Apple fixed two new zero-day flaws exploited by threat actors
Apple addressed two zero-day vulnerabilities, exploited by threat actors, affecting iOS, iPadOS, and macOS devices. Apple this week released security updates for iOS,...
WWBN AVideo cross-site request forgery | CVE-2022-29468
NAME WWBN AVideo cross-site request forgery Platforms Affected:WWBN AVideo 11.6 WWBN AVideo dev master commit 3f7c0364Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION WWBN...
Softing Secure Integration Server default account | CVE-2022-2336
NAME Softing Secure Integration Server default account Platforms Affected:Softing Secure Integration Server 1.22Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Softing Secure Integration Server...
WWBN AVideo command execution | CVE-2022-30534
NAME WWBN AVideo command execution Platforms Affected:WWBN AVideo 11.6 WWBN AVideo dev master commit 3f7c0364Risk Level:9.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION WWBN AVideo...
Google Chrome Downloads buffer overflow | CVE-2022-2853
NAME Google Chrome Downloads buffer overflow Platforms Affected:Google Chrome 104.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome is vulnerable to a heap-based...
WWBN AVideo command execution | CVE-2022-32572
NAME WWBN AVideo command execution Platforms Affected:WWBN AVideo 11.6 WWBN AVideo dev master commit 3f7c0364Risk Level:9.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION WWBN AVideo...
TIBCO Statistica cross-site scripting | CVE-2022-30576
NAME TIBCO Statistica cross-site scripting Platforms Affected:TIBCO Statistica 14.0.0 TIBCO Statistica 14.0.0 Estore Edition TIBCO Statistica 14.0.0 Trial Edition TIBCO...
Sequi PortBloque S privilege escalation | CVE-2022-2661
NAME Sequi PortBloque S privilege escalation Platforms Affected:Sequi PortBloque SRisk Level:9.9Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Sequi PortBloque S could allow a remote...
WWBN AVideo objects/aVideoEncoder.json.php SQL injection | CVE-2022-33147
NAME WWBN AVideo objects/aVideoEncoder.json.php SQL injection Platforms Affected:WWBN AVideo 11.6 WWBN AVideo dev master commit 3f7c0364Risk Level:8.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION WWBN...
WWBN AVideo cloneServer.json.php SQL injection | CVE-2022-33149
NAME WWBN AVideo cloneServer.json.php SQL injection Platforms Affected:WWBN AVideo 11.6 WWBN AVideo dev master commit 3f7c0364Risk Level:8.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION WWBN...
Google Chrome Chrome OS Shell code execution | CVE-2022-2859
NAME Google Chrome Chrome OS Shell code execution Platforms Affected:Google Chrome 104.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a...
Google Chrome Blink code execution | CVE-2022-2857
NAME Google Chrome Blink code execution Platforms Affected:Google Chrome 104.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...
Apple iOS and iPadOS code execution | CVE-2022-32893
NAME Apple iOS and iPadOS code execution Platforms Affected:Apple macOS Monterey 12.5 Apple iOS 15.6 Apple iPadOS 15.6Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access...
Emerson Proficy Machine Edition directory traversal | CVE-2022-2788
NAME Emerson Proficy Machine Edition directory traversal Platforms Affected:Emerson Proficy Machine Edition 9.80Risk Level:9.3Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION Emerson Proficy Machine Edition...
WWBN AVideo privilege escalation | CVE-2022-30605
NAME WWBN AVideo privilege escalation Platforms Affected:WWBN AVideo 11.6 WWBN AVideo dev master commit 3f7c0364Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION WWBN AVideo...
WWBN AVideo cross-site scripting | CVE-2022-26842
NAME WWBN AVideo cross-site scripting Platforms Affected:WWBN AVideo 11.6 WWBN AVideo dev master commit 3f7c0364Risk Level:9.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION WWBN AVideo...
PortBloque S security bypass | CVE-2022-2662
NAME PortBloque S security bypass Platforms Affected:Sequi PortBloque SRisk Level:9.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION PortBloque S could allow a remote attacker to...
Google Chrome Sign-In Flow code execution | CVE-2022-2858
NAME Google Chrome Sign-In Flow code execution Platforms Affected:Google Chrome 104.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote...
Google Chrome FedCM code execution | CVE-2022-2852
NAME Google Chrome FedCM code execution Platforms Affected:Google Chrome 104.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...
Google Chrome SwiftShader code execution | CVE-2022-2854
NAME Google Chrome SwiftShader code execution Platforms Affected:Google Chrome 104.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...
WWBN AVideo add.json.php SQL injection | CVE-2022-33148
NAME WWBN AVideo add.json.php SQL injection Platforms Affected:WWBN AVideo 11.6 WWBN AVideo dev master commit 3f7c0364Risk Level:8.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION WWBN...
Google Chrome ANGLE code execution | CVE-2022-2855
NAME Google Chrome ANGLE code execution Platforms Affected:Google Chrome 104.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...
PoC exploit code for critical Realtek RCE flaw released online
Exploit code for a critical vulnerability affecting networking devices using Realtek RTL819x system on a chip released online. The PoC...
Daily Vulnerability Trends: Thu Aug 18 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-37393Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary...
