Mozilla security advisory-CVE-2022-26485
NAME Mozilla Foundation - Multiple Platforms Affected:MultipleRisk Level:highCVE Type:Use after free DESCRIPTION CVE-2022-26485 is a use after free vulnerability impacting...
CVE
Fortinet FortiMail security bypass | CVE-2021-36166
NAME Fortinet FortiMail security bypass Platforms Affected:Fortinet FortiMail 5.4.12 Fortinet FortiMail 6.4.5 Fortinet FortiMail 6.2.7 Fortinet FortiMail 7.0.0 Fortinet FortiMail...
SAE J2497 (PLC4TRUCKS) security bypass | CVE-2022-26131
NAME SAE J2497 (PLC4TRUCKS) security bypass Platforms Affected:SAE J2497Risk Level:8.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION SAE J2497 (PLC4TRUCKS) could allow a remote attacker...
Fortinet FortiWLM SQL injection | CVE-2021-43077
NAME Fortinet FortiWLM SQL injection Platforms Affected:Fortinet FortiWLM 8.6.2 Fortinet FortiWLM 8.5.2 Fortinet FortiWLM 8.4.2 Fortinet FortiWLM 8.3.2Risk Level:8.8Exploitability:HighConsequences:Data Manipulation...
wire-avs code execution | CVE-2021-41193
NAME wire-avs code execution Platforms Affected:wire-avs wire-avs 7.1.11Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION wire-avs could allow a remote attacker to execute arbitrary...
Fortinet FortiPortal weak security | CVE-2021-36171
NAME Fortinet FortiPortal weak security Platforms Affected:Fortinet FortiPortal 6.0.5 Fortinet FortiPortal 5.3.6 Fortinet FortiPortal 5.2.6 Fortinet FortiPortal 5.1.2 Fortinet FortiPortal...
xcel-Streaming-Reader information disclosure | CVE-2022-23640
NAME xcel-Streaming-Reader information disclosure Platforms Affected:Excel-Streaming-Reader Excel-Streaming-Reader 2.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION xcel-Streaming-Reader could allow a remote attacker to obtain sensitive...
Delta Industrial Automation DIAEnergie file upload |
NAME Delta Industrial Automation DIAEnergie file upload Platforms Affected:Delta Industrial Automation DIAEnergieRisk Level:8.8Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION Delta Industrial Automation DIAEnergie could...
cmark-gfm integer overflow | CVE-2022-24724
NAME cmark-gfm integer overflow Platforms Affected:cmark-gfm cmark-gfmRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION cmark-gfm is vulnerable to an integer overflow, caused by improper...
Mozilla Firefox, Firefox ESR, Firefox for Android, Focus, Thunderbird code execution | CVE-2022-26486
NAME Mozilla Firefox, Firefox ESR, Firefox for Android, Focus, Thunderbird code execution Platforms Affected:Mozilla Firefox 97 Mozilla Firefox ESR 91.6...
ipDIO code execution | CVE-2022-24915
NAME ipDIO code execution Platforms Affected:IPCOMM ipDIO 3.9 2016/04/18 IPCOMM ipDIO SW 3.9Risk Level:8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION ipDIO could allow a...
Fortinet FortiWLM command execution | CVE-2021-43075
NAME Fortinet FortiWLM command execution Platforms Affected:Fortinet FortiWLM 8.6.2 Fortinet FortiWLM 8.5.2 Fortinet FortiWLM 8.4.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Fortinet FortiWLM...
Mozilla Firefox, Firefox ESR, Firefox for Android, Focus, Thunderbird code execution | CVE-2022-26485
NAME Mozilla Firefox, Firefox ESR, Firefox for Android, Focus, Thunderbird code execution Platforms Affected:Mozilla Firefox 97 Mozilla Firefox ESR 91.6...
ipDIO code execution | CVE-2022-22985
NAME ipDIO code execution Platforms Affected:IPCOMM ipDIO 3.9 2016/04/18 IPCOMM ipDIO SW 3.9Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION ipDIO could allow a...
Zyxel NWA-1100-NH command execution | CVE-2021-4039
NAME Zyxel NWA-1100-NH command execution Platforms Affected:Zyxel NWA1100-NHRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Zyxel NWA-1100-NH could allow a remote attacker to execute...
CodeIgniter4 command execution | CVE-2022-24711
NAME CodeIgniter4 command execution Platforms Affected:CodeIgniter4 CodeIgniter4 4.1.7 CodeIgniter4 CodeIgniter4 4.1.8Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION CodeIgniter4 could allow a remote attacker...
AllTube Download server-side request forgery | CVE-2022-0768
NAME AllTube Download server-side request forgery Platforms Affected:AllTube Download AllTube Download 3.0.0 AllTube Download AllTube Download 3.0.1Risk Level:8.6Exploitability:Proof of ConceptConsequences:Gain...
MithrilJS mithril.js code execution |
NAME MithrilJS mithril.js code execution Platforms Affected:Node.js Node.jsRisk Level:8.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION MithrilJS mithril.js could allow a remote attacker to execute...
VMware Tanzu Spring Cloud Gateway code execution | CVE-2022-22947
NAME VMware Tanzu Spring Cloud Gateway code execution Platforms Affected:VMware Tanzu Spring Cloud Gateway 3.1.0 VMware Tanzu Spring Cloud Gateway...
Google Chrome MediaStream code execution | CVE-2022-0798
NAME Google Chrome MediaStream code execution Platforms Affected:Google Chrome 99Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...
Google Chrome Media code execution | CVE-2022-0796
NAME Google Chrome Media code execution Platforms Affected:Google Chrome 99Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...
Rufus code execution |
NAME Rufus code execution Platforms Affected:Rufus Rufus 3.17.1846Risk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Rufus could allow a local attacker to execute arbitrary...
LanSweeper SQL injection | CVE-2022-21234
NAME LanSweeper SQL injection Platforms Affected:Lansweeper Lansweeper 9.1.20.2Risk Level:9.1Exploitability:HighConsequences:Data Manipulation DESCRIPTION LanSweeper is vulnerable to SQL injection. A remote authenticated...
Obyte Wallet cross-site scripting | CVE-2022-25642
NAME Obyte Wallet cross-site scripting Platforms Affected:Obyte Obyte Wallet 3.4.0Risk Level:10Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION Obyte Wallet is vulnerable to cross-site scripting,...
