Daily Vulnerability Trends: Sat Aug 27 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-31676VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability....
Vulnerabilities
Moveable Type, Moveable Type Premium, and Moveable Type Advanced command execution | CVE-2022-38078
NAME Moveable Type, Moveable Type Premium, and Moveable Type Advanced command execution Platforms Affected:Six Apart Moveable Type 7.1.4 Six Apart...
Apache Hadoop command execution | CVE-2021-25642
NAME Apache Hadoop command execution Platforms Affected:Apache Hadoop 3.0.0-alpha Apache Hadoop 2.9.0 Apache Hadoop 2.10.1 Apache Hadoop 3.3.0 Apache Hadoop...
Exment SQL Injection | CVE-2022-37333
NAME Exment SQL Injection Platforms Affected:Exment Exment 5.0.2Risk Level:8.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Exment is vulnerable to SQL injection. A remote attacker...
Elasticsearch Elastic Cloud Enterprise information disclosure | CVE-2022-23715
NAME Elasticsearch Elastic Cloud Enterprise information disclosure Platforms Affected:Elasticsearch Elastic Cloud Enterprise 3.3.0Risk Level:8.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Elasticsearch Elastic Cloud Enterprise...
UNIMO UDR-JA1004, UNIMO UDR-JA1008, and UNIMO UDR-JA1016 command execution | CVE-2022-35733
NAME UNIMO UDR-JA1004, UNIMO UDR-JA1008, and UNIMO UDR-JA1016 command execution Platforms Affected:UNIMO UDR-JA1004 1.0.20.13 UNIMO UDR-JA1008 1.0.20.13 UNIMO UDR-JA1016 1.0.20.13...
Daily Vulnerability Trends: Fri Aug 26 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-27925Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives...
UNIMO UDR-JA1004, UNIMO UDR-JA1008, and UNIMO UDR-JA1016 command execution | CVE-2022-35733
NAME UNIMO UDR-JA1004, UNIMO UDR-JA1008, and UNIMO UDR-JA1016 command execution Platforms Affected:UNIMO UDR-JA1004 1.0.20.13 UNIMO UDR-JA1008 1.0.20.13 UNIMO UDR-JA1016 1.0.20.13...
Node.js ing-feat-cookie-preference module code execution |
NAME Node.js ing-feat-cookie-preference module code execution Platforms Affected:Node.js ing-feat-cookie-preferenceRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js ing-feat-cookie-preference module could allow a remote attacker...
Cisco ACI Multi-Site Orchestrator (MSO) privilege escalation | CVE-2022-20921
NAME Cisco ACI Multi-Site Orchestrator (MSO) privilege escalation Platforms Affected:Cisco ACI Multi-Site Orchestrator (MSO) 3.0 Cisco ACI Multi-Site Orchestrator (MSO)...
Node.js usaa-mocks-proxy module code execution |
NAME Node.js usaa-mocks-proxy module code execution Platforms Affected:Node.js usaa-mocks-proxyRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js usaa-mocks-proxy module could allow a remote attacker...
Node.js fasly-audit-purge module code execution |
NAME Node.js fasly-audit-purge module code execution Platforms Affected:Node.js fasly-audit-purgeRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js fasly-audit-purge module could allow a remote attacker...
Node.js lusha-ui-components-v2 module code execution |
NAME Node.js lusha-ui-components-v2 module code execution Platforms Affected:Node.js lusha-ui-components-v2Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js lusha-ui-components-v2 module could allow a remote attacker...
Delta Industrial Automation DIALink information disclosure | CVE-2022-2660
NAME Delta Industrial Automation DIALink information disclosure Platforms Affected:Delta Industrial Automation DIALink 1.4.0.0 Delta Industrial Automation DIALink 1.3.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Obtain Information...
TRENDnet TV-IP572PI default account | CVE-2022-35203
NAME TRENDnet TV-IP572PI default account Platforms Affected:TRENDnet TV-IP572PI 1.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION TRENDnet TV-IP572PI contains default credentials. A remote attacker...
Cisco FXOS and NX-OS Software buffer overflow | CVE-2022-20824
NAME Cisco FXOS and NX-OS Software buffer overflow Platforms Affected:Cisco Nexus 3000 Series Switches Cisco MDS 9000 Series Multilayer Switches...
mySCADA myPRO command execution | CVE-2022-2234
NAME mySCADA myPRO command execution Platforms Affected:mySCADA myPRO 7.0.26 mySCADA myPRO 8.19.0 mySCADA myPRO 8.18.0 mySCADA myPRO 8.17.0 mySCADA myPRO...
Node.js git-repo-manager module code execution |
NAME Node.js git-repo-manager module code execution Platforms Affected:Node.js git-repo-managerRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js git-repo-manager module could allow a remote attacker...
Cisco NX-OS Software denial of service | CVE-2022-20823
NAME Cisco NX-OS Software denial of service Platforms Affected:Cisco Nexus 3000 Series Switches Cisco Nexus 6000 Series Switches Cisco Nexus...
Node.js ing-lib-ow module code execution |
NAME Node.js ing-lib-ow module code execution Platforms Affected:Node.js ing-lib-owRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js ing-lib-ow module could allow a remote attacker...
Node.js rmesse-utils module code execution |
NAME Node.js rmesse-utils module code execution Platforms Affected:Node.js rmesse-utilsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js rmesse-utils module could allow a remote attacker...
Daily Vulnerability Trends: Thu Aug 25 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-2841A vulnerability was found in CrowdStrike Falcon 6.31.14505.0/6.42.15610. It has been classified...
Node.js optional-dep-wont-be-found code execution |
NAME Node.js optional-dep-wont-be-found code execution Platforms Affected:Node.js optional-dep-wont-be-foundRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js optional-dep-wont-be-found could allow a remote attacker to execute...
Node.js bi-client-sdk module code execution |
NAME Node.js bi-client-sdk module code execution Platforms Affected:Node.js bi-client-sdkRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js bi-client-sdk module could allow a remote attacker...
