassPlatforms Affected:Risk Level:6.9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Nextcloud products could allow a physically proximate authenticated attacker to bypass security restrictions,...
Nextcloud Desktop Client security bypass | CVE-2023-28997
NAME__________Nextcloud Desktop Client security bypassPlatforms Affected:Risk Level:6.7Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Nextcloud Desktop Client could allow a physically proximate authenticated attacker to bypass...
Nextcloud Desktop Client security bypass | CVE-2023-29000
NAME__________Nextcloud Desktop Client security bypassPlatforms Affected:Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Nextcloud Desktop Client could allow a remote attacker to bypass security restrictions,...
Dell Display Manager file deletion | CVE-2023-28046
NAME__________Dell Display Manager file deletionPlatforms Affected:Dell Display Manager 2.1.0Risk Level:6.5Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________Dell Display Manager could allow a remote attacker to...
Image Hover Effects For WPBakery Page Builder Plugin for WordPress cross-site scripting | CVE-2023-23681
NAME__________Image Hover Effects For WPBakery Page Builder Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Image Hover Effects For WPBakery Page Builder...
Interactive Polish Map Plugin for WordPress cross-site scripting | CVE-2023-23821
NAME__________Interactive Polish Map Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Interactive Polish Map Plugin for WordPress 1.2Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Interactive Polish...
Responsive Vertical Icon Menu Plugin for WordPress cross-site scripting | CVE-2023-23870
NAME__________Responsive Vertical Icon Menu Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Responsive Vertical Icon Menu Plugin for WordPress 1.5.8Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting...
Mastodon information disclosure | CVE-2023-28853
NAME__________Mastodon information disclosurePlatforms Affected:Mastodon Mastodon 3.5.7 Mastodon Mastodon 4.0.3 Mastodon Mastodon 4.1.1Risk Level:7.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Mastodon could allow a remote authenticated...
