InfoSec News & Tutorials
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-3496A vulnerability was found in SourceCodester Human Resource Management System 1.0 and classified as critical. This issue affects some unknown processing of…
NAME ZTE PON OLT denial of service Platforms Affected:ZTE ZXA10 C3XXRisk Level:9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION ZTE PON OLT is could allow a remote attacker to bypass security restrictions, caused by improper…
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-3602A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain…
NAME XWiki cross-site request forgery Platforms Affected:XWiki XWiki Platform 14.4.1 XWiki XWiki Platform 13.10.6Risk Level:9.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION XWiki is vulnerable to cross-site request forgery, caused by improper validation of user…
NAME ChurchInfo CartView.php file upload Platforms Affected:ChurchInfo ChurchInfo 1.2.13 ChurchInfo ChurchInfo 1.3.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION ChurchInfo could allow a remote authetnicated attacker to upload arbitrary files, caused by the improper…
NAME XWiki security bypass Platforms Affected:XWiki XWiki Platform 14.6 XWiki XWiki Platform 13.10.8Risk Level:9.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION XWiki could allow a remote authenticated attacker to bypass security restrictions, caused by missing…
NAME XWiki code execution Platforms Affected:XWiki XWiki Platform 14.4.1 XWiki XWiki Platform 13.10.6Risk Level:9.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION XWiki ccould allow a remote authenticated attacker to execute arbitrary code on the system,…
NAME XWiki code execution Platforms Affected:XWiki XWiki Platform 14.6 XWiki XWiki Platform 13.10.8Risk Level:9.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION XWiki ccould allow a remote authenticated attacker to execute arbitrary code on the system,…
NAME XWiki code execution Platforms Affected:XWiki XWiki Platform 14.4.1 XWiki XWiki Platform 13.10.6Risk Level:9.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION XWiki ccould allow a remote authenticated attacker to execute arbitrary code on the system,…
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-41082Microsoft Exchange Server Remote Code Execution Vulnerability.CVE-2021-3362 No description provided CVE-2018-8174A remote code execution vulnerability exists in the way that the VBScript…
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices are vulnerable to cross-site request forgery, caused by improper validation…
NAME RubyGems cgi gem HTTP response splitting Platforms Affected:RubyGems cgi gem 0.1.0 RubyGems cgi gem 0.1.0.1 RubyGems cgi gem 0.1.1 RubyGems cgi gem 0.2.1 RubyGems cgi gem 0.3.3Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access…
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices are vulnerable to cross-site request forgery, caused by improper validation…
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices are vulnerable to cross-site request forgery, caused by improper validation…
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices are vulnerable to cross-site request forgery, caused by improper validation…
NAME Optilink Networks OP-XT71000N devices command execution Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices could allow a remote attacker to execute arbitrary commands on the…
NAME Apache Airflow Pig Provider and Apache Airflow command execution Platforms Affected:Apache Airflow 2.2.5 Apache Airflow Pig Provider 3.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache Airflow Pig Provider and Apache Airflow could…
NAME Apache Airflow Pinot Provider and Apache Airflow command execution Platforms Affected:Apache Airflow 2.2.5 Apache Airflow Pinot Provider 3.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache Airflow Pinot Provider and Apache Airflow could…
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices are vulnerable to cross-site request forgery, caused by improper validation…
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices are vulnerable to cross-site request forgery, caused by improper validation…
NAME Zyxel LTE3301-M209 security bypass Platforms Affected:Zyxel LTE3301-M209 1.00Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Zyxel LTE3301-M209 could allow a remote attacker to bypass security restrictions. By using an improper pre-configured password if…
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices are vulnerable to cross-site request forgery, caused by improper validation…
NAME Apache Airflow Hive Provider and Apache Airflow command execution Platforms Affected:Apache Airflow 2.2.5 Apache Airflow Hive Provider 4.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache Airflow Hive Provider and Apache Airflow could…
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices are vulnerable to cross-site request forgery, caused by improper validation…