Microsoft Windows ODBC Driver code execution | CVE-2023-21732
NAME__________Microsoft Windows ODBC Driver code executionPlatforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1 x64 Microsoft Windows Server 2012...
Vulnerabilities
Microsoft Exchange Server spoofing | CVE-2023-21762
NAME__________Microsoft Exchange Server spoofingPlatforms Affected:Microsoft Exchange Server 2013 CU23 Microsoft Exchange Server 2016 CU22 Microsoft Exchange Server 2019 CU11 Microsoft...
Microsoft Windows LDAP code execution | CVE-2023-21676
NAME__________Microsoft Windows LDAP code executionPlatforms Affected:Microsoft Windows Server 2019 Microsoft Windows 10 1809 for x64-based Systems Microsoft Windows 10 1809...
SAP Business Planning and Consolidation MS SQL injection | CVE-2023-0016
NAME__________SAP Business Planning and Consolidation MS SQL injectionPlatforms Affected:SAP Business Planning and Consolidation MS 10.0Risk Level:9.9Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________SAP Business Planning...
Microsoft Windows Workstation Service privilege escalation | CVE-2023-21549
NAME__________Microsoft Windows Workstation Service privilege escalationPlatforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows Server 2012 Microsoft Windows 8.1 x64 Microsoft...
Google Chrome buffer overflow | CVE-2023-0137
NAME__________Google Chrome buffer overflowPlatforms Affected:Google Chrome 109.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Google Chrome is vulnerable to a heap-based buffer overflow, caused by...
Siemens Mendix SAML Module cross-site scripting | CVE-2022-46823
NAME__________Siemens Mendix SAML Module cross-site scriptingPlatforms Affected:Risk Level:9.3Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Siemens Mendix SAML Module is vulnerable to cross-site scripting. A remote...
Microsoft Windows Cryptographic Services privilege escalation | CVE-2023-21561
NAME__________Microsoft Windows Cryptographic Services privilege escalationPlatforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1 x64 Microsoft Windows Server 2012...
Siemens SINEC INS directory traversal | CVE-2022-45092
NAME__________Siemens SINEC INS directory traversalPlatforms Affected:Risk Level:9.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Siemens SINEC INS could allow a remote authenticated attacker to traverse directories...
Microsoft SharePoint Server code execution | CVE-2023-21742
NAME__________Microsoft SharePoint Server code executionPlatforms Affected:Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 SP1 Microsoft SharePoint Server 2019...
Microsoft Windows Layer 2 Tunneling Protocol (L2TP) code execution | CVE-2023-21543
NAME__________Microsoft Windows Layer 2 Tunneling Protocol (L2TP) code executionPlatforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1 x64 Microsoft...
Google Chrome code execution | CVE-2023-0135
NAME__________Google Chrome code executionPlatforms Affected:Google Chrome 109.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Google Chrome could allow a remote attacker to execute arbitrary code...
Microsoft Windows Layer 2 Tunneling Protocol (L2TP) code execution | CVE-2023-21679
NAME__________Microsoft Windows Layer 2 Tunneling Protocol (L2TP) code executionPlatforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1 x64 Microsoft...
Microsoft Windows Secure Socket Tunneling Protocol (SSTP) code execution | CVE-2023-21548
NAME__________Microsoft Windows Secure Socket Tunneling Protocol (SSTP) code executionPlatforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1 x64 Microsoft...
Microsoft Windows WDAC OLE DB provider for SQL Server code execution | CVE-2023-21681
NAME__________Microsoft Windows WDAC OLE DB provider for SQL Server code executionPlatforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1...
Microsoft Windows Advanced Local Procedure Call (ALPC) privilege escalation | CVE-2023-21674
NAME__________Microsoft Windows Advanced Local Procedure Call (ALPC) privilege escalationPlatforms Affected:Microsoft Windows 8.1 x32 Microsoft Windows 8.1 x64 Microsoft Windows Server...
Google Chrome buffer overflow | CVE-2023-0129
NAME__________Google Chrome buffer overflowPlatforms Affected:Google Chrome 109.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Google Chrome is vulnerable to a heap-based buffer overflow, caused by...
Microsoft Windows Secure Socket Tunneling Protocol (SSTP) code execution | CVE-2023-21535
NAME__________Microsoft Windows Secure Socket Tunneling Protocol (SSTP) code executionPlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows 8.1 x32 Microsoft Windows 8.1...
Google Chrome code execution | CVE-2023-0128
NAME__________Google Chrome code executionPlatforms Affected:Google Chrome 109.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Google Chrome could allow a remote attacker to execute arbitrary code...
Daily Vulnerability Trends: Wed Jan 11 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-41080Microsoft Exchange Server Elevation of Privilege Vulnerability. This CVE ID is unique...
Node.js sanitize-svg module cross-site scripting | CVE-2023-22461
NAME__________Node.js sanitize-svg module cross-site scriptingPlatforms Affected:Risk Level:7.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Node.js sanitize-svg module is vulnerable to cross-site scripting, caused by improper validation...
Qualcomm Chipsets code execution | CVE-2022-25746
NAME__________Qualcomm Chipsets code executionPlatforms Affected:Qualcomm ChipsetsRisk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Qualcomm Chipsets could allow a local authenticated attacker to execute arbitrary code...
CKEditor Integration UI cross-site request forgery | CVE-2023-22457
NAME__________CKEditor Integration UI cross-site request forgeryPlatforms Affected:Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________CKEditor Integration UI is vulnerable to cross-site request forgery, caused by...
Feathers js code execution | CVE-2022-29823
NAME__________Feathers js code executionPlatforms Affected:Feathers.js Feathers.jsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Feathers js could allow a remote attacker to execute arbitrary code on...
