Daily Vulnerability Trends: Thu Nov 24 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-41049Windows Mark of the Web Security Feature Bypass Vulnerability. This CVE ID...
Vulnerabilities
wpForo Forum plugin for WordPress cross-site request forgery | CVE-2022-40192
NAME wpForo Forum plugin for WordPress cross-site request forgery Platforms Affected:WordPress wpForo Forum plugin for WordPress 2.0.9Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION...
MyBB cross-site scripting | CVE-2022-43707
NAME MyBB cross-site scripting Platforms Affected:Risk Level:9.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION MyBB is vulnerable to cross-site scripting, caused by improper validation of...
Daily Vulnerability Trends: Wed Nov 23 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-45461The Java Admin Console in Veritas NetBackup through 10.1 and related Veritas...
Daily Vulnerability Trends: Tue Nov 22 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-44228Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1)...
Daily Vulnerability Trends: Mon Nov 21 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-41622 No description provided CVE-2022-20867A vulnerability in web-based management interface of the...
Daily Vulnerability Trends: Sun Nov 20 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-1388On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to...
Daily Vulnerability Trends: Sat Nov 19 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-20867A vulnerability in web-based management interface of the of Cisco Email Security...
BACKCLICK Professional session hijacking | CVE-2022-44007
NAME BACKCLICK Professional session hijacking Platforms Affected:Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION BACKCLICK Professional could allow a remote attacker to hijack a...
BACKCLICK Professional information disclosure | CVE-2022-44004
NAME BACKCLICK Professional information disclosure Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION BACKCLICK Professional could allow a remote attacker to bypass security...
BACKCLICK Professional command execution | CVE-2022-44000
NAME BACKCLICK Professional command execution Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION BACKCLICK Professional could allow a remote attacker to execute arbitrary...
BACKCLICK Professional command execution | CVE-2022-43999
NAME BACKCLICK Professional command execution Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION BACKCLICK Professional could allow a remote attacker to execute arbitrary...
Daily Vulnerability Trends: Fri Nov 18 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2019-5482Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to...
Apache SOAP code execution | CVE-2022-45378
NAME Apache SOAP code execution Platforms Affected:Apache SOAPRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache SOAP could allow a remote attacker to execute...
Jenkins Associated Files Plugin cross-site scripting | CVE-2022-45401
NAME Jenkins Associated Files Plugin cross-site scripting Platforms Affected:Jenkins Associated Files Plugin 0.2.1Risk Level:8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION Jenkins Associated Files Plugin...
Mozilla Firefox spoofing | CVE-2022-45420
NAME Mozilla Firefox spoofing Platforms Affected:Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Mozilla Firefox could allow a remote attacker to conduct spoofing attacks,...
Mozilla Firefox spoofing | CVE-2022-45418
NAME Mozilla Firefox spoofing Platforms Affected:Mozilla Firefox 106Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Mozilla Firefox could allow a remote attacker to conduct...
Jenkins JUnit Plugin cross-site scripting | CVE-2022-45380
NAME Jenkins JUnit Plugin cross-site scripting Platforms Affected:Jenkins JUnit Plugin 1159.v0b_396e1e07ddRisk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins JUnit Plugin is vulnerable to...
Apache Airflow command execution | CVE-2022-40127
NAME Apache Airflow command execution Platforms Affected:Apache Airflow 2.3.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache Airflow could allow a remote authenticated attacker...
Wasmtime information disclosure | CVE-2022-39393
NAME Wasmtime information disclosure Platforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Wasmtime could allow a remote attacker to obtain sensitive information, caused...
Mozilla Firefox spoofing | CVE-2022-45408
NAME Mozilla Firefox spoofing Platforms Affected:Mozilla Firefox 106Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Mozilla Firefox could allow a remote attacker to conduct...
Mozilla Firefox and Firefox ESR code execution | CVE-2022-45421
NAME Mozilla Firefox and Firefox ESR code execution Platforms Affected:Mozilla Firefox 106 Mozilla Firefox ESR 102.4Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Mozilla...
Mozilla Firefox and Firefox ESR code execution | CVE-2022-45412
NAME Mozilla Firefox and Firefox ESR code execution Platforms Affected:Mozilla Firefox 106Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Mozilla Firefox and Firefox ESR...
Mozilla Firefox spoofing | CVE-2022-45404
NAME Mozilla Firefox spoofing Platforms Affected:Mozilla Firefox 106Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Mozilla Firefox could allow a remote attacker to conduct...
