Daily Vulnerability Trends: Thu Jun 23 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2019-13382UploaderService in SnagIT 2019.1.2 allows elevation of privilege by placing an invalid...
CVE
DFSCoerce, a new NTLM relay attack, can take control over a Windows domain
A researcher has published a Proof-of-Concept (PoC) for an NTLM relay attack dubbed DFSCoerce. The method leverages the Distributed File...
Google Chrome WebApp Provider code execution | CVE-2022-2161
NAME Google Chrome WebApp Provider code execution Platforms Affected:Google Chrome 103Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote...
Google Chrome Interest groups code execution | CVE-2022-2157
NAME Google Chrome Interest groups code execution Platforms Affected:Google Chrome 103Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote...
Vim code execution | CVE-2022-2126
NAME Vim code execution Platforms Affected:Vim Vim 8.2.5122Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Vim could allow a remote attacker to...
AtlasVPN privilege escalation | CVE-2022-23171
NAME AtlasVPN privilege escalation Platforms Affected:AtlasVPN AtlasVPN 2.4Risk Level:8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION AtlasVPN could allow a remote authenticated attacker to gain...
Node.js sequelize module SQL injection |
NAME Node.js sequelize module SQL injection Platforms Affected:Node.js sequelize 6.19.0Risk Level:9.4Exploitability:HighConsequences:Data Manipulation DESCRIPTION Node.js sequelize module is vulnerable to SQL...
SMA Technologies OpCon UNIX agent security bypass | US-CERT VU#142546
NAME SMA Technologies OpCon UNIX agent security bypass Platforms Affected:SMA Technologies OpCon UNIX agentRisk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION SMA Technologies OpCon...
Red Hat AMQ Broker Operator privilege escalation | CVE-2022-1833
NAME Red Hat AMQ Broker Operator privilege escalation Platforms Affected:Red Hat AMQ Broker Operator 7.9.4Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Red Hat...
Google Chrome V8 code execution | CVE-2022-2158
NAME Google Chrome V8 code execution Platforms Affected:Google Chrome 103Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...
Google Chrome Base code execution | CVE-2022-2156
NAME Google Chrome Base code execution Platforms Affected:Google Chrome 103Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...
Google Chrome Cast UI and Toolbar code execution | CVE-2022-2163
NAME Google Chrome Cast UI and Toolbar code execution Platforms Affected:Google Chrome 103Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow...
Vim code execution | CVE-2022-2124
NAME Vim code execution Platforms Affected:Vim Vim 8.2.5119Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Vim could allow a remote attacker to...
Vim buffer overflow | CVE-2022-2125
NAME Vim buffer overflow Platforms Affected:Vim Vim 8.2.5121Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Vim is vulnerable to a heap-based buffer...
Vim code execution | CVE-2022-2129
NAME Vim code execution Platforms Affected:Vim Vim 8.2.5125Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Vim could allow a remote attacker to...
Daily Vulnerability Trends: Wed Jun 22 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-27511Corruption of the system by a remote, unauthenticated user. The impact of...
South River Technologies TitanFTP NextGen code execution | CVE-2022-34005
NAME South River Technologies TitanFTP NextGen code execution Platforms Affected:South River Technologies TitanFTP NextGenRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION South River Technologies...
Nexans FTTO GigaSwitch industrial/office switches default account | CVE-2022-32985
NAME Nexans FTTO GigaSwitch industrial/office switches default account Platforms Affected:Nexans FTTO GigaSwitch HW Version 5 Firmware 6.02L Nexans FTTO GigaSwitch...
Proietti Tech srl Planet Time Enterprise code execution | CVE-2022-30422
NAME Proietti Tech srl Planet Time Enterprise code execution Platforms Affected:Proietti Tech srl Planet Time Enterprise 4.2.0.1 Proietti Tech srl...
Xiaomi Lamp replay attack | CVE-2022-31277
NAME Xiaomi Lamp replay attack Platforms Affected:Xiaomi Lamp 1 2.0.4_0066Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Xiaomi Lamp could allow a remote attacker...
Node.js jquery-lh module code execution |
NAME Node.js jquery-lh module code execution Platforms Affected:Node.js jquery-lhRisk Level:9.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js jquery-lh module could allow a remote attacker...
Adaware Protect privilege escalation | CVE-2022-31464
NAME Adaware Protect privilege escalation Platforms Affected:Adaware Protect 1.2.439.4251Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Adaware Protect could allow a local authenticated attacker...
Daily Vulnerability Trends: Tue Jun 21 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-0492A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c...
Daily Vulnerability Trends: Mon Jun 20 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-21972Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique...
