Daily Vulnerability Trends: Sat Oct 01 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-31813Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers...
CVE
Carlo Gavazzi UWP and CPY Car Park Server cross-site scripting | CVE-2022-28816
NAME Carlo Gavazzi UWP and CPY Car Park Server cross-site scripting Platforms Affected:Carlo Gavazzi UWP 3.0 Carlo Gavazzi CPY Car...
Carlo Gavazzi UWP and CPY Car Park Server security bypass | CVE-2022-22526
NAME Carlo Gavazzi UWP and CPY Car Park Server security bypass Platforms Affected:Carlo Gavazzi UWP 3.0 Carlo Gavazzi CPY Car...
Advantech iView SQL injection | CVE-2022-3323
NAME Advantech iView SQL injection Platforms Affected:Advantech iView 5.7.04.6469Risk Level:9.8Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION Advantech iView is vulnerable to SQL injection. A...
Carlo Gavazzi UWP and CPY Car Park Server default account | CVE-2022-22522
NAME Carlo Gavazzi UWP and CPY Car Park Server default account Platforms Affected:Carlo Gavazzi UWP 3.0 Carlo Gavazzi CPY Car...
Carlo Gavazzi UWP and CPY Car Park Server SQL Injection | CVE-2022-22524
NAME Carlo Gavazzi UWP and CPY Car Park Server SQL Injection Platforms Affected:Carlo Gavazzi UWP 3.0 Carlo Gavazzi CPY Car...
Carlo Gavazzi UWP and CPY Car Park Server command execution | CVE-2022-28811
NAME Carlo Gavazzi UWP and CPY Car Park Server command execution Platforms Affected:Carlo Gavazzi UWP 3.0 Carlo Gavazzi CPY Car...
Vim buffer overflow | CVE-2022-3324
NAME Vim buffer overflow Platforms Affected:Vim Vim 9.0.0597Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Vim is vulnerable to a stack-based buffer...
Carlo Gavazzi UWP and CPY Car Park Server SQL Injection | CVE-2022-28813
NAME Carlo Gavazzi UWP and CPY Car Park Server SQL Injection Platforms Affected:Carlo Gavazzi UWP 3.0 Carlo Gavazzi CPY Car...
Carlo Gavazzi UWP and CPY Car Park Server default account | CVE-2022-28812
NAME Carlo Gavazzi UWP and CPY Car Park Server default account Platforms Affected:Carlo Gavazzi UWP 3.0 Carlo Gavazzi CPY Car...
Carlo Gavazzi UWP and CPY Car Park Server directory traversal | CVE-2022-28814
NAME Carlo Gavazzi UWP and CPY Car Park Server directory traversal Platforms Affected:Carlo Gavazzi UWP 3.0 Carlo Gavazzi CPY Car...
Matrix Android SDK2 security bypass | CVE-2022-39248
NAME Matrix Android SDK2 security bypass Platforms Affected:matrix.org Matrix Android SDK2 1.4.36Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Matrix Android SDK2 could allow...
matrix-sdk-crypto security bypass | CVE-2022-39252
NAME matrix-sdk-crypto security bypass Platforms Affected:matrix.org matrix-sdk-crypto 0.5Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION matrix-sdk-crypto could allow a remote attacker to bypass security...
Matrix Android SDK2 security bypass | CVE-2022-39246
NAME Matrix Android SDK2 security bypass Platforms Affected:matrix.org Matrix Android SDK2 1.4.36Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Matrix Android SDK2 could allow...
matrix-js-sdk security bypass | CVE-2022-39250
NAME matrix-js-sdk security bypass Platforms Affected:matrix.org Matrix Javascript SDK 19.6.0Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION matrix-js-sdk could allow a remote attacker to...
TP-Link Archer AX10 code execution | CVE-2022-40486
NAME TP-Link Archer AX10 code execution Platforms Affected:TP-Link Archer AX10 firmware 1.3.1 Build 20220401 Rel. 57450(5553)Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION TP-Link...
matrix-ios-sdk security bypass | CVE-2022-39255
NAME matrix-ios-sdk security bypass Platforms Affected:matrix.org matrix-ios-sdk 0.23.18Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION matrix-ios-sdk could allow a remote attacker to bypass security...
Matrix Javascript SDK security bypass | CVE-2022-39251
NAME Matrix Javascript SDK security bypass Platforms Affected:matrix.org Matrix Javascript SDK 19.6.0Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Matrix Javascript SDK could allow...
matrix-nio security bypass | CVE-2022-39254
NAME matrix-nio security bypass Platforms Affected:matrix.org matrix-nio 0.19Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION matrix-nio could allow a remote attacker to bypass security...
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Mobility denial of service | CVE-2022-20856
NAME Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Mobility denial of service Platforms Affected:Cisco Catalyst...
Daily Vulnerability Trends: Fri Sep 30 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-30075In TP-Link Router AX50 firmware 210730 and older, import of a malicious...
Cisco IOS XE Wireless Controller Software denial of service | CVE-2022-20847
NAME Cisco IOS XE Wireless Controller Software denial of service Platforms Affected:Cisco IOS XE Wireless Controller SoftwareRisk Level:8.6Exploitability:UnprovenConsequences:Denial of Service...
Online Diagnostic Lab Management System SQL injection |
NAME Online Diagnostic Lab Management System SQL injection Platforms Affected:Sourcecodester Online Diagnostic Lab Management System 1.0Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Online...
Orckestra C1 CMS code execution | CVE-2022-39256
NAME Orckestra C1 CMS code execution Platforms Affected:Orckestra C1 CMS 6.12Risk Level:9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Orckestra C1 CMS could allow a...
