NAME Multiple PHP compatibility libraries code execution Platforms Affected:WordPress WassUp Real Time Analytics plugin for WordPress 1.9.4.5 Flexo CMS Flexo CMS 0.1.6Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Multiple PHP compatibility libraries could…
NAME NETGEAR R7000, NETGEAR R7000P, and NETGEAR R6900P code execution Platforms Affected:NETGEAR R7000P NETGEAR R7000 NETGEAR R6900PRisk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION An unspecified error in NETGEAR R7000, NETGEAR R7000P, and NETGEAR…
NAME NETGEAR R7000, NETGEAR R7000P, and NETGEAR R6900P code execution Platforms Affected:NETGEAR R7000P NETGEAR R7000 NETGEAR R6900PRisk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION An unspecified error in NETGEAR R7000, NETGEAR R7000P, and NETGEAR…
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-4034A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged…
NAME opensearch-project opensearch-ruby code execution Platforms Affected:opensearch-project opensearch-ruby 2.0.1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION opensearch-project opensearch-ruby could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an…
NAME Node.js parse-server module information disclosure Platforms Affected:Node.js parse-server 4.10.12 Node.js parse-server 5.2.3Risk Level:8.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Node.js parse-server module could allow a remote attacker to obtain sensitive information, caused by…
NAME NETGEAR R7000, NETGEAR R7000P, and NETGEAR R6900P code execution Platforms Affected:NETGEAR R7000P NETGEAR R7000 NETGEAR R6900PRisk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION An unspecified error in NETGEAR R7000, NETGEAR R7000P, and NETGEAR…
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-32532Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with `.` in…
NAME Node.js coil-metrics module code execution Platforms Affected:Node.js coil-metricsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js coil-metrics module allow a remote attacker to execute arbitrary code on the system, caused by embedded malicious…
NAME Node.js @radancy/dropr-clientOpen module code execution Platforms Affected:Node.js Node.js Node.js @radancy/dropr-clientRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js @radancy/dropr-clientOpen module could allow a remote attacker to execute arbitrary code on the system, caused…
NAME Node.js git-clone module code execution Platforms Affected:Node.js git-cloneRisk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js git-clone module could allow a remote attacker to execute arbitrary code on the system, caused by insecure…
NAME Node.js rv-modal-store module code execution Platforms Affected:Node.js rv-modal-storeRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js rv-modal-store module could allow a remote attacker to execute arbitrary code on the system, caused by embedded…
NAME Node.js separatecalculatingbinary module code execution Platforms Affected:Node.js separatecalculatingbinaryRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Nodejs separatecalculatingbinary module could allow a remote attacker to execute arbitrary code on the system, caused by embedded…
NAME Node.js horizon_dev module code execution Platforms Affected:Node.js horizon_devRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js horizon_dev module could allow a remote attacker to execute arbitrary code on the system, caused by embedded…
NAME Das U-Boot buffer overflow Platforms Affected:Das U-Boot 2022.07-rc5Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Das U-Boot is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by in the i2c…
NAME Node.js cleansheet module code execution Platforms Affected:Node.js cleansheetRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js cleansheet module could allow a remote attacker to execute arbitrary code on the system, caused by embedded…
NAME Node.js syndis-test module code execution Platforms Affected:Node.js syndis-testRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js syndis-test module could allow a remote attacker to execute arbitrary code on the system, caused by embedded…
NAME Node.js tomtom-rk module code execution Platforms Affected:Node.js tomtom-rkRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js tomtom-rk module could allow a remote attacker to execute arbitrary code on the system, caused by embedded…
NAME Node.js @pagetour/sdk module code execution Platforms Affected:Node.js @pagetour/sdkRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js @pagetour/sdk module could allow a remote attacker to execute arbitrary code on the system, caused by embedded…
NAME GLPI SQL injection Platforms Affected:GLPI GLPI 10.0.0Risk Level:10Exploitability:HighConsequences:Data Manipulation DESCRIPTION GLPI is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements using the _actor parameter in…
NAME GLPI SQL injection Platforms Affected:GLPI GLPI 9.5.7 GLPI GLPI 10.0.0Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION GLPI is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the…
NAME Node.js vazgarules module code execution Platforms Affected:Node.js vazgarulesRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js vazgarules module could allow a remote attacker to execute arbitrary code on the system, caused by embedded…
NAME Node.js sichain-api module code execution Platforms Affected:Node.js sichain-apiRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js sichain-api module could allow a remote attacker to execute arbitrary code on the system, caused by embedded…
NAME Robustel R1510 command execution Platforms Affected:Robustel R1510 3.3.0Risk Level:9.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Robustel R1510 could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a…
