Critical RCE flaws in PHP Everywhere WordPress plugin affect thousands of sites
WordPress plugin PHP Everywhere is affected by three critical issues that can be exploited to execute arbitrary code on affected...
Drupal security advisory-CVE-2020-13671
NAME Drupal - Drupal Platforms Affected:DrupalRisk Level:lowCVE Type:Unrestricted file upload DESCRIPTION CVE-2020-13671 is an unrestricted file upload vulnerability impacting Drupal...
Symfony Twig code execution | CVE-2022-23614
NAME Symfony Twig code execution Platforms Affected:Symfony Twig 2.0.0 Symfony Twig 2.14.10 Symfony Twig 3.3.7 Symfony Twig 3.0.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access...
Servisnet Tessa privilege escalaiton | CVE-2022-22832
NAME Servisnet Tessa privilege escalaiton Platforms Affected:Servisnet TessaRisk Level:8.8Exploitability:FunctionalConsequences:Gain Privileges DESCRIPTION Servisnet Tessa could allow a remote authenticated attacker to...
Link Plus one CSV+ cross-site scripting | CVE-2022-21241
NAME Link Plus one CSV+ cross-site scripting Platforms Affected:Link CSV+ by Plus oneRisk Level:7.8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Link Plus one CSV+...
Microsoft SharePoint Server spoofing | CVE-2022-21987
NAME Microsoft SharePoint Server spoofing Platforms Affected:Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 SP1 Microsoft SharePoint Server...
H.H.G Multistore cross-site scripting | CVE-2021-46447
NAME H.H.G Multistore cross-site scripting Platforms Affected:H.H.G Multistore 5.1.0Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION H.H.G Multistore is vulnerable to cross-site scripting, caused...
Mozilla Firefox code execution | CVE-2022-22755
NAME Mozilla Firefox code execution Platforms Affected:Mozilla Firefox 96Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Mozilla Firefox could allow a remote attacker to...
D-Link DIR-878 command execution | CVE-2021-44882
NAME D-Link DIR-878 command execution Platforms Affected:D-Link DIR-878 FW1.30B08_Hotfix_02Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION D-Link DIR-878 could allow a remote attacker to...
Mozilla Firefox code execution | CVE-2022-22764
NAME Mozilla Firefox code execution Platforms Affected:Mozilla Firefox 96 Mozilla Firefox ESR 91.5Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Mozilla Firefox could allow...
ELECOM LAN routers command execution | CVE-2022-21173
NAME ELECOM LAN routers command execution Platforms Affected:ELECOM LAN WRH-300BK3 1.05 ELECOM LAN WRH-300WH3 1.05 ELECOM LAN WRH-300BK3-S 1.05 ELECOM...
NATS nats-server privilege escalation | CVE-2022-24450
NAME NATS nats-server privilege escalation Platforms Affected:NATS nats-server 2.7.1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION NATS nats-server could allow a remote authenticated attacker...
Frourio-express for NPM code execution | CVE-2022-23624
NAME Frourio-express for NPM code execution Platforms Affected:Frourio Frourio-express 0.25.1Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Frourio-express for NPM could allow a remote...
Microsoft Dynamics GP code execution | CVE-2022-23274
NAME Microsoft Dynamics GP code execution Platforms Affected:Microsoft Dynamics GPRisk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Microsoft Dynamics GP could allow a remote...
Wing FTP Server code execution |
NAME Wing FTP Server code execution Platforms Affected:Wing FTP Server Wing FTP Server 4.3.8Risk Level:9.9Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Wing...
Frourio for NPM code execution | CVE-2022-23623
NAME Frourio for NPM code execution Platforms Affected:Frourio Frourio 0.25.1Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Frourio for NPM could allow a remote...
D-Link DIR-878 command execution | CVE-2021-44880
NAME D-Link DIR-878 command execution Platforms Affected:D-Link DIR-882 FW1.30B06_Hotfix_02 D-Link DIR-878 FW1.30B08_Hotfix_02Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION D-Link DIR-878 could allow a...
QEMU Monitor Human Monitor Interface (HMP) command execution |
NAME QEMU Monitor Human Monitor Interface (HMP) command execution Platforms Affected:QEMU QEMU 6.2.0Risk Level:9.8Exploitability:FunctionalConsequences:Gain Access DESCRIPTION QEMU could allow a...
PHP Everywhere plugin for WordPress code execution | CVE-2022-24665
NAME PHP Everywhere plugin for WordPress code execution Platforms Affected:WordPress PHP Everywhere plugin for WordPress 2.0.2 WordPress PHP Everywhere plugin...
Microsoft Visual Studio Code Remote Development Extension code execution | CVE-2022-21991
NAME Microsoft Visual Studio Code Remote Development Extension code execution Platforms Affected:Microsoft Visual Studio CodeRisk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Microsoft Visual...
SAP NetWeaver, SAP Content Server and SAP Web Dispatcher HTTP request smuggling | CVE-2022-22536
NAME SAP NetWeaver, SAP Content Server and SAP Web Dispatcher HTTP request smuggling Platforms Affected:SAP Web Dispatcher WEBDISP 7.53 SAP...
PHP Everywhere plugin for WordPress code execution | CVE-2022-24663
NAME PHP Everywhere plugin for WordPress code execution Platforms Affected:WordPress PHP Everywhere plugin for WordPress 2.0.2 WordPress PHP Everywhere plugin...
Mozilla Firefox code execution | CVE-2022-0511
NAME Mozilla Firefox code execution Platforms Affected:Mozilla Firefox 96Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Mozilla Firefox could allow a remote attacker to...
SAP NetWeaver Application Server Java HTTP Request Smuggling | CVE-2022-22532
NAME SAP NetWeaver Application Server Java HTTP Request Smuggling Platforms Affected:SAP NetWeaver Application Server Java KRNL64NUC 7.22 SAP NetWeaver Application...
