We're hiring! Partners Contact On-demand Webinar
Request Demo Free Access Free Tools

Critical Vulnerabilities

SOCRadar, the Extended Cyber Threat Intelligence (XTI) platform, provides vulnerability intelligence for the security operations team, who can search for recent critical vulnerabilities exploited in the wild by the threat actors. SOCRadar also provides an External Attack Surface Management suite that helps cybersecurity teams to identify vulnerable assets in their internet-facing network. We select and display critical vulnerabilities below that are popular in the hacker community.

Get free access to SOCRadar XTI to start using vulnerability intelligence now.

Get Free Access

Vulnerability CVSSv3 Release Date Products References
Netgear RAX50 Certificate Validation curl_post certificate validation 7.7 07/01/2023 Netgear Link
D-Link DIR-X3260 prog.cgi SOAPAction command injection 8.4 07/01/2023 D-Link Link
Netgear RAX30 UPnP command injection 8.4 07/01/2023 Netgear Link
Hero Qubo Telnet Service missing authentication 8.2 07/04/2023 Hero Link
NVIDIA Virtual GPU Manager vGPU software improper authorization 7.8 07/04/2023 NVIDIA Link
Qualcomm 315 5G IoT Modem WLAN Host memory corruption 7.6 07/04/2023 Qualcomm Link
Qualcomm QCA9898 Data Modem memory corruption 7.6 07/04/2023 Qualcomm Link
Qualcomm AR8035 WLAN Host memory corruption 7.6 07/04/2023 Qualcomm Link
Qualcomm 315 5G IoT Modem Audio memory corruption 7.9 07/04/2023 Qualcomm Link
Qualcomm QCN9074 WLAN Host memory corruption 7.6 07/04/2023 Qualcomm Link
Qualcomm QCA9994 VX memory corruption 7.6 07/04/2023 Qualcomm Link
Qualcomm QCN9012 WLAN Host memory corruption 7.6 07/04/2023 Qualcomm Link
Qualcomm FastConnect 6700 Audio memory corruption 7.9 07/04/2023 Qualcomm Link
Samsung Smart Phone RILD RmtUimNeedApdu out-of-bounds write 7.6 07/06/2023 Samsung Link
Samsung Smart Phone RILD IpcRxUsimPhoneBookCapa out-of-bounds write 7.6 07/06/2023 Samsung Link
Samsung Smart Phone RILD BroadcastSmsConfig out-of-bounds write 7.6 07/06/2023 Samsung Link
Samsung Smart Phone RILD IpcRxIncomingCBMsg out-of-bounds write 7.6 07/06/2023 Samsung Link
Samsung Smart Phone RILD CdmaSmsParser out-of-bounds write 7.6 07/06/2023 Samsung Link
Huawei EMUI/Magic UI uinput use after free 7.8 07/06/2023 Huawei Link
PiiGAB M-Bus SoftwarePack 900S hard-coded credentials 9.4 07/06/2023 PiiGAB Link
PiiGAB M-Bus SoftwarePack 900S code injection 8.4 07/06/2023 PiiGAB Link
Mastodon Media File path traversal 7.9 07/06/2023 Mastodon Link
authentik Header interpretation conflict 7.6 07/06/2023 authentik Link
Linux Kernel UDF Filesystem Image super.c udf_put_super use after free 7.8 07/06/2023 Linux Link
openSUSE Tumbleweed hawk2 permission 7.8 07/07/2023 openSUSE Link
MuJS Regexp Source Property denial of service 7.5 07/08/2023 MuJS Link
OpenComputers Metadata Services API Endpoint server-side request forgery 7.8 07/08/2023 OpenComputers Link
OpenComputers server-side request forgery 7.8 07/08/2023 OpenComputers Link
SmartSoft SmartBPM.NET hard-coded credentials 8.2 07/10/2023 SmartSoft Link
SmartSoft SmartBPM.NET hard-coded credentials 8.5 07/10/2023 SmartSoft Link
IBM DB2 Executable File unquoted search path 7.9 07/10/2023 IBM Link
IBM DB2 db2set memory corruption 8.9 07/10/2023 IBM Link
SICK ICR890-4 Setting access control 7.5 07/10/2023 SICK Link
OSNEXUS QuantaStor privileges management 7.5 07/10/2023 OSNEXUS Link
OSNEXUS QuantaStor Alerts Management Dialog command injection 8.0 07/10/2023 OSNEXUS Link
OSNEXUS QuantaStor API os command injection 8.1 07/10/2023 OSNEXUS Link
Tise Parking Web Report sql injection 8.4 07/10/2023 Tise Link
Softmed SelfPatron sql injection 8.4 07/10/2023 Softmed Link
Yontem Vehicle Tracking System sql injection 8.4 07/10/2023 Yontem Link
SAP Web Dispatcher memory corruption 7.7 07/11/2023 SAP Link
SAP NetWeaver ABAP Function Module os command injection 8.0 07/11/2023 SAP Link
BlueMark Innovations DroneScout ds230 Remote ID Receiver ODID Message information loss or omission 9.0 07/11/2023 BlueMark Link
BlueMark Innovations DroneScout ds230 Remote ID Receiver Firmware improper authentication 8.1 07/11/2023 BlueMark Link
Siemens Tecnomatix Plant Simulation STP File type confusion 7.6 07/11/2023 Siemens Link
Siemens Tecnomatix Plant Simulation SPP File stack-based overflow 7.6 07/11/2023 Siemens Link
Siemens Tecnomatix Plant Simulation STP File stack-based overflow 7.6 07/11/2023 Siemens Link
Siemens Tecnomatix Plant Simulation PAR File out-of-bounds write 7.6 07/11/2023 Siemens Link
Siemens Tecnomatix Plant Simulation PAR File heap-based overflow 7.6 07/11/2023 Siemens Link
Siemens Tecnomatix Plant Simulation PRT File heap-based overflow 7.6 07/11/2023 Siemens Link
Siemens SIMATIC allocation of resources 7.9 07/11/2023 Siemens Link
Siemens SIMATIC CN 4100 Configuration File access control 9.1 07/11/2023 Siemens Link
Siemens RUGGEDCOM ROX SCEP CA Certificate Name the command injection 8.0 07/11/2023 Siemens Link
Siemens RUGGEDCOM ROX SCEP Server Configuration command injection 8.0 07/11/2023 Siemens Link
Siemens RUGGEDCOM ROX Web Interface command injection 8.0 07/11/2023 Siemens Link
Siemens RUGGEDCOM ROX URL Parameter upgrade-app command injection 8.0 07/11/2023 Siemens Link
Siemens RUGGEDCOM ROX URL Parameter command injection 8.0 07/11/2023 Siemens Link
Siemens RUGGEDCOM ROX URL Parameter command injection 8.0 07/11/2023 Siemens Link
Technicolor TG670 hard-coded credentials 7.9 07/11/2023 Technicolor Link
Panasonic Control FPWIN Pro memory corruption 7.5 07/11/2023 Panasonic Link
Panasonic Control FPWIN Pro type confusion 7.5 07/11/2023 Panasonic Link
Panasonic Control FPWIN Pro stack-based overflow 7.5 07/11/2023 Panasonic Link
Decidim Query Parameter deserialization 7.8 07/11/2023 Decidim Link
Zoom Rooms untrusted search path 7.8 07/11/2023 Zoom Link
Microsoft Windows Routing/Remote Access Service Remote Code Execution 8.5 07/11/2023 Microsoft Link
Microsoft Windows Routing/Remote Access Service Remote Code Execution 8.5 07/11/2023 Microsoft Link
Microsoft Windows Routing/Remote Access Service Remote Code Execution 8.5 07/11/2023 Microsoft Link
Microsoft Windows Kernel Local Privilege Escalation 7.7 07/11/2023 Microsoft Link
Citrix Secure Access Client Local Privilege Escalation 7.5 07/11/2023 Citrix Link
Rockwell Automation 1756-EN4 CIP Message denial of service 7.5 07/12/2023 Rockwell Link
Rockwell Automation 1756 EN2/1756 EN3 CIP Message out-of-bounds write 9.8 07/12/2023 Rockwell Link
Adobe ColdFusion deserialization 8.4 07/12/2023 Adobe Link
Cisco SD-WAN vManage REST API access control 9.4 07/12/2023 Cisco Link
Elecom WRC-1167GHBK-S Request os command injection 8.0 07/13/2023 Elecom Link
SonicWALL GMS/Analytics os command injection 8.0 07/13/2023 SonicWALL Link
Bullwark path traversal 7.8 07/13/2023 Bullwark Link
Lisa Florist Site sql injection 8.4 07/13/2023 Lisa Link
Elra Parkmatik Command Line sql injection 8.5 07/13/2023 Elra Link
Honeywell Controller Message buffer overflow 9.8 07/13/2023 Honeywell Link
Honeywell Controller Message stack-based overflow 9.8 07/13/2023 Honeywell Link
Honeywell Experion Server/Experion PKS Console Station out-of-bounds write 9.8 07/13/2023 Honeywell Link
Honeywell Controller data authenticity 9.8 07/13/2023 Honeywell Link
VegaGroup Web Collection sql injection 8.4 07/13/2023 VegaGroup Link
Unitronics Vision1210 PCOM Protocol malicious code 9.5 07/13/2023 Unitronics Link
Belkin Wemo Smart Plug WSP080 Firmware File signature verification 7.7 07/13/2023 Belkin Link
vm2 sandbox 9.5 07/13/2023 vm2 Link
Netgear ProSAFE Network Management System SettingConfigController Privilege Escalation 8.4 07/14/2023 Netgear Link
Netgear ProSAFE Network Management System UpLoadServlet unrestricted upload 9.4 07/14/2023 Netgear Link
Netgear ProSAFE Network Management System BkreProcessThread Privilege Escalation 8.4 07/14/2023 Netgear Link
Netgear ProSAFE Network Management System MFileUploadController unrestricted upload 8.4 07/14/2023 Netgear Link
Razer RazerCentral RazerCentralSerivce Named Pipe privileges management 7.8 07/14/2023 Razer Link
Panda Security VPN PANDAVPN.exe uncontrolled search path 7.5 07/14/2023 Panda Link
Razer RazerCentral RazerCentralSerivce Named Pipe privileges management 7.8 07/14/2023 Razer Link
XWiki Platform SkinsCode.XWikiSkinsSheet neutralization of directives 7.9 07/15/2023 XWiki Link
IBM Performance Tools for i Command Line privileges management 7.9 07/17/2023 IBM Link
IBM i Command Line privileges management 7.9 07/17/2023 IBM Link
Zekiweb sql injection 8.4 07/17/2023 Zekiweb Link
Zyxel ATP/USG FLEX/VPN Access Point Management os command injection 8.0 07/18/2023 Zyxel Link
pixman stress-test pixman-combine-float.c combine_inner Privilege Escalation 8.0 07/18/2023 pixman Link
wolfSSL Key input validation 8.0 07/18/2023 wolfSSL Link
Zyxel USG FLEX/VPN Free Time WiFi Hotspot os command injection 8.8 07/18/2023 Zyxel Link
Zyxel ATP/USG FLEX/VPN os command injection 8.0 07/18/2023 Zyxel Link
Zyxel ATP/USG FLEX/VPN GRE Configuration os command injection 8.8 07/18/2023 Zyxel Link
Zyxel ATP/USG FLEX/VPN PPPoE Configuration format string 8.8 07/18/2023 Zyxel Link
Zyxel ATP/USG FLEX Configuration Parser os command injection 8.8 07/18/2023 Zyxel Link
Keysight Geolocation Server path traversal 7.5 07/18/2023 Keysight Link
Keysight Geolocation Server ZIP File routine 7.5 07/18/2023 Keysight Link
GeoVision GV-ADR2701 Web Application improper authentication 9.4 07/18/2023 GeoVision Link
Tesla Model 3 Firmware code download 7.6 07/18/2023 Tesla Link
Citrix ADC/Gateway code injection 9.4 07/18/2023 Citrix Link
Citrix ADC/Gateway Management Interface privileges management 7.6 07/18/2023 Citrix Link
Kratos NGC-IDU TCP Request command injection 8.8 07/18/2023 Kratos Link
1Panel HTTP Request ip os command injection 7.8 07/18/2023 1Panel Link
Payplug Module ajax.php sql injection 8.5 07/18/2023 Payplug Link
Oracle Siebel CRM EAI Remote Code Execution 9.4 07/19/2023 Oracle Link
Oracle Retail Advanced Inventory Planning Operations/Maintenance Remote Code Execution 9.4 07/19/2023 Oracle Link
Oracle PeopleSoft Enterprise PeopleTools Portal Local Privilege Escalation 8.0 07/19/2023 Oracle Link
Oracle PeopleSoft Enterprise PeopleTools Elastic Search Remote Code Execution 9.4 07/19/2023 Oracle Link
mlflow absolute path traversal 8.5 07/19/2023 mlflow Link
IBM Security Guardium permission 7.9 07/19/2023 IBM Link
Atlassian Confluence Server/Data Center Privilege Escalation 7.8 07/19/2023 Atlassian Link
Oracle VM VirtualBox Core Remote Code Execution 7.7 07/19/2023 Oracle Link
Oracle Utilities Testing Accelerator Tools Remote Code Execution 9.4 07/19/2023 Oracle Link
Oracle Utilities Testing Accelerator Tools Remote Code Execution 9.4 07/19/2023 Oracle Link
Oracle Solaris Device Driver Interface Local Privilege Escalation 7.5 07/19/2023 Oracle Link
MikroTik RouterOS Winbox/HTTP Interface privileges management 8.1 07/19/2023 MikroTik Link
Grub2 HTTP Header out-of-bounds write 7.9 07/20/2023 Grub2 Link
TIBCO EBX Add-ons Data Exchange Add-on sql injection 7.5 07/20/2023 TIBCO Link
Infinity Document On-line Submission and Approval System unrestricted upload 9.8 07/20/2023 Infinity Link
Grub2 IP Packet grub_net_recv_ip4_packets integer underflow 7.9 07/20/2023 Grub2 Link
Avaya Aura Device Services Web Application unrestricted upload 7.9 07/20/2023 Avaya Link
OpenIdentity OpenAM SAML improper authentication 8.0 07/20/2023 OpenIdentity Link
HGiga iSherlock os command injection 9.6 07/21/2023 HGiga Link
Asus RT-AX56U V2/RT-AC86U cm_processChangedConfigMsg format string 9.8 07/21/2023 Asus Link
vm2 Custom Inspection os command injection 7.7 07/21/2023 vm2 Link
KubeOperator KubePi privileges management 7.5 07/22/2023 KubeOperator Link
Open Babel translationVectors Parser memory corruption 8.4 07/22/2023 Open Link
Open Babel translationVectors Parser memory corruption 8.4 07/22/2023 Open Link
Open Babel translationVectors Parser memory corruption 8.4 07/22/2023 Open Link
Open Babel translationVectors Parser memory corruption 8.4 07/22/2023 Open Link
Open Babel translationVectors Parser memory corruption 8.4 07/22/2023 Open Link
Open Babel ORCA Format heap-based overflow 8.4 07/22/2023 Open Link
Open Babel ORCA Format heap-based overflow 8.4 07/22/2023 Open Link
Open Babel PQS Format uninitialized pointer 8.4 07/22/2023 Open Link
Open Babel MSI Format Atom uninitialized pointer 8.4 07/22/2023 Open Link
Open Babel MOL2 Format Attribute memory corruption 7.6 07/22/2023 Open Link
Open Babel PQS Format coord_file memory corruption 8.4 07/22/2023 Open Link
Open Babel RO Format uninitialized pointer 8.4 07/22/2023 Open Link
Open Babel CSR Format Title buffer overflow 8.4 07/22/2023 Open Link
Linux Kernel net-sched cls_fw.c fw_set_parms use after free 7.6 07/22/2023 Linux Link
Linux Kernel net-sched sch_qfq.c qfq_change_agg out-of-bounds write 7.6 07/22/2023 Linux Link
Linux Kernel Netfilter nf_tables use after free 7.6 07/22/2023 Linux Link
Linux Kernel net-sched cls_u32.c tcf_change_indev use after free 7.6 07/22/2023 Linux Link
Pointware EasyInventory Easy2W.exe unquoted search path 7.5 07/22/2023 Pointware Link
Linux Kernel TUN Device Driver tun.c tun_napi_alloc_frags out-of-bounds 7.6 07/24/2023 Linux Link
NodeBB Export Code path traversal 8.5 07/25/2023 NodeBB Link
Biltay Scienta sql injection 8.4 07/25/2023 Biltay Link
Vasion PrinterLogic Client Installation/Repair untrusted search path 7.5 07/25/2023 Vasion Link
Ivanti Endpoint Manager Mobile improper authentication 9.7 07/25/2023 Ivanti Link
Apple watchOS Kernel memory corruption 7.5 07/25/2023 Apple Link
Apple watchOS Kernel memory corruption 7.5 07/25/2023 Apple Link
Apple watchOS Apple Neural Engine memory corruption 7.5 07/25/2023 Apple Link
Apple watchOS Apple Neural Engine memory corruption 7.5 07/25/2023 Apple Link
Apple iOS/iPadOS libxpc path traversal 7.5 07/25/2023 Apple Link
Apple iOS/iPadOS Kernel use after free 7.5 07/25/2023 Apple Link
Apple iOS/iPadOS Kernel use after free 7.5 07/25/2023 Apple Link
Apple iOS/iPadOS Kernel use after free 7.5 07/25/2023 Apple Link
Apple iOS/iPadOS Kernel memory corruption 7.5 07/25/2023 Apple Link
Apple iOS/iPadOS Kernel memory corruption 7.5 07/25/2023 Apple Link
Apple iOS/iPadOS Kernel memory corruption 7.5 07/25/2023 Apple Link
Infodrom E-Invoice Approval System sql injection 8.4 07/25/2023 Infodrom Link
Axis A1001 OSDP heap-based overflow 8.0 07/25/2023 Axis Link
Ubuntu Linux overlayfs ovl_copy_up_meta_inode_data permission 7.8 07/26/2023 Ubuntu Link
Ubuntu Linux overlayfs authorization 7.8 07/26/2023 Ubuntu Link
Envoy HTTP2 input validation 7.6 07/26/2023 Envoy Link
Envoy HMAC escape output 7.8 07/26/2023 Envoy Link
Paddle fs.py os command injection 7.8 07/26/2023 Paddle Link
ASUS Armoury Crate SetupAsusServices unquoted search path 7.8 07/26/2023 ASUS Link
InstaWP Connect Plugin Setting events_receiver authorization 8.4 07/27/2023 InstaWP Link
Mitsubishi Electric M8V/M8/C80/IoT Unit Packet buffer overflow 9.2 07/27/2023 Mitsubishi Link
jgraph drawio os command injection 7.7 07/27/2023 jgraph Link
jgraph drawio os command injection 9.0 07/27/2023 jgraph Link
Crossplane Package input validation 7.7 07/27/2023 Crossplane Link
Red Hat OpenStack privileges assignment 7.8 07/27/2023 Red Link
ARM Compiler 5, Compiler 6, Compiler for Embedded, Compiler for Embedded FuSa, Compiler for Linux, Development Studio, Development Studio Morello Edition, Forge, Mobile Studio, DS-5 Development Studio, Fast Models, GNU Toolchain, Installer Vulnerabilities, Keil MDK, Socrates permission 7.8 07/28/2023 ARM Link
Arm Compiler 5 Installer untrusted search path 7.8 07/28/2023 Arm Link
Apple macOS out-of-bounds write 7.5 07/28/2023 Apple Link
Apple tvOS out-of-bounds write 7.5 07/28/2023 Apple Link
Apple watchOS out-of-bounds write 7.5 07/28/2023 Apple Link
Apple iOS/iPadOS out-of-bounds write 7.5 07/28/2023 Apple Link
Apple macOS use after free 7.5 07/28/2023 Apple Link
Apple tvOS use after free 7.5 07/28/2023 Apple Link
Apple watchOS use after free 7.5 07/28/2023 Apple Link
Apple iOS/iPadOS use after free 7.5 07/28/2023 Apple Link
Apple macOS out-of-bounds 7.5 07/28/2023 Apple Link
Apple iOS/iPadOS out-of-bounds 7.5 07/28/2023 Apple Link
Apple macOS integer overflow 7.5 07/28/2023 Apple Link
Apple tvOS integer overflow 7.5 07/28/2023 Apple Link
Apple watchOS integer overflow 7.5 07/28/2023 Apple Link
Apple iOS/iPadOS integer overflow 7.5 07/28/2023 Apple Link
Apple macOS memory corruption 7.5 07/28/2023 Apple Link
Apple watchOS memory corruption 7.5 07/28/2023 Apple Link
Apple iOS/iPadOS memory corruption 7.5 07/28/2023 Apple Link
Adtran SR400ac Ping Command command injection 8.4 07/29/2023 Adtran Link
Heights Telecom ERO1xS-Pro Dual-Band Remote Code Execution 9.8 07/30/2023 Heights Link
Synel Synergy Fingerprint Terminal os command injection 8.8 07/30/2023 Synel Link
Synel Synergy Fingerprint Terminal hard-coded credentials 9.8 07/30/2023 Synel Link
ASUS RT-AX88U httpd ej.c do_json_decode out-of-bounds 7.5 07/31/2023 ASUS Link
ASUS RT-AX88U httpd web.c out-of-bounds 7.5 07/31/2023 ASUS Link
Vulnerability CVSSv3 Release Date Products References
Deno/deno_runtime node:http/node:https privileges management 7.8 06/01/2023 Deno/deno_runtime Link
Linux Kernel xfs_btree.c xfs_btree_lookup_get_block use after free 7.6 06/01/2023 Linux Link
VIPRE Antivirus Plus link following 7.8 06/01/2023 VIPRE Link
VIPRE Antivirus Plus SetPrivateConfig path traversal 7.8 06/01/2023 VIPRE Link
VIPRE Antivirus Plus DeleteHistoryFile path traversal 7.8 06/01/2023 VIPRE Link
VIPRE Antivirus Plus TelFileTransfer link following 7.8 06/01/2023 VIPRE Link
VIPRE Antivirus Plus FPQuarTransfer link following 7.8 06/01/2023 VIPRE Link
Gallagher Controller 6000 Controller Diagnostic Web Interface buffer overflow 8.0 06/01/2023 Gallagher Link
Sprecher SPRECON-E CPU hard-coded credentials 9.8 06/01/2023 Sprecher Link
Hangzhou Hopechart HQT401 MQTT improper authentication 7.9 06/01/2023 Hangzhou Link
SUSE Rancher privileges management 7.9 06/01/2023 SUSE Link
SUSE Rancher Azure AD privileges management 7.8 06/01/2023 SUSE Link
Dell OS Recovery Tool access control 7.6 06/01/2023 Dell Link
Brook tproxy Server os command injection 8.6 06/01/2023 Brook Link
DataEase Datasource deserialization 8.4 06/01/2023 DataEase Link
Erikoglu ErMon sql injection 9.6 06/02/2023 Erikoglu Link
Hitron CODA-5310 System Configuration Interface missing authentication 8.5 06/02/2023 Hitron Link
Hitron CODA-5310 Telnet hard-coded credentials 9.8 06/02/2023 Hitron Link
Wade Graphic Design FANTSY URL Parameter authorization 9.8 06/02/2023 Wade Link
Wade Graphic Design FANTSY unrestricted upload 7.5 06/02/2023 Wade Link
ARM Mali GPU Kernel Driver use after free 7.5 06/02/2023 ARM Link
Furbo Dog Camera Device Log Management command injection 9.3 06/02/2023 Furbo Link
Asus RT-AC86U Web URL os command injection 8.8 06/02/2023 Asus Link
Elite Technology Web Fax Login Page sql injection 8.5 06/02/2023 Elite Link
SGUDA U-Lock API authorization 7.5 06/02/2023 SGUDA Link
SGUDA U-Lock Lock Management authorization 8.8 06/02/2023 SGUDA Link
SailPoint IdentityIQ Java Constructor unknown vulnerability 7.9 06/05/2023 SailPoint Link
ABB ASPECT Enterprise privileges management 7.6 06/05/2023 ABB Link
IBM Aspera Connect/Aspera Cargo buffer overflow 7.9 06/05/2023 IBM Link
Mobatime AMXGT100 improper authentication 9.5 06/05/2023 Mobatime Link
Mobatime AMXGT100 authorization 8.5 06/05/2023 Mobatime Link
Linux Kernel relocation.c prepare_to_relocate use after free 7.5 06/05/2023 Linux Link
Lenovo ThinkPad USB-A Dock Firmware Update Tool default permission 7.8 06/06/2023 Lenovo Link
jmsslider ajax_jmsslider.php access control 8.5 06/06/2023 jmsslider Link
jmsmegamenu ajax_jmsmegamenu.php sql injection 8.5 06/06/2023 jmsmegamenu Link
jmsthemelayout ajax_jmsvermegamenu.php sql injection 8.5 06/06/2023 jmsthemelayout Link
Qualcomm 315 5G IoT Modem GPU Subsystem memory corruption 7.6 06/06/2023 Qualcomm Link
Qualcomm CSRA6620 Audio memory corruption 7.6 06/06/2023 Qualcomm Link
Qualcomm AR8035 WLAN Host memory corruption 7.6 06/06/2023 Qualcomm Link
Qualcomm APQ8064AU GPU memory corruption 7.9 06/06/2023 Qualcomm Link
Qualcomm QCA8081 WLAN HAL memory corruption 7.9 06/06/2023 Qualcomm Link
Qualcomm 315 5G IoT Modem HLOS memory corruption 7.9 06/06/2023 Qualcomm Link
Qualcomm AQT1000 memory corruption 7.9 06/06/2023 Qualcomm Link
Qualcomm CSR8811 hyp-assign memory corruption 7.9 06/06/2023 Qualcomm Link
Delta Electronics CNCSoft-B DOPSoft heap-based overflow 7.5 06/06/2023 Delta Link
Delta Electronics CNCSoft-B DOPSoft stack-based overflow 7.5 06/06/2023 Delta Link
jmspagebuilder ajax_jmspagebuilder.php sql injection 8.5 06/06/2023 jmspagebuilder Link
Frontend File Manager Plugin Setting wpfm_save_settings authorization 8.0 07/06/2023 Frontend Link
User Submitted Posts Plugin usp_check_images unrestricted upload 8.4 07/06/2023 User Link
Automatic Plugin Setting process_form.php authorization 8.1 07/06/2023 Automatic Link
Shapely epsilon_framework_ajax_action code injection 8.4 07/06/2023 Shapely Link
Ultimate Reviews Plugin deserialization 8.4 07/06/2023 Ultimate Link
Newsletter Manager Plugin deserialization 8.4 07/06/2023 Newsletter Link
GDPR CCPA Compliance Support Plugin deserialization 8.4 07/06/2023 GDPR Link
Delete All Comments Plugin delete-all-comments.php unrestricted upload 8.4 07/06/2023 Delete Link
uListing Plugin authorization 8.4 07/06/2023 uListing Link
uListing Plugin import_new_layout authorization 8.4 07/06/2023 uListing Link
uListing Plugin save_role_api authorization 7.7 07/06/2023 uListing Link
Kiwi Social Share Plugin kiwi_social_share_get_option authorization 8.4 07/06/2023 Kiwi Link
Controlled Admin Access Plugin Configuration access control 8.0 07/06/2023 Controlled Link
uListing Plugin AJAX Action stm_listing_profile_edit authorization 8.4 07/06/2023 uListing Link
Unauthenticated Account Creation Plugin stm_listing_register authorization 8.4 07/06/2023 Unauthenticated Link
Triangle MicroWorks SCADA Data Gateway Broadcast Message GTWWebMonitor.exe format string 7.7 07/06/2023 Triangle Link
Adning Advertising Plugin _ning_upload_image unrestricted upload 8.2 07/06/2023 Adning Link
Pinterest Automatic Plugin process_form.php wp_pinterest_automatic_parse_request access control 8.4 07/06/2023 Pinterest Link
VMware Aria Operations for Networks command injection 8.4 07/06/2023 VMware Link
VMware Aria Operations for Networks command injection 9.4 07/06/2023 VMware Link
Planet WDRT-1800AX Cookie improper authentication 8.0 07/06/2023 Planet Link
mailcow authorization 8.6 07/06/2023 mailcow Link
Cisco Expressway/TelePresence Video Communication Server Local Privilege Escalation 7.5 08/06/2023 Cisco Link
Cisco Expressway/TelePresence Video Communication Server Privilege Escalation 8.4 08/06/2023 Cisco Link
Cisco AnyConnect Secure Mobility Client Local Privilege Escalation 7.5 08/06/2023 Cisco Link
Netgear RAX30 cmsCli_authenticate stack-based overflow 8.4 09/06/2023 Netgear Link
Sante DICOM Viewer Pro DCM File Parser out-of-bounds write 7.5 09/06/2023 Sante Link
Sante DICOM Viewer Pro DCM File Parser out-of-bounds write 7.5 09/06/2023 Sante Link
Sante DICOM Viewer Pro JP2 File Parser out-of-bounds write 7.5 09/06/2023 Sante Link
owncast server-side request forgery 7.6 10/06/2023 owncast Link
Danfoss AK-EM100 os command injection 9.2 11/06/2023 Danfoss Link
Danfoss AK-EM100 Login Form sql injection 8.5 11/06/2023 Danfoss Link
AMI BMC IPMI denial of service 7.7 12/06/2023 AMI Link
Western Digital My Cloud OS/My Cloud Home/My Cloud Home Duo authentication spoofing 9.7 12/06/2023 Western Link
AMI BMC IPMI buffer overflow 8.1 12/06/2023 AMI Link
SRS POST Request snapshots os command injection 8.0 12/06/2023 SRS Link
EaseUS Todo Backup Installation Local Privilege Escalation 8.3 13/06/2023 EaseUS Link
Milesight NCR Camera improper authentication 7.7 13/06/2023 Milesight Link
Mazda Model improper authentication 7.7 13/06/2023 Mazda Link
WP Directory Kit Plugin wdk_public_action file inclusion 7.9 13/06/2023 WP Link
Fortinet FortiOS Fclicense daemon format string 8.4 13/06/2023 Fortinet Link
Fortinet FortiOS/FortiProxy FortiGate SSL-VPN heap-based overflow 9.4 13/06/2023 Fortinet Link
Fortinet FortiADC/FortiADC Manager CLI Command os command injection 7.5 13/06/2023 Fortinet Link
Fortinet FortiClient/FortiConverter Installation default permission 7.5 13/06/2023 Fortinet Link
Citrix ShareFile StorageZones Controller access control 9.4 13/06/2023 Citrix Link
TMT Lockcell unrestricted upload 8.5 13/06/2023 TMT Link
TMT Lockcell authorization 8.6 13/06/2023 TMT Link
TMT Lockcell sql injection 8.4 13/06/2023 TMT Link
Siemens SIMATIC WinCC Installation permission assignment 7.6 13/06/2023 Siemens Link
Siemens SIMATIC PCS 7/SIMATIC S7-PM/SIMATIC STEP 7 V5 code injection 9.1 13/06/2023 Siemens Link
TMT Lockcell unknown vulnerability 8.4 13/06/2023 TMT Link
Siemens Teamcenter Visualization/JT2Go CGM File memory corruption 7.6 13/06/2023 Siemens Link
Siemens Mendix SAML Incomplete Fix CVE-2023-25957 unknown vulnerability 8.0 13/06/2023 Siemens Link
Satos Mobile SOAP sql injection 8.4 13/06/2023 Satos Link
Microsoft Exchange Server Privilege Escalation 7.7 13/06/2023 Microsoft Link
Microsoft Windows Pragmatic General Multicast Remote Code Execution 8.5 13/06/2023 Microsoft Link
Microsoft Windows Pragmatic General Multicast Remote Code Execution 8.5 13/06/2023 Microsoft Link
Microsoft Windows Collaborative Translation Framework Local Privilege Escalation 7.7 13/06/2023 Microsoft Link
Microsoft Windows ODBC Driver Remote Code Execution 7.7 13/06/2023 Microsoft Link
Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code Execution 7.7 13/06/2023 Microsoft Link
Microsoft Windows Pragmatic General Multicast Remote Code Execution 8.5 13/06/2023 Microsoft Link
Microsoft Windows Remote Desktop Client Remote Code Execution 7.7 13/06/2023 Microsoft Link
Microsoft SharePoint Server Remote Code Execution 8.5 13/06/2023 Microsoft Link
Microsoft .NET Framework Remote Code Execution 7.7 13/06/2023 Microsoft Link
benjjvi PyBB sql injection 8.4 13/06/2023 benjjvi Link
nuxt code injection 7.5 13/06/2023 nuxt Link
ServiceNow Quebec/Rome/San Diego/Tokyo/Utah access control 7.9 13/06/2023 ServiceNow Link
benjjvi PyBB sql injection 8.4 13/06/2023 benjjvi Link
nuxt code injection 7.5 13/06/2023 nuxt Link
ServiceNow Quebec/Rome/San Diego/Tokyo/Utah access control 7.9 13/06/2023 ServiceNow Link
Schneider Electric EcoStruxure Foxboro DCS Control Core Services Foxboro.sys out-of-bounds write 7.6 06/14/2023 Schneider Link
Schneider Electric IGSS Dashboard Dashboard Module DashBoard.exe deserialization 7.6 06/14/2023 Schneider Link
Cloudflare cfnts NTP Server out-of-bounds 7.9 06/14/2023 Cloudflare Link
Dell Power Protect Cyber Recovery http headers for scripting syntax 8.8 06/14/2023 Dell Link
cpdb-libs scanf stack-based overflow 9.6 06/14/2023 cpdb-libs Link
Grav Template code injection 7.9 06/15/2023 Grav Link
ADSLR VW2100 Firmware command injection 8.1 06/15/2023 ADSLR Link
Microsoft ODBC Driver for SQL Server Local Privilege Escalation 7.5 06/15/2023 Microsoft Link
Microsoft SQL Server/OLE DB Local Privilege Escalation 7.5 06/15/2023 Microsoft Link
Microsoft ODBC Driver for SQL Server Local Privilege Escalation 7.5 06/15/2023 Microsoft Link
Microsoft ODBC Driver for SQL Server Local Privilege Escalation 7.5 06/15/2023 Microsoft Link
Microsoft ODBC Driver for SQL Server Local Privilege Escalation 7.5 06/15/2023 Microsoft Link
Microsoft ODBC Driver for SQL Server Local Privilege Escalation 7.5 06/15/2023 Microsoft Link
Silabs GSDK Wi-Fi Commissioning buffer overflow 9.6 06/16/2023 Silabs Link
Synacor Zimbra Collaboration Local Privilege Escalation 7.8 06/16/2023 Synacor Link
Thinking Efence Login sql injection 8.5 06/16/2023 Thinking Link
Omicard EDM unrestricted upload 9.8 06/16/2023 Omicard Link
L7 InstantScan IS-8000/InstantQoS IQ-8000 unrestricted upload 9.8 06/16/2023 L7 Link
Advantech WebAccess/SCADA RPC untrusted pointer dereference 9.4 06/16/2023 Advantech Link
Huawei HarmonyOS HwWatchHealth Remote Code Execution 8.5 06/16/2023 Huawei Link
ipandlanguageredirect Extension sql injection 7.6 06/17/2023 ipandlanguageredirect Link
Ricoh Printer Driver Packager NX Installation Local Privilege Escalation 7.5 06/19/2023 Ricoh Link
Trend Micro Apex One Security Agent Local Privilege Escalation 7.5 06/19/2023 Trend Link
Trend Micro Apex One Security Agent Local Privilege Escalation 7.5 06/19/2023 Trend Link
Trend Micro Apex One Security Agent Local Privilege Escalation 7.5 06/19/2023 Trend Link
Trend Micro Apex One Security Agent untrusted search path 7.5 06/19/2023 Trend Link
Trend Micro Apex One Security Agent untrusted search path 7.5 06/19/2023 Trend Link
Ashlar-Vellum Cobalt CO File Parser out-of-bounds write 7.8 06/19/2023 Ashlar-Vellum Link
Ashlar-Vellum Cobalt CO File Parser stack-based overflow 7.8 06/19/2023 Ashlar-Vellum Link
Ashlar-Vellum Cobalt XE File Parser uninitialized pointer 7.8 06/19/2023 Ashlar-Vellum Link
Ashlar-Vellum Cobalt heap-based overflow 7.8 06/19/2023 Ashlar-Vellum Link
Ashlar-Vellum Cobalt out-of-bounds write 7.8 06/19/2023 Ashlar-Vellum Link
Ashlar-Vellum Cobalt out-of-bounds write 7.8 06/19/2023 Ashlar-Vellum Link
Ashlar-Vellum Cobalt out-of-bounds write 7.8 06/19/2023 Ashlar-Vellum Link
Ashlar-Vellum Cobalt out-of-bounds write 7.8 06/19/2023 Ashlar-Vellum Link
Fatek FvDesigner FPJ File Parser out-of-bounds write 7.8 06/19/2023 Fatek Link
Fatek FvDesigner FPJ File Parser uninitialized pointer 7.8 06/19/2023 Fatek Link
Fatek FvDesigner FPJ File Parser out-of-bounds write 7.8 06/19/2023 Fatek Link
Fatek FvDesigner FPJ File Parser out-of-bounds write 8.8 06/19/2023 Fatek Link
Fatek FvDesigner FPJ File Parser out-of-bounds write 7.8 06/19/2023 Fatek Link
Marksoft sql injection 8.5 06/19/2023 Marksoft Link
ZyXEL NAS326/NAS540 HTTP Request os command injection 9.6 06/19/2023 ZyXEL Link
SICK EventCam App API improper authentication 8.5 06/19/2023 SICK Link
SICK EventCam App channel accessible 7.7 06/19/2023 SICK Link
XWiki Platform Tip UI Extension authorization 7.9 06/21/2023 XWiki Link
clips2/video-clip-distributor/video-history-server path traversal 8.5 06/27/2023 clips2/video-clip-distributor/video-history-server Link
Stormshield Endpoint Security Evolution SES Evolution Agent permission 7.8 06/28/2023 Stormshield Link
git-commit-info API gitCommitInfo command injection 8.4 06/28/2023 git-commit-info Link
Linux Kernel io_uring Subsystem toctou 7.6 06/28/2023 Linux Link
Hitachi Energy TXpert Hub CoreTec 4 os command injection 8.3 06/28/2023 Hitachi Link
Linux Kernel ipvlan Network Driver ipvlan_core.c ipvlan_process_v6_outbound out-of-bounds write 7.6 06/28/2023 Linux Link
Linux Kernel Netfilter Subsystem nf_tables_api.c use after free 7.6 06/29/2023 Linux Link
D-Link DSL-G256DG Web Management Interface improper authentication 8.5 06/29/2023 D-Link Link
D-Link DSL-224 improper authentication 8.0 06/29/2023 D-Link Link
Samsung Smart Phone Exynos Baseband buffer overflow 8.6 06/29/2023 Samsung Link
Alerton BCM-WEB authentication spoofing 8.6 06/29/2023 Alerton Link
Active Directory Integration & LDAP Integration Plugin ldap injection 7.8 06/29/2023 Active Link
Parse Server BSON Parser prototype pollution 8.4 06/29/2023 Parse Link
STW TCG-4 Connectivity Module improper authentication 9.8 06/29/2023 STW Link
Medtronic Paceart Optima Microsoft Messaging Queuing Service deserialization 9.8 06/29/2023 Medtronic Link
Sealos Role Based Access Control improper authentication 9.1 06/29/2023 Sealos Link
Delta Electronics InfraSuite Device Master deserialization 9.4 06/29/2023 Delta Link
XWiki Platform injection 7.9 06/30/2023 XWiki Link
XWiki Platform cleanup 7.9 06/30/2023 XWiki Link
XWiki Platform neutralization of directives 7.9 06/30/2023 XWiki Link
Vulnerability CVSSv3 Release Date Products References
CODESYS Development System inadequate encryption 7.9 05/15/2023 CODESYS Link
WAGO Compact Controller CC100 Device Configuration os command injection 9.6 05/15/2023 WAGO Link
SICK FTMg Air Flow Sensor REST Interface resource consumption 7.5 05/15/2023 SICK Link
CODESYS Control CmpTraceMgr out-of-bounds write 8.6 05/15/2023 CODESYS Link
CODESYS Control CmpTraceMgr out-of-bounds write 8.6 05/15/2023 CODESYS Link
CODESYS Control out-of-bounds write 8.6 05/15/2023 CODESYS Link
CODESYS Control out-of-bounds write 8.6 05/15/2023 CODESYS Link
CODESYS Control out-of-bounds write 8.6 05/15/2023 CODESYS Link
CODESYS Control out-of-bounds write 8.6 05/15/2023 CODESYS Link
CODESYS Control out-of-bounds write 8.6 05/15/2023 CODESYS Link
CODESYS Control out-of-bounds write 8.6 05/15/2023 CODESYS Link
CODESYS Control out-of-bounds write 8.6 05/15/2023 CODESYS Link
CODESYS Control out-of-bounds write 8.6 05/15/2023 CODESYS Link
CODESYS Control out-of-bounds write 8.6 05/15/2023 CODESYS Link
CODESYS Control out-of-bounds write 8.6 05/15/2023 CODESYS Link
vm2 injection 9.6 05/16/2023 vm2 Link
Synology Router Manager os command injection 8.8 05/16/2023 Synology Link
Synology Router Manager os command injection 9.6 05/16/2023 Synology Link
Snap One OvrC Pro Firmware Signature data authenticity 9.4 05/16/2023 Snap Link
posstaticblocks getPosCurrentHook sql injection 8.5 05/17/2023 posstaticblocks Link
ABB Terra AC improper authentication 8.8 05/17/2023 ABB Link
IBM PowerVM Logical Partition access control 8.5 05/17/2023 IBM Link
Linux Kernel ksmbd race condition 7.7 05/18/2023 Linux Link
Linux Kernel ksmbd race condition 9.4 05/18/2023 Linux Link
Linux Kernel ksmbd race condition 7.7 05/18/2023 Linux Link
Linux Kernel ksmbd race condition 7.7 05/18/2023 Linux Link
mlflow path traversal 8.4 05/18/2023 mlflow Link
cdesigner initContent sql injection 8.4 05/18/2023 cdesigner Link
cups-filters Backend Error beh.c os command injection 8.6 05/18/2023 cups-filters Link
Acronis Home Office signature verification 7.6 05/18/2023 Acronis Link
Opentext Documentum Content Server dm_secure_writer Privilege Escalation 7.6 05/18/2023 Opentext Link
Johnson Controls OpenBlue Enterprise Manager Data Collector API improper authentication 8.5 05/19/2023 Johnson Link
Apple macOS libxpc Local Privilege Escalation 7.5 05/20/2023 Apple Link
Apple macOS Kernel use after free 7.5 05/20/2023 Apple Link
Apple macOS Kernel type confusion 7.5 05/20/2023 Apple Link
WooCommerce Memberships for Multivendor Marketplace Plugin authorization 8.4 05/20/2023 WooCommerce Link
Rental Module unrestricted upload 8.5 05/20/2023 Rental Link
IBM InfoSphere Information Server RMI Service deserialization 7.9 05/22/2023 IBM Link
Moxa MXsecurity Web-based API hard-coded credentials 8.4 05/22/2023 Moxa Link
Dataprobe iBoot-PDU Basic Discovery Protocol authentication bypass 7.5 05/23/2023 Dataprobe Link
cloudexplorer-lite access control 8.6 05/23/2023 cloudexplorer-lite Link
Adam Retail Automation Systems Mobilmen Terminal Software sql injection 8.4 05/24/2023 Adam Link
Garmin GarminOS CIQ API buffer overflow 7.5 05/24/2023 Garmin Link
Garmin GarminOS CIQ API buffer overflow 7.5 05/24/2023 Garmin Link
Garmin GarminOS API buffer overflow 7.5 05/24/2023 Garmin Link
Garmin GarminOS API integer overflow 7.5 05/24/2023 Garmin Link
Garmin GarminOS Toybox.Ant.BurstPayload.add out-of-bounds write 7.5 05/24/2023 Garmin Link
Garmin GarminOS TVM buffer overflow 7.5 05/24/2023 Garmin Link
Kerui W18 Alarm System authentication replay 7.5 05/24/2023 Kerui Link
AGShome Smart Alarm authentication replay 7.5 05/24/2023 AGShome Link
Digoo DG-HAMB authentication replay 7.5 05/24/2023 Digoo Link
Blitzwolf BW-IS22 authentication replay 7.5 05/24/2023 Blitzwolf Link
Mitsubishi Electric MELSEC iQ-F Packets buffer overflow 9.9 05/24/2023 Mitsubishi Link
Cityboss E-municipality sql injection 8.4 05/24/2023 Cityboss Link
kubelet Windows Container access control 7.6 05/24/2023 kubelet Link
Minova eTrace sql injection 8.4 05/24/2023 Minova Link
Ipekyolu Auto Damage Tracking sql injection 8.4 05/24/2023 Ipekyolu Link
Zyxel ATP/USG FLEX/VPN/Zywall ID Processing buffer overflow 9.8 05/24/2023 Zyxel Link
Zyxel ATP/USG FLEX/VPN/Zywall Notifications buffer overflow 9.8 05/24/2023 Zyxel Link
Autodesk On-Demand Install Services link following 7.5 05/24/2023 Autodesk Link
Barracuda Email Security Gateway TAR File command injection 8.2 05/24/2023 Barracuda Link
Hitachi Vantara Pentaho Business Analytics Server JSON Data deserialization 7.8 05/25/2023 Hitachi Link
MStore API Plugin improper authentication 8.4 05/25/2023 MStore Link
CBOT Chatbot authentication spoofing 8.0 05/25/2023 CBOT Link
CBOT Chatbot channel accessible 7.6 05/25/2023 CBOT Link
CBOT Chatbot generation of incorrect security tokens 7.9 05/25/2023 CBOT Link
AGT Tech Ceppatron sql injection 8.6 05/25/2023 AGT Link
Nagvis NagVisHoverUrl.php path traversal 7.5 05/26/2023 Nagvis Link
GitLab Community Edition/Enterprise Edition Public Project path traversal 8.6 05/27/2023 GitLab Link
Wacom Driver permission 7.8 05/27/2023 Wacom Link
Wacom Driver Local Privilege Escalation 7.8 05/27/2023 Wacom Link
FS S3900-24T4S Privilege Escalation 7.7 05/29/2023 FS Link
Emby Server request smuggling 8.0 05/30/2023 Emby Link
CKAN sudo privileges management 8.6 05/30/2023 CKAN Link
RIOT-OS 6LoWPAN Frame memory corruption 9.6 05/30/2023 RIOT-OS Link
JFrog proxy HTTP Request undefined values 7.5 05/30/2023 JFrog Link
ASUSTOR Download Center access control 7.9 05/31/2023 ASUSTOR Link
JetBrains TeamCity authorization 8.0 05/31/2023 JetBrains Link
Vulnerability CVSSv3 Release Date Products References
Linux Kernel io_uring io_prep_async_work use after free (8.1) Feb, 01 2023 Linux Link
Linux Kernel ALSA PCM Package SNDRV_CTL_IOCTL_ELEM_WRITE use after free (7.5) Feb, 01 2023 Linux Link
QNAP QuTS hero/QTS sql injection (8.4) Feb, 01 2023 QNAP Link
Schneider Electric EcoStruxure Geo SCADA Expert 2019 Message improper authorization (8.0) Feb, 01 2023 Schneider Link
Schneider Electric EcoStruxure Control Expert authentication replay (8.1) Feb, 01 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller improper authentication (9.6) Feb, 01 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller weak password (8.4) Feb, 01 2023 Schneider Link
Motorola MR2600 input validation (7.5) Feb, 01 2023 Motorola Link
Schneider Electric IGSS Data Server IGSSdataServer.exe missing authentication (7.8) Feb, 01 2023 Schneider Link
F5 BIG-IP iControl SOAP format string (8.2) Feb, 01 2023 F5 Link
F5 BIG-IP Edge Client Installer uncontrolled search path (8.1) Feb, 01 2023 F5 Link
Atlassian Jira Service Management Server and Data Center improper authentication (8.3) Feb, 01 2023 Atlassian Link
Linux Kernel io_uring io_prep_async_work use after free (8.1) Feb, 02 2023 Linux Link
Linux Kernel ALSA PCM Package SNDRV_CTL_IOCTL_ELEM_WRITE use after free (7.5) Feb, 02 2023 Linux Link
QNAP QuTS hero/QTS sql injection (8.4) Feb, 02 2023 QNAP Link
Schneider Electric EcoStruxure Geo SCADA Expert 2019 Message improper authorization (8.0) Feb, 02 2023 Schneider Link
Schneider Electric EcoStruxure Control Expert authentication replay (8.1) Feb, 02 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller improper authentication (9.6) Feb, 02 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller weak password (8.4) Feb, 02 2023 Schneider Link
Motorola MR2600 input validation (7.5) Feb, 02 2023 Motorola Link
Schneider Electric IGSS Data Server IGSSdataServer.exe missing authentication (7.8) Feb, 02 2023 Schneider Link
F5 BIG-IP iControl SOAP format string (8.2) Feb, 02 2023 F5 Link
F5 BIG-IP Edge Client Installer uncontrolled search path (8.1) Feb, 02 2023 F5 Link
Atlassian Jira Service Management Server and Data Center improper authentication (8.3) Feb, 02 2023 Atlassian Link
Delta Electronics DIAScreen out-of-bounds write (8.4) Feb, 02 2023 Delta Link
Delta Electronics DIAScreen memory corruption (8.4) Feb, 02 2023 Delta Link
Delta Electronics DIAScreen stack-based overflow (8.4) Feb, 02 2023 Delta Link
Netgear WNR612v2 Firmware Image unrestricted upload (7.5) Feb, 02 2023 Netgear Link
Linux Kernel io_uring io_prep_async_work use after free (8.1) Feb, 03 2023 Linux Link
Linux Kernel ALSA PCM Package SNDRV_CTL_IOCTL_ELEM_WRITE use after free (7.5) Feb, 03 2023 Linux Link
QNAP QuTS hero/QTS sql injection (8.4) Feb, 03 2023 QNAP Link
Schneider Electric EcoStruxure Geo SCADA Expert 2019 Message improper authorization (8.0) Feb, 03 2023 Schneider Link
Schneider Electric EcoStruxure Control Expert authentication replay (8.1) Feb, 03 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller improper authentication (9.6) Feb, 03 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller weak password (8.4) Feb, 03 2023 Schneider Link
Motorola MR2600 input validation (7.5) Feb, 03 2023 Motorola Link
Schneider Electric IGSS Data Server IGSSdataServer.exe missing authentication (7.8) Feb, 03 2023 Schneider Link
F5 BIG-IP iControl SOAP format string (8.2) Feb, 03 2023 F5 Link
F5 BIG-IP Edge Client Installer uncontrolled search path (8.1) Feb, 03 2023 F5 Link
Atlassian Jira Service Management Server and Data Center improper authentication (8.3) Feb, 03 2023 Atlassian Link
Delta Electronics DIAScreen out-of-bounds write (8.4) Feb, 03 2023 Delta Link
Delta Electronics DIAScreen memory corruption (8.4) Feb, 03 2023 Delta Link
Delta Electronics DIAScreen stack-based overflow (8.4) Feb, 03 2023 Delta Link
Netgear WNR612v2 Firmware Image unrestricted upload (7.5) Feb, 03 2023 Netgear Link
TOTOLINK CA300-PoE hard-coded credentials (8.5) Feb, 03 2023 TOTOLINK Link
Dell EMC NetWorker nsrexecd code injection (7.8) Feb, 03 2023 Dell Link
froxlor code injection (7.9) Feb, 04 2023 froxlor Link
Intel oneAPI DPC++ Compiler access control (8.1) Feb, 06 2023 Intel Link
Intel oneAPI DPC++ Compiler uncontrolled search path (7.6) Feb, 06 2023 Intel Link
Linux Kernel io_uring io_prep_async_work use after free (8.1) Feb, 07 2023 Linux Link
Linux Kernel ALSA PCM Package SNDRV_CTL_IOCTL_ELEM_WRITE use after free (7.5) Feb, 07 2023 Linux Link
QNAP QuTS hero/QTS sql injection (8.4) Feb, 07 2023 QNAP Link
Schneider Electric EcoStruxure Geo SCADA Expert 2019 Message improper authorization (8.0) Feb, 07 2023 Schneider Link
Schneider Electric EcoStruxure Control Expert authentication replay (8.1) Feb, 07 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller improper authentication (9.6) Feb, 07 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller weak password (8.4) Feb, 07 2023 Schneider Link
Motorola MR2600 input validation (7.5) Feb, 07 2023 Motorola Link
Schneider Electric IGSS Data Server IGSSdataServer.exe missing authentication (7.8) Feb, 07 2023 Schneider Link
F5 BIG-IP iControl SOAP format string (8.2) Feb, 07 2023 F5 Link
F5 BIG-IP Edge Client Installer uncontrolled search path (8.1) Feb, 07 2023 F5 Link
Atlassian Jira Service Management Server and Data Center improper authentication (8.3) Feb, 07 2023 Atlassian Link
Delta Electronics DIAScreen out-of-bounds write (8.4) Feb, 07 2023 Delta Link
Delta Electronics DIAScreen memory corruption (8.4) Feb, 07 2023 Delta Link
Delta Electronics DIAScreen stack-based overflow (8.4) Feb, 07 2023 Delta Link
Netgear WNR612v2 Firmware Image unrestricted upload (7.5) Feb, 07 2023 Netgear Link
TOTOLINK CA300-PoE hard-coded credentials (8.5) Feb, 07 2023 TOTOLINK Link
Dell EMC NetWorker nsrexecd code injection (7.8) Feb, 07 2023 Dell Link
Dompdf SVG File interpretation conflict (8.5) Feb, 07 2023 Dompdf Link
Dell Command Intel vPro Out of Band improper authorization (7.7) Feb, 07 2023 Dell Link
SUSE Linux Enterprise Server/Manager Server rmt-server-regsharing Service default permission (8.1) Feb, 07 2023 SUSE Link
Netatalk dsi_writeinit heap-based overflow (9.4) Feb, 07 2023 Netatalk Link
Linux Kernel io_uring io_prep_async_work use after free (8.1) Feb, 08 2023 Linux Link
Linux Kernel ALSA PCM Package SNDRV_CTL_IOCTL_ELEM_WRITE use after free (7.5) Feb, 08 2023 Linux Link
QNAP QuTS hero/QTS sql injection (8.4) Feb, 08 2023 QNAP Link
Schneider Electric EcoStruxure Geo SCADA Expert 2019 Message improper authorization (8.0) Feb, 08 2023 Schneider Link
Schneider Electric EcoStruxure Control Expert authentication replay (8.1) Feb, 08 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller improper authentication (9.6) Feb, 08 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller weak password (8.4) Feb, 08 2023 Schneider Link
Motorola MR2600 input validation (7.5) Feb, 08 2023 Motorola Link
Schneider Electric IGSS Data Server IGSSdataServer.exe missing authentication (7.8) Feb, 08 2023 Schneider Link
F5 BIG-IP iControl SOAP format string (8.2) Feb, 08 2023 F5 Link
F5 BIG-IP Edge Client Installer uncontrolled search path (8.1) Feb, 08 2023 F5 Link
Atlassian Jira Service Management Server and Data Center improper authentication (8.3) Feb, 08 2023 Atlassian Link
Delta Electronics DIAScreen out-of-bounds write (8.4) Feb, 08 2023 Delta Link
Delta Electronics DIAScreen memory corruption (8.4) Feb, 08 2023 Delta Link
Delta Electronics DIAScreen stack-based overflow (8.4) Feb, 08 2023 Delta Link
Netgear WNR612v2 Firmware Image unrestricted upload (7.5) Feb, 08 2023 Netgear Link
TOTOLINK CA300-PoE hard-coded credentials (8.5) Feb, 08 2023 TOTOLINK Link
Dell EMC NetWorker nsrexecd code injection (7.8) Feb, 08 2023 Dell Link
Dompdf SVG File interpretation conflict (8.5) Feb, 08 2023 Dompdf Link
Dell Command Intel vPro Out of Band improper authorization (7.7) Feb, 08 2023 Dell Link
SUSE Linux Enterprise Server/Manager Server rmt-server-regsharing Service default permission (8.1) Feb, 08 2023 SUSE Link
Netatalk dsi_writeinit heap-based overflow (9.4) Feb, 08 2023 Netatalk Link
Caphyon Advanced Installer MSI Repair Local Privilege Escalation (7.6) Feb, 08 2023 Caphyon Link
B&R APROL System Configuration improper authentication (8.2) Feb, 08 2023 B&R Link
B&R APROL Tbase Server stack-based overflow (9.6) Feb, 08 2023 B&R Link
Linux Kernel io_uring io_prep_async_work use after free (8.1) Feb, 09 2023 Linux Link
Linux Kernel ALSA PCM Package SNDRV_CTL_IOCTL_ELEM_WRITE use after free (7.5) Feb, 09 2023 Linux Link
QNAP QuTS hero/QTS sql injection (8.4) Feb, 09 2023 QNAP Link
Schneider Electric EcoStruxure Geo SCADA Expert 2019 Message improper authorization (8.0) Feb, 09 2023 Schneider Link
Schneider Electric EcoStruxure Control Expert authentication replay (8.1) Feb, 09 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller improper authentication (9.6) Feb, 09 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller weak password (8.4) Feb, 09 2023 Schneider Link
Motorola MR2600 input validation (7.5) Feb, 09 2023 Motorola Link
Schneider Electric IGSS Data Server IGSSdataServer.exe missing authentication (7.8) Feb, 09 2023 Schneider Link
F5 BIG-IP iControl SOAP format string (8.2) Feb, 09 2023 F5 Link
F5 BIG-IP Edge Client Installer uncontrolled search path (8.1) Feb, 09 2023 F5 Link
Atlassian Jira Service Management Server and Data Center improper authentication (8.3) Feb, 09 2023 Atlassian Link
Delta Electronics DIAScreen out-of-bounds write (8.4) Feb, 09 2023 Delta Link
Delta Electronics DIAScreen memory corruption (8.4) Feb, 09 2023 Delta Link
Delta Electronics DIAScreen stack-based overflow (8.4) Feb, 09 2023 Delta Link
Netgear WNR612v2 Firmware Image unrestricted upload (7.5) Feb, 09 2023 Netgear Link
TOTOLINK CA300-PoE hard-coded credentials (8.5) Feb, 09 2023 TOTOLINK Link
Dell EMC NetWorker nsrexecd code injection (7.8) Feb, 09 2023 Dell Link
Dompdf SVG File interpretation conflict (8.5) Feb, 09 2023 Dompdf Link
Dell Command Intel vPro Out of Band improper authorization (7.7) Feb, 09 2023 Dell Link
SUSE Linux Enterprise Server/Manager Server rmt-server-regsharing Service default permission (8.1) Feb, 09 2023 SUSE Link
Netatalk dsi_writeinit heap-based overflow (9.4) Feb, 09 2023 Netatalk Link
Caphyon Advanced Installer MSI Repair Local Privilege Escalation (7.6) Feb, 09 2023 Caphyon Link
B&R APROL System Configuration improper authentication (8.2) Feb, 09 2023 B&R Link
B&R APROL Tbase Server stack-based overflow (9.6) Feb, 09 2023 B&R Link
Samsung Smart Phone data authenticity (7.5) Feb, 09 2023 Samsung Link
Linux Kernel io_uring io_prep_async_work use after free (8.1) Feb, 10 2023 Linux Link
Linux Kernel ALSA PCM Package SNDRV_CTL_IOCTL_ELEM_WRITE use after free (7.5) Feb, 10 2023 Linux Link
QNAP QuTS hero/QTS sql injection (8.4) Feb, 10 2023 QNAP Link
Schneider Electric EcoStruxure Geo SCADA Expert 2019 Message improper authorization (8.0) Feb, 10 2023 Schneider Link
Schneider Electric EcoStruxure Control Expert authentication replay (8.1) Feb, 10 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller improper authentication (9.6) Feb, 10 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller weak password (8.4) Feb, 10 2023 Schneider Link
Motorola MR2600 input validation (7.5) Feb, 10 2023 Motorola Link
Schneider Electric IGSS Data Server IGSSdataServer.exe missing authentication (7.8) Feb, 10 2023 Schneider Link
F5 BIG-IP iControl SOAP format string (8.2) Feb, 10 2023 F5 Link
F5 BIG-IP Edge Client Installer uncontrolled search path (8.1) Feb, 10 2023 F5 Link
Atlassian Jira Service Management Server and Data Center improper authentication (8.3) Feb, 10 2023 Atlassian Link
Delta Electronics DIAScreen out-of-bounds write (8.4) Feb, 10 2023 Delta Link
Delta Electronics DIAScreen memory corruption (8.4) Feb, 10 2023 Delta Link
Delta Electronics DIAScreen stack-based overflow (8.4) Feb, 10 2023 Delta Link
Netgear WNR612v2 Firmware Image unrestricted upload (7.5) Feb, 10 2023 Netgear Link
TOTOLINK CA300-PoE hard-coded credentials (8.5) Feb, 10 2023 TOTOLINK Link
Dell EMC NetWorker nsrexecd code injection (7.8) Feb, 10 2023 Dell Link
Dompdf SVG File interpretation conflict (8.5) Feb, 10 2023 Dompdf Link
Dell Command Intel vPro Out of Band improper authorization (7.7) Feb, 10 2023 Dell Link
SUSE Linux Enterprise Server/Manager Server rmt-server-regsharing Service default permission (8.1) Feb, 10 2023 SUSE Link
Netatalk dsi_writeinit heap-based overflow (9.4) Feb, 10 2023 Netatalk Link
Caphyon Advanced Installer MSI Repair Local Privilege Escalation (7.6) Feb, 10 2023 Caphyon Link
B&R APROL System Configuration improper authentication (8.2) Feb, 10 2023 B&R Link
B&R APROL Tbase Server stack-based overflow (9.6) Feb, 10 2023 B&R Link
Samsung Smart Phone data authenticity (7.5) Feb, 10 2023 Samsung Link
Linux Kernel Netfilter Subsystem nft_payload.c nft_payload_copy_vlan buffer overflow (7.6) Feb, 10 2023 Linux Link
Dell Alienware Command Center Named Pipe input validation (8.3) Feb, 10 2023 Dell Link
APSystems ECU-R Administration Interface command injection (9.5) Feb, 10 2023 APSystems Link
Vulnerability CVSSv3 Release Date Products References
perfSONAR file URL Privilege Escalation (7.5) Jan, 01 2023 perfSONAR Link
vooon ntpd_driver Source Code access control (7.9) Jan, 01 2023 vooon Link
perfSONAR file URL Privilege Escalation (7.5) Jan, 02 2023 perfSONAR Link
vooon ntpd_driver Source Code access control (7.9) Jan, 02 2023 vooon Link
perfSONAR file URL Privilege Escalation (7.5) Jan, 03 2023 perfSONAR Link
vooon ntpd_driver Source Code access control (7.9) Jan, 03 2023 vooon Link
Fortinet FortiTester os command injection (8.3) Jan, 03 2023 Fortinet Link
Fortinet FortiADC HTTP Request os command injection (8.6) Jan, 03 2023 Fortinet Link
Apache Dubbo Telnet deserialization (9.6) Jan, 03 2023 Apache Link
User Post Gallery Plugin command injection (8.4) Jan, 03 2023 User Link
User Post Gallery Plugin authorization (8.4) Jan, 03 2023 User Link
perfSONAR file URL Privilege Escalation (7.5) Jan, 04 2023 perfSONAR Link
vooon ntpd_driver Source Code access control (7.9) Jan, 04 2023 vooon Link
Fortinet FortiTester os command injection (8.3) Jan, 04 2023 Fortinet Link
Fortinet FortiADC HTTP Request os command injection (8.6) Jan, 04 2023 Fortinet Link
Apache Dubbo Telnet deserialization (9.6) Jan, 04 2023 Apache Link
User Post Gallery Plugin command injection (8.4) Jan, 04 2023 User Link
User Post Gallery Plugin authorization (8.4) Jan, 04 2023 User Link
KubePi hard-coded credentials (8.9) Jan, 04 2023 KubePi Link
Apache DolphinScheduler Script Alert Plugin Parameter input validation (8.0) Jan, 04 2023 Apache Link
perfSONAR file URL Privilege Escalation (7.5) Jan, 05 2023 perfSONAR Link
vooon ntpd_driver Source Code access control (7.9) Jan, 05 2023 vooon Link
Fortinet FortiTester os command injection (8.3) Jan, 05 2023 Fortinet Link
Fortinet FortiADC HTTP Request os command injection (8.6) Jan, 05 2023 Fortinet Link
Apache Dubbo Telnet deserialization (9.6) Jan, 05 2023 Apache Link
User Post Gallery Plugin command injection (8.4) Jan, 05 2023 User Link
User Post Gallery Plugin authorization (8.4) Jan, 05 2023 User Link
KubePi hard-coded credentials (8.9) Jan, 05 2023 KubePi Link
Apache DolphinScheduler Script Alert Plugin Parameter input validation (8.0) Jan, 05 2023 Apache Link
Hitachi Energy UNEM R16A hard-coded key (8.0) Jan, 05 2023 Hitachi Link
perfSONAR file URL Privilege Escalation (7.5) Jan, 06 2023 perfSONAR Link
vooon ntpd_driver Source Code access control (7.9) Jan, 06 2023 vooon Link
Fortinet FortiTester os command injection (8.3) Jan, 06 2023 Fortinet Link
Fortinet FortiADC HTTP Request os command injection (8.6) Jan, 06 2023 Fortinet Link
Apache Dubbo Telnet deserialization (9.6) Jan, 06 2023 Apache Link
User Post Gallery Plugin command injection (8.4) Jan, 06 2023 User Link
User Post Gallery Plugin authorization (8.4) Jan, 06 2023 User Link
KubePi hard-coded credentials (8.9) Jan, 06 2023 KubePi Link
Apache DolphinScheduler Script Alert Plugin Parameter input validation (8.0) Jan, 06 2023 Apache Link
Hitachi Energy UNEM R16A hard-coded key (8.0) Jan, 06 2023 Hitachi Link
ZTE MF286R command injection (7.6) Jan, 06 2023 ZTE Link
Nexxt Amp300 ARN02304U8 Web Service sysTools os command injection (7.5) Jan, 06 2023 Nexxt Link
NSA Ghidra launch.sh analyzeHeadless command injection (7.5) Jan, 06 2023 NSA Link
exec-local-bin theProcess command injection (8.0) Jan, 06 2023 exec-local-bin Link
Siren Investigate Script Variable access control (7.5) Jan, 06 2023 Siren Link
Centos Panel 7 HTTP Request index.php os command injection (7.9) Jan, 06 2023 Centos Link
perfSONAR file URL Privilege Escalation (7.5) Jan, 07 2023 perfSONAR Link
vooon ntpd_driver Source Code access control (7.9) Jan, 07 2023 vooon Link
Fortinet FortiTester os command injection (8.3) Jan, 07 2023 Fortinet Link
Fortinet FortiADC HTTP Request os command injection (8.6) Jan, 07 2023 Fortinet Link
Apache Dubbo Telnet deserialization (9.6) Jan, 07 2023 Apache Link
User Post Gallery Plugin command injection (8.4) Jan, 07 2023 User Link
User Post Gallery Plugin authorization (8.4) Jan, 07 2023 User Link
KubePi hard-coded credentials (8.9) Jan, 07 2023 KubePi Link
Apache DolphinScheduler Script Alert Plugin Parameter input validation (8.0) Jan, 07 2023 Apache Link
Hitachi Energy UNEM R16A hard-coded key (8.0) Jan, 07 2023 Hitachi Link
ZTE MF286R command injection (7.6) Jan, 07 2023 ZTE Link
Nexxt Amp300 ARN02304U8 Web Service sysTools os command injection (7.5) Jan, 07 2023 Nexxt Link
NSA Ghidra launch.sh analyzeHeadless command injection (7.5) Jan, 07 2023 NSA Link
exec-local-bin theProcess command injection (8.0) Jan, 07 2023 exec-local-bin Link
Siren Investigate Script Variable access control (7.5) Jan, 07 2023 Siren Link
Centos Panel 7 HTTP Request index.php os command injection (7.9) Jan, 07 2023 Centos Link
holdennb CollabCal calenderServer.cpp handleGet improper authentication (8.0) Jan, 07 2023 holdennb Link
Netis Netcore Router hard-coded password (8.0) Jan, 07 2023 Netis Link
Nokia ASIK AirScale System Module Firmware Verification unknown vulnerability (8.0) Jan, 07 2023 Nokia Link
perfSONAR file URL Privilege Escalation (7.5) Jan, 08 2023 perfSONAR Link
vooon ntpd_driver Source Code access control (7.9) Jan, 08 2023 vooon Link
Fortinet FortiTester os command injection (8.3) Jan, 08 2023 Fortinet Link
Fortinet FortiADC HTTP Request os command injection (8.6) Jan, 08 2023 Fortinet Link
Apache Dubbo Telnet deserialization (9.6) Jan, 08 2023 Apache Link
User Post Gallery Plugin command injection (8.4) Jan, 08 2023 User Link
User Post Gallery Plugin authorization (8.4) Jan, 08 2023 User Link
KubePi hard-coded credentials (8.9) Jan, 08 2023 KubePi Link
Apache DolphinScheduler Script Alert Plugin Parameter input validation (8.0) Jan, 08 2023 Apache Link
Hitachi Energy UNEM R16A hard-coded key (8.0) Jan, 08 2023 Hitachi Link
ZTE MF286R command injection (7.6) Jan, 08 2023 ZTE Link
Nexxt Amp300 ARN02304U8 Web Service sysTools os command injection (7.5) Jan, 08 2023 Nexxt Link
NSA Ghidra launch.sh analyzeHeadless command injection (7.5) Jan, 08 2023 NSA Link
exec-local-bin theProcess command injection (8.0) Jan, 08 2023 exec-local-bin Link
Siren Investigate Script Variable access control (7.5) Jan, 08 2023 Siren Link
Centos Panel 7 HTTP Request index.php os command injection (7.9) Jan, 08 2023 Centos Link
holdennb CollabCal calenderServer.cpp handleGet improper authentication (8.0) Jan, 08 2023 holdennb Link
Netis Netcore Router hard-coded password (8.0) Jan, 08 2023 Netis Link
Nokia ASIK AirScale System Module Firmware Verification unknown vulnerability (8.0) Jan, 08 2023 Nokia Link
web-cyradm auth.inc.php sql injection (8.0) Jan, 08 2023 web-cyradm Link
perfSONAR file URL Privilege Escalation (7.5) Jan, 09 2023 perfSONAR Link
vooon ntpd_driver Source Code access control (7.9) Jan, 09 2023 vooon Link
Fortinet FortiTester os command injection (8.3) Jan, 09 2023 Fortinet Link
Fortinet FortiADC HTTP Request os command injection (8.6) Jan, 09 2023 Fortinet Link
Apache Dubbo Telnet deserialization (9.6) Jan, 09 2023 Apache Link
User Post Gallery Plugin command injection (8.4) Jan, 09 2023 User Link
User Post Gallery Plugin authorization (8.4) Jan, 09 2023 User Link
KubePi hard-coded credentials (8.9) Jan, 09 2023 KubePi Link
Apache DolphinScheduler Script Alert Plugin Parameter input validation (8.0) Jan, 09 2023 Apache Link
Hitachi Energy UNEM R16A hard-coded key (8.0) Jan, 09 2023 Hitachi Link
ZTE MF286R command injection (7.6) Jan, 09 2023 ZTE Link
Nexxt Amp300 ARN02304U8 Web Service sysTools os command injection (7.5) Jan, 09 2023 Nexxt Link
NSA Ghidra launch.sh analyzeHeadless command injection (7.5) Jan, 09 2023 NSA Link
exec-local-bin theProcess command injection (8.0) Jan, 09 2023 exec-local-bin Link
Siren Investigate Script Variable access control (7.5) Jan, 09 2023 Siren Link
Centos Panel 7 HTTP Request index.php os command injection (7.9) Jan, 09 2023 Centos Link
holdennb CollabCal calenderServer.cpp handleGet improper authentication (8.0) Jan, 09 2023 holdennb Link
Netis Netcore Router hard-coded password (8.0) Jan, 09 2023 Netis Link
Nokia ASIK AirScale System Module Firmware Verification unknown vulnerability (8.0) Jan, 09 2023 Nokia Link
web-cyradm auth.inc.php sql injection (8.0) Jan, 09 2023 web-cyradm Link
Zoom Rooms uncontrolled search path (8.3) Jan, 09 2023 Zoom Link
Zoom Rooms Installer toctou (7.6) Jan, 09 2023 Zoom Link
Zoom Rooms toctou (8.3) Jan, 09 2023 Zoom Link
Zoom Rooms os command injection (8.3) Jan, 09 2023 Zoom Link
SourceCodester Dynamic Transaction Queuing System sql injection (7.9) Jan, 09 2023 SourceCodester Link
Weave GitOps file access (7.5) Jan, 09 2023 Weave Link
Qualcomm WSA8835 Connectivity stack-based overflow (7.9) Jan, 09 2023 Qualcomm Link
Qualcomm WSA8835 Boot stack-based overflow (7.9) Jan, 09 2023 Qualcomm Link
Qualcomm WSA8835 Boot stack-based overflow (7.9) Jan, 09 2023 Qualcomm Link
Qualcomm WSA8835 Automotive Android OS memory corruption (7.9) Jan, 09 2023 Qualcomm Link
Qualcomm WSA8835 WLAN Firmware buffer overflow (7.9) Jan, 09 2023 Qualcomm Link
Qualcomm QAM8295P Android Core array index (7.9) Jan, 09 2023 Qualcomm Link
Qualcomm QCA7500/QCA7520/QCA7550 Powerline Communication Firmware memory corruption (8.0) Jan, 09 2023 Qualcomm Link
Qualcomm APQ8064AU Automotive integer overflow to buffer overflow (8.2) Jan, 09 2023 Qualcomm Link
Qualcomm APQ8064AU Automotive memory corruption (7.5) Jan, 09 2023 Qualcomm Link
SourceCodester School Dormitory Management System Admin Login sql injection (7.9) Jan, 10 2023 SourceCodester Link
SourceCodester Blood Bank Management System login.php sql injection (7.9) Jan, 10 2023 SourceCodester Link
Heimdal ASN.1 Codec Privilege Escalation (7.9) Jan, 10 2023 Heimdal Link
Simmeth Lieferantenmanager MSSQL xp_cmdshell sql injection (7.5) Jan, 10 2023 Simmeth Link
Simmeth Lieferantenmanager API Call improper authentication (7.5) Jan, 10 2023 Simmeth Link
Nintendo NetworkBuffer UDP Packet buffer overflow (8.5) Jan, 10 2023 Nintendo Link
fastrack Reflex Firmware Update data authenticity (8.2) Jan, 10 2023 fastrack Link
ikus060 rdiffweb access control (8.4) Jan, 10 2023 ikus060 Link
D-Link DIR-825 xupnpd command injection (8.8) Jan, 10 2023 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Jan, 10 2023 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Jan, 10 2023 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Jan, 10 2023 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Jan, 10 2023 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Jan, 10 2023 D-Link Link
usememos unknown vulnerability (7.8) Jan, 10 2023 usememos Link
usememos access control (7.7) Jan, 10 2023 usememos Link
usememos access control (7.6) Jan, 10 2023 usememos Link
Elvexys StreamX HTML Component improper authentication (7.5) Jan, 10 2023 Elvexys Link
X.org X11 Server XkbCopyNames double free (8.8) Jan, 10 2023 X.org Link
Apache Kylin Diagnosis Controller command injection (7.9) Jan, 10 2023 Apache Link
Netgear RAX40 buffer overflow (7.8) Jan, 10 2023 Netgear Link
usememos cross site scripting (7.6) Jan, 10 2023 usememos Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 10 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 10 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 10 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 10 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 10 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 10 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 10 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 10 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 10 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 10 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 10 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 10 2023 Tenda Link
Tenda Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 10 2023 Tenda Link
TRENDnet TEW755AP icp_setbg_img stack-based overflow (7.6) Jan, 10 2023 TRENDnet Link
TRENDnet TEW755AP set_sta_enrollee_pin_24g stack-based overflow (7.6) Jan, 10 2023 TRENDnet Link
TRENDnet TEW755AP icp_setlogo_img stack-based overflow (7.6) Jan, 10 2023 TRENDnet Link
TRENDnet TEW755AP set_sta_enrollee_pin_5g command injection (7.6) Jan, 10 2023 TRENDnet Link
TRENDnet TEW755AP setup_wizard_mydlink command injection (7.6) Jan, 10 2023 TRENDnet Link
TRENDnet TEW755AP icp_delete_img stack-based overflow (7.6) Jan, 10 2023 TRENDnet Link
TRENDnet TEW755AP auto_up_fw stack-based overflow (7.6) Jan, 10 2023 TRENDnet Link
TRENDnet TEW755AP do_sta_enrollee_wifi stack-based overflow (7.6) Jan, 10 2023 TRENDnet Link
TRENDnet TEW755AP set_sta_enrollee_pin_5g stack-based overflow (7.6) Jan, 10 2023 TRENDnet Link
TRENDnet TEW755AP reject stack-based overflow (7.6) Jan, 10 2023 TRENDnet Link
TRENDnet TEW755AP tools_netstat stack-based overflow (7.6) Jan, 10 2023 TRENDnet Link
SourceCodester School Dormitory Management System Admin Login sql injection (7.9) Jan, 11 2023 SourceCodester Link
SourceCodester Blood Bank Management System login.php sql injection (7.9) Jan, 11 2023 SourceCodester Link
Heimdal ASN.1 Codec Privilege Escalation (7.9) Jan, 11 2023 Heimdal Link
Simmeth Lieferantenmanager MSSQL xp_cmdshell sql injection (7.5) Jan, 11 2023 Simmeth Link
Simmeth Lieferantenmanager API Call improper authentication (7.5) Jan, 11 2023 Simmeth Link
Nintendo NetworkBuffer UDP Packet buffer overflow (8.5) Jan, 11 2023 Nintendo Link
fastrack Reflex Firmware Update data authenticity (8.2) Jan, 11 2023 fastrack Link
ikus060 rdiffweb access control (8.4) Jan, 11 2023 ikus060 Link
D-Link DIR-825 xupnpd command injection (8.8) Jan, 11 2023 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Jan, 11 2023 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Jan, 11 2023 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Jan, 11 2023 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Jan, 11 2023 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Jan, 11 2023 D-Link Link
usememos unknown vulnerability (7.8) Jan, 11 2023 usememos Link
usememos access control (7.7) Jan, 11 2023 usememos Link
usememos access control (7.6) Jan, 11 2023 usememos Link
Elvexys StreamX HTML Component improper authentication (7.5) Jan, 11 2023 Elvexys Link
X.org X11 Server XkbCopyNames double free (8.8) Jan, 11 2023 X.org Link
Apache Kylin Diagnosis Controller command injection (7.9) Jan, 11 2023 Apache Link
Netgear RAX40 buffer overflow (7.8) Jan, 11 2023 Netgear Link
usememos cross site scripting (7.6) Jan, 11 2023 usememos Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 11 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 11 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 11 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 11 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 11 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 11 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 11 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 11 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 11 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 11 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 11 2023 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 11 2023 Tenda Link
Tenda Tenda A15 WifiBasicSet stack-based overflow (7.6) Jan, 11 2023 Tenda Link
TRENDnet TEW755AP icp_setbg_img stack-based overflow (7.6) Jan, 11 2023 TRENDnet Link
TRENDnet TEW755AP set_sta_enrollee_pin_24g stack-based overflow (7.6) Jan, 11 2023 TRENDnet Link
TRENDnet TEW755AP icp_setlogo_img stack-based overflow (7.6) Jan, 11 2023 TRENDnet Link
TRENDnet TEW755AP set_sta_enrollee_pin_5g command injection (7.6) Jan, 11 2023 TRENDnet Link
TRENDnet TEW755AP setup_wizard_mydlink command injection (7.6) Jan, 11 2023 TRENDnet Link
TRENDnet TEW755AP icp_delete_img stack-based overflow (7.6) Jan, 11 2023 TRENDnet Link
TRENDnet TEW755AP auto_up_fw stack-based overflow (7.6) Jan, 11 2023 TRENDnet Link
TRENDnet TEW755AP do_sta_enrollee_wifi stack-based overflow (7.6) Jan, 11 2023 TRENDnet Link
TRENDnet TEW755AP set_sta_enrollee_pin_5g stack-based overflow (7.6) Jan, 11 2023 TRENDnet Link
TRENDnet TEW755AP reject stack-based overflow (7.6) Jan, 11 2023 TRENDnet Link
TRENDnet TEW755AP tools_netstat stack-based overflow (7.6) Jan, 11 2023 TRENDnet Link
Cisco BroadWorks Application Delivery Platform denial of service (7.9) Jan, 11 2023 Cisco Link
Cisco Industrial Network Director key management (8.6) Jan, 11 2023 Cisco Link
Cisco Small Business RV082 Web-based Management Interface improper authentication (8.8) Jan, 11 2023 Cisco Link
SourceCodester Lead Management System ajax_represent.php sql injection (7.5) Jan, 11 2023 SourceCodester Link
SourceCodester Lead Management System removeLead.php sql injection (7.5) Jan, 11 2023 SourceCodester Link
SourceCodester Lead Management System removeProduct.php sql injection (7.5) Jan, 11 2023 SourceCodester Link
SourceCodester Lead Management System changePassword.php sql injection (7.5) Jan, 11 2023 SourceCodester Link
Linux Kernel get_uts use after free (8.1) Jan, 11 2023 Linux Link
SourceCodester Lead Management System removeBrand.php sql injection (7.5) Jan, 11 2023 SourceCodester Link
SourceCodester Lead Management System removeOrder.php sql injection (7.5) Jan, 11 2023 SourceCodester Link
Sewio RTLS Studio out-of-bounds write (8.8) Jan, 12 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 12 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 12 2023 Sewio Link
Sewio RTLS Studio hard-coded password (9.7) Jan, 12 2023 Sewio Link
Linux Kernel MCTP use after free (8.1) Jan, 12 2023 Linux Link
Qt QML QtScript Reflect API heap-based overflow (7.9) Jan, 12 2023 Qt Link
Qt QML QtScript Reflect API integer overflow (7.9) Jan, 12 2023 Qt Link
Alotcer AR7088H-A input validation (7.7) Jan, 12 2023 Alotcer Link
EXFO BV-10 Performance Endpoint Unit hard-coded credentials (9.8) Jan, 12 2023 EXFO Link
EXFO BV-10 Performance Endpoint Unit improper authentication (9.8) Jan, 12 2023 EXFO Link
Sewio RTLS Studio out-of-bounds write (8.8) Jan, 13 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 13 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 13 2023 Sewio Link
Sewio RTLS Studio hard-coded password (9.7) Jan, 13 2023 Sewio Link
Linux Kernel MCTP use after free (8.1) Jan, 13 2023 Linux Link
Qt QML QtScript Reflect API heap-based overflow (7.9) Jan, 13 2023 Qt Link
Qt QML QtScript Reflect API integer overflow (7.9) Jan, 13 2023 Qt Link
Alotcer AR7088H-A input validation (7.7) Jan, 13 2023 Alotcer Link
EXFO BV-10 Performance Endpoint Unit hard-coded credentials (9.8) Jan, 13 2023 EXFO Link
EXFO BV-10 Performance Endpoint Unit improper authentication (9.8) Jan, 13 2023 EXFO Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 13 2023 Dynamic Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 13 2023 Dynamic Link
NVIDIA Omniverse Kit Create/Audio2Face/Isaac Sim/View/Code/Machinima injection (8.3) Jan, 13 2023 NVIDIA Link
SAUTER Controls Nova 200/Nova 220/BACnetstac missing authentication (9.5) Jan, 13 2023 SAUTER Link
Sewio RTLS Studio out-of-bounds write (8.8) Jan, 14 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 14 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 14 2023 Sewio Link
Sewio RTLS Studio hard-coded password (9.7) Jan, 14 2023 Sewio Link
Linux Kernel MCTP use after free (8.1) Jan, 14 2023 Linux Link
Qt QML QtScript Reflect API heap-based overflow (7.9) Jan, 14 2023 Qt Link
Qt QML QtScript Reflect API integer overflow (7.9) Jan, 14 2023 Qt Link
Alotcer AR7088H-A input validation (7.7) Jan, 14 2023 Alotcer Link
EXFO BV-10 Performance Endpoint Unit hard-coded credentials (9.8) Jan, 14 2023 EXFO Link
EXFO BV-10 Performance Endpoint Unit improper authentication (9.8) Jan, 14 2023 EXFO Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 14 2023 Dynamic Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 14 2023 Dynamic Link
NVIDIA Omniverse Kit Create/Audio2Face/Isaac Sim/View/Code/Machinima injection (8.3) Jan, 14 2023 NVIDIA Link
SAUTER Controls Nova 200/Nova 220/BACnetstac missing authentication (9.5) Jan, 14 2023 SAUTER Link
pyload code injection (8.9) Jan, 14 2023 pyload Link
Izanami JWT Authentication Token authentication bypass (8.4) Jan, 14 2023 Izanami Link
Netdata health_alarm_execute command injection (7.8) Jan, 14 2023 Netdata Link
Easy Digital Downloads Plugin sql injection (8.4) Jan, 14 2023 Easy Link
Paid Memberships Pro Plugin sql injection (8.4) Jan, 14 2023 Paid Link
webbrowser-rs URL access control (7.9) Jan, 14 2023 webbrowser-rs Link
Sewio RTLS Studio out-of-bounds write (8.8) Jan, 15 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 15 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 15 2023 Sewio Link
Sewio RTLS Studio hard-coded password (9.7) Jan, 15 2023 Sewio Link
Linux Kernel MCTP use after free (8.1) Jan, 15 2023 Linux Link
Qt QML QtScript Reflect API heap-based overflow (7.9) Jan, 15 2023 Qt Link
Qt QML QtScript Reflect API integer overflow (7.9) Jan, 15 2023 Qt Link
Alotcer AR7088H-A input validation (7.7) Jan, 15 2023 Alotcer Link
EXFO BV-10 Performance Endpoint Unit hard-coded credentials (9.8) Jan, 15 2023 EXFO Link
EXFO BV-10 Performance Endpoint Unit improper authentication (9.8) Jan, 15 2023 EXFO Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 15 2023 Dynamic Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 15 2023 Dynamic Link
NVIDIA Omniverse Kit Create/Audio2Face/Isaac Sim/View/Code/Machinima injection (8.3) Jan, 15 2023 NVIDIA Link
SAUTER Controls Nova 200/Nova 220/BACnetstac missing authentication (9.5) Jan, 15 2023 SAUTER Link
pyload code injection (8.9) Jan, 15 2023 pyload Link
Izanami JWT Authentication Token authentication bypass (8.4) Jan, 15 2023 Izanami Link
Netdata health_alarm_execute command injection (7.8) Jan, 15 2023 Netdata Link
Easy Digital Downloads Plugin sql injection (8.4) Jan, 15 2023 Easy Link
Paid Memberships Pro Plugin sql injection (8.4) Jan, 15 2023 Paid Link
webbrowser-rs URL access control (7.9) Jan, 15 2023 webbrowser-rs Link
radare2 unknown vulnerability (7.5) Jan, 15 2023 radare2 Link
Sewio RTLS Studio out-of-bounds write (8.8) Jan, 16 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 16 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 16 2023 Sewio Link
Sewio RTLS Studio hard-coded password (9.7) Jan, 16 2023 Sewio Link
Linux Kernel MCTP use after free (8.1) Jan, 16 2023 Linux Link
Qt QML QtScript Reflect API heap-based overflow (7.9) Jan, 16 2023 Qt Link
Qt QML QtScript Reflect API integer overflow (7.9) Jan, 16 2023 Qt Link
Alotcer AR7088H-A input validation (7.7) Jan, 16 2023 Alotcer Link
EXFO BV-10 Performance Endpoint Unit hard-coded credentials (9.8) Jan, 16 2023 EXFO Link
EXFO BV-10 Performance Endpoint Unit improper authentication (9.8) Jan, 16 2023 EXFO Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 16 2023 Dynamic Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 16 2023 Dynamic Link
NVIDIA Omniverse Kit Create/Audio2Face/Isaac Sim/View/Code/Machinima injection (8.3) Jan, 16 2023 NVIDIA Link
SAUTER Controls Nova 200/Nova 220/BACnetstac missing authentication (9.5) Jan, 16 2023 SAUTER Link
pyload code injection (8.9) Jan, 16 2023 pyload Link
Izanami JWT Authentication Token authentication bypass (8.4) Jan, 16 2023 Izanami Link
Netdata health_alarm_execute command injection (7.8) Jan, 16 2023 Netdata Link
Easy Digital Downloads Plugin sql injection (8.4) Jan, 16 2023 Easy Link
Paid Memberships Pro Plugin sql injection (8.4) Jan, 16 2023 Paid Link
webbrowser-rs URL access control (7.9) Jan, 16 2023 webbrowser-rs Link
radare2 unknown vulnerability (7.5) Jan, 16 2023 radare2 Link
saemorris TheRadSystem _login.php redirect sql injection (8.0) Jan, 16 2023 saemorris Link
Fontsy Plugin sql injection (8.4) Jan, 16 2023 Fontsy Link
SourceCodester Online Tours & Travels Management System page-login.php sql injection (7.9) Jan, 16 2023 SourceCodester Link
HIMA HOPCS/X-OPC A+E/X-OPC DA/X-OTS exe unquoted search path (8.3) Jan, 16 2023 HIMA Link
Sewio RTLS Studio out-of-bounds write (8.8) Jan, 17 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 17 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 17 2023 Sewio Link
Sewio RTLS Studio hard-coded password (9.7) Jan, 17 2023 Sewio Link
Linux Kernel MCTP use after free (8.1) Jan, 17 2023 Linux Link
Qt QML QtScript Reflect API heap-based overflow (7.9) Jan, 17 2023 Qt Link
Qt QML QtScript Reflect API integer overflow (7.9) Jan, 17 2023 Qt Link
Alotcer AR7088H-A input validation (7.7) Jan, 17 2023 Alotcer Link
EXFO BV-10 Performance Endpoint Unit hard-coded credentials (9.8) Jan, 17 2023 EXFO Link
EXFO BV-10 Performance Endpoint Unit improper authentication (9.8) Jan, 17 2023 EXFO Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 17 2023 Dynamic Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 17 2023 Dynamic Link
NVIDIA Omniverse Kit Create/Audio2Face/Isaac Sim/View/Code/Machinima injection (8.3) Jan, 17 2023 NVIDIA Link
SAUTER Controls Nova 200/Nova 220/BACnetstac missing authentication (9.5) Jan, 17 2023 SAUTER Link
pyload code injection (8.9) Jan, 17 2023 pyload Link
Izanami JWT Authentication Token authentication bypass (8.4) Jan, 17 2023 Izanami Link
Netdata health_alarm_execute command injection (7.8) Jan, 17 2023 Netdata Link
Easy Digital Downloads Plugin sql injection (8.4) Jan, 17 2023 Easy Link
Paid Memberships Pro Plugin sql injection (8.4) Jan, 17 2023 Paid Link
webbrowser-rs URL access control (7.9) Jan, 17 2023 webbrowser-rs Link
radare2 unknown vulnerability (7.5) Jan, 17 2023 radare2 Link
saemorris TheRadSystem _login.php redirect sql injection (8.0) Jan, 17 2023 saemorris Link
Fontsy Plugin sql injection (8.4) Jan, 17 2023 Fontsy Link
SourceCodester Online Tours & Travels Management System page-login.php sql injection (7.9) Jan, 17 2023 SourceCodester Link
HIMA HOPCS/X-OPC A+E/X-OPC DA/X-OTS exe unquoted search path (8.3) Jan, 17 2023 HIMA Link
GE Digital Proficy Historian authentication bypass (8.4) Jan, 17 2023 GE Link
Mahoroba MAHO-PBX NetDevancer os command injection (8.4) Jan, 17 2023 Mahoroba Link
TP-Link SG105PE improper authentication (8.4) Jan, 17 2023 TP-Link Link
Omron CP1L-EL20DR-D FINS Protocol denial of service (7.5) Jan, 17 2023 Omron Link
ARM Mali GPU Kernel Driver use after free (8.8) Jan, 17 2023 ARM Link
SourceCodester Online Food Ordering System manage_user.php sql injection (7.9) Jan, 17 2023 SourceCodester Link
Sewio RTLS Studio out-of-bounds write (8.8) Jan, 18 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 18 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 18 2023 Sewio Link
Sewio RTLS Studio hard-coded password (9.7) Jan, 18 2023 Sewio Link
Linux Kernel MCTP use after free (8.1) Jan, 18 2023 Linux Link
Qt QML QtScript Reflect API heap-based overflow (7.9) Jan, 18 2023 Qt Link
Qt QML QtScript Reflect API integer overflow (7.9) Jan, 18 2023 Qt Link
Alotcer AR7088H-A input validation (7.7) Jan, 18 2023 Alotcer Link
EXFO BV-10 Performance Endpoint Unit hard-coded credentials (9.8) Jan, 18 2023 EXFO Link
EXFO BV-10 Performance Endpoint Unit improper authentication (9.8) Jan, 18 2023 EXFO Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 18 2023 Dynamic Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 18 2023 Dynamic Link
NVIDIA Omniverse Kit Create/Audio2Face/Isaac Sim/View/Code/Machinima injection (8.3) Jan, 18 2023 NVIDIA Link
SAUTER Controls Nova 200/Nova 220/BACnetstac missing authentication (9.5) Jan, 18 2023 SAUTER Link
pyload code injection (8.9) Jan, 18 2023 pyload Link
Izanami JWT Authentication Token authentication bypass (8.4) Jan, 18 2023 Izanami Link
Netdata health_alarm_execute command injection (7.8) Jan, 18 2023 Netdata Link
Easy Digital Downloads Plugin sql injection (8.4) Jan, 18 2023 Easy Link
Paid Memberships Pro Plugin sql injection (8.4) Jan, 18 2023 Paid Link
webbrowser-rs URL access control (7.9) Jan, 18 2023 webbrowser-rs Link
radare2 unknown vulnerability (7.5) Jan, 18 2023 radare2 Link
saemorris TheRadSystem _login.php redirect sql injection (8.0) Jan, 18 2023 saemorris Link
Fontsy Plugin sql injection (8.4) Jan, 18 2023 Fontsy Link
SourceCodester Online Tours & Travels Management System page-login.php sql injection (7.9) Jan, 18 2023 SourceCodester Link
HIMA HOPCS/X-OPC A+E/X-OPC DA/X-OTS exe unquoted search path (8.3) Jan, 18 2023 HIMA Link
GE Digital Proficy Historian authentication bypass (8.4) Jan, 18 2023 GE Link
Mahoroba MAHO-PBX NetDevancer os command injection (8.4) Jan, 18 2023 Mahoroba Link
TP-Link SG105PE improper authentication (8.4) Jan, 18 2023 TP-Link Link
Omron CP1L-EL20DR-D FINS Protocol denial of service (7.5) Jan, 18 2023 Omron Link
ARM Mali GPU Kernel Driver use after free (8.8) Jan, 18 2023 ARM Link
SourceCodester Online Food Ordering System manage_user.php sql injection (7.9) Jan, 18 2023 SourceCodester Link
Sudo Environment Variable protection mechanism (7.9) Jan, 18 2023 Sudo Link
Dell Command Configure permission (8.8) Jan, 18 2023 Dell Link
Sewio RTLS Studio out-of-bounds write (8.8) Jan, 19 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 19 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 19 2023 Sewio Link
Sewio RTLS Studio hard-coded password (9.7) Jan, 19 2023 Sewio Link
Linux Kernel MCTP use after free (8.1) Jan, 19 2023 Linux Link
Qt QML QtScript Reflect API heap-based overflow (7.9) Jan, 19 2023 Qt Link
Qt QML QtScript Reflect API integer overflow (7.9) Jan, 19 2023 Qt Link
Alotcer AR7088H-A input validation (7.7) Jan, 19 2023 Alotcer Link
EXFO BV-10 Performance Endpoint Unit hard-coded credentials (9.8) Jan, 19 2023 EXFO Link
EXFO BV-10 Performance Endpoint Unit improper authentication (9.8) Jan, 19 2023 EXFO Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 19 2023 Dynamic Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 19 2023 Dynamic Link
NVIDIA Omniverse Kit Create/Audio2Face/Isaac Sim/View/Code/Machinima injection (8.3) Jan, 19 2023 NVIDIA Link
SAUTER Controls Nova 200/Nova 220/BACnetstac missing authentication (9.5) Jan, 19 2023 SAUTER Link
pyload code injection (8.9) Jan, 19 2023 pyload Link
Izanami JWT Authentication Token authentication bypass (8.4) Jan, 19 2023 Izanami Link
Netdata health_alarm_execute command injection (7.8) Jan, 19 2023 Netdata Link
Easy Digital Downloads Plugin sql injection (8.4) Jan, 19 2023 Easy Link
Paid Memberships Pro Plugin sql injection (8.4) Jan, 19 2023 Paid Link
webbrowser-rs URL access control (7.9) Jan, 19 2023 webbrowser-rs Link
radare2 unknown vulnerability (7.5) Jan, 19 2023 radare2 Link
saemorris TheRadSystem _login.php redirect sql injection (8.0) Jan, 19 2023 saemorris Link
Fontsy Plugin sql injection (8.4) Jan, 19 2023 Fontsy Link
SourceCodester Online Tours & Travels Management System page-login.php sql injection (7.9) Jan, 19 2023 SourceCodester Link
HIMA HOPCS/X-OPC A+E/X-OPC DA/X-OTS exe unquoted search path (8.3) Jan, 19 2023 HIMA Link
GE Digital Proficy Historian authentication bypass (8.4) Jan, 19 2023 GE Link
Mahoroba MAHO-PBX NetDevancer os command injection (8.4) Jan, 19 2023 Mahoroba Link
TP-Link SG105PE improper authentication (8.4) Jan, 19 2023 TP-Link Link
Omron CP1L-EL20DR-D FINS Protocol denial of service (7.5) Jan, 19 2023 Omron Link
ARM Mali GPU Kernel Driver use after free (8.8) Jan, 19 2023 ARM Link
SourceCodester Online Food Ordering System manage_user.php sql injection (7.9) Jan, 19 2023 SourceCodester Link
Sudo Environment Variable protection mechanism (7.9) Jan, 19 2023 Sudo Link
Dell Command Configure permission (8.8) Jan, 19 2023 Dell Link
zephyrproject-rtos Zephyr Bluetooth Controller le_read_buffer_size_complete unknown vulnerability (8.0) Jan, 19 2023 zephyrproject-rtos Link
Sewio RTLS Studio out-of-bounds write (8.8) Jan, 20 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 20 2023 Sewio Link
Sewio RTLS Studio os command injection (7.7) Jan, 20 2023 Sewio Link
Sewio RTLS Studio hard-coded password (9.7) Jan, 20 2023 Sewio Link
Linux Kernel MCTP use after free (8.1) Jan, 20 2023 Linux Link
Qt QML QtScript Reflect API heap-based overflow (7.9) Jan, 20 2023 Qt Link
Qt QML QtScript Reflect API integer overflow (7.9) Jan, 20 2023 Qt Link
Alotcer AR7088H-A input validation (7.7) Jan, 20 2023 Alotcer Link
EXFO BV-10 Performance Endpoint Unit hard-coded credentials (9.8) Jan, 20 2023 EXFO Link
EXFO BV-10 Performance Endpoint Unit improper authentication (9.8) Jan, 20 2023 EXFO Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 20 2023 Dynamic Link
Dynamic Transaction Queuing System sql injection (7.5) Jan, 20 2023 Dynamic Link
NVIDIA Omniverse Kit Create/Audio2Face/Isaac Sim/View/Code/Machinima injection (8.3) Jan, 20 2023 NVIDIA Link
SAUTER Controls Nova 200/Nova 220/BACnetstac missing authentication (9.5) Jan, 20 2023 SAUTER Link
pyload code injection (8.9) Jan, 20 2023 pyload Link
Izanami JWT Authentication Token authentication bypass (8.4) Jan, 20 2023 Izanami Link
Netdata health_alarm_execute command injection (7.8) Jan, 20 2023 Netdata Link
Easy Digital Downloads Plugin sql injection (8.4) Jan, 20 2023 Easy Link
Paid Memberships Pro Plugin sql injection (8.4) Jan, 20 2023 Paid Link
webbrowser-rs URL access control (7.9) Jan, 20 2023 webbrowser-rs Link
radare2 unknown vulnerability (7.5) Jan, 20 2023 radare2 Link
saemorris TheRadSystem _login.php redirect sql injection (8.0) Jan, 20 2023 saemorris Link
Fontsy Plugin sql injection (8.4) Jan, 20 2023 Fontsy Link
SourceCodester Online Tours & Travels Management System page-login.php sql injection (7.9) Jan, 20 2023 SourceCodester Link
HIMA HOPCS/X-OPC A+E/X-OPC DA/X-OTS exe unquoted search path (8.3) Jan, 20 2023 HIMA Link
GE Digital Proficy Historian authentication bypass (8.4) Jan, 20 2023 GE Link
Mahoroba MAHO-PBX NetDevancer os command injection (8.4) Jan, 20 2023 Mahoroba Link
TP-Link SG105PE improper authentication (8.4) Jan, 20 2023 TP-Link Link
Omron CP1L-EL20DR-D FINS Protocol denial of service (7.5) Jan, 20 2023 Omron Link
ARM Mali GPU Kernel Driver use after free (8.8) Jan, 20 2023 ARM Link
SourceCodester Online Food Ordering System manage_user.php sql injection (7.9) Jan, 20 2023 SourceCodester Link
Sudo Environment Variable protection mechanism (7.9) Jan, 20 2023 Sudo Link
Dell Command Configure permission (8.8) Jan, 20 2023 Dell Link
zephyrproject-rtos Zephyr Bluetooth Controller le_read_buffer_size_complete unknown vulnerability (8.0) Jan, 20 2023 zephyrproject-rtos Link
Sofia-SIP Length stun_parse_attribute buffer overflow (8.4) Jan, 20 2023 Sofia-SIP Link
Common Desktop Environment libXm ParseColors stack-based overflow (8.0) Jan, 21 2023 Common Link
Common Desktop Environment libXm ParseColors stack-based overflow (8.0) Jan, 22 2023 Common Link
Common Desktop Environment libXm ParseColors stack-based overflow (8.0) Jan, 23 2023 Common Link
Common Desktop Environment libXm ParseColors stack-based overflow (8.0) Jan, 24 2023 Common Link
Apple macOS PackageKit state issue (7.5) Jan, 24 2023 Apple Link
Apple macOS Kernel memory corruption (7.5) Jan, 24 2023 Apple Link
Apple macOS Intel Graphics Driver memory corruption (7.5) Jan, 24 2023 Apple Link
Apple watchOS Kernel memory corruption (7.5) Jan, 24 2023 Apple Link
Common Desktop Environment libXm ParseColors stack-based overflow (8.0) Jan, 25 2023 Common Link
Apple macOS PackageKit state issue (7.5) Jan, 25 2023 Apple Link
Apple macOS Kernel memory corruption (7.5) Jan, 25 2023 Apple Link
Apple macOS Intel Graphics Driver memory corruption (7.5) Jan, 25 2023 Apple Link
Apple watchOS Kernel memory corruption (7.5) Jan, 25 2023 Apple Link
LPAR2RRD command injection (8.4) Jan, 25 2023 LPAR2RRD Link
Common Desktop Environment libXm ParseColors stack-based overflow (8.0) Jan, 26 2023 Common Link
Apple macOS PackageKit state issue (7.5) Jan, 26 2023 Apple Link
Apple macOS Kernel memory corruption (7.5) Jan, 26 2023 Apple Link
Apple macOS Intel Graphics Driver memory corruption (7.5) Jan, 26 2023 Apple Link
Apple watchOS Kernel memory corruption (7.5) Jan, 26 2023 Apple Link
LPAR2RRD command injection (8.4) Jan, 26 2023 LPAR2RRD Link
Common Desktop Environment libXm ParseColors stack-based overflow (8.0) Jan, 27 2023 Common Link
Apple macOS PackageKit state issue (7.5) Jan, 27 2023 Apple Link
Apple macOS Kernel memory corruption (7.5) Jan, 27 2023 Apple Link
Apple macOS Intel Graphics Driver memory corruption (7.5) Jan, 27 2023 Apple Link
Apple watchOS Kernel memory corruption (7.5) Jan, 27 2023 Apple Link
LPAR2RRD command injection (8.4) Jan, 27 2023 LPAR2RRD Link
D-Link DIR-878 SubnetMask command injection (7.7) Jan, 27 2023 D-Link Link
D-Link DIR-878 IPAddress command injection (7.7) Jan, 27 2023 D-Link Link
Razer Synapse bin access control (8.4) Jan, 27 2023 Razer Link
Common Desktop Environment libXm ParseColors stack-based overflow (8.0) Jan, 28 2023 Common Link
Apple macOS PackageKit state issue (7.5) Jan, 28 2023 Apple Link
Apple macOS Kernel memory corruption (7.5) Jan, 28 2023 Apple Link
Apple macOS Intel Graphics Driver memory corruption (7.5) Jan, 28 2023 Apple Link
Apple watchOS Kernel memory corruption (7.5) Jan, 28 2023 Apple Link
LPAR2RRD command injection (8.4) Jan, 28 2023 LPAR2RRD Link
D-Link DIR-878 SubnetMask command injection (7.7) Jan, 28 2023 D-Link Link
D-Link DIR-878 IPAddress command injection (7.7) Jan, 28 2023 D-Link Link
Razer Synapse bin access control (8.4) Jan, 28 2023 Razer Link
Apple tvOS Kernel memory corruption (7.5) Jan, 28 2023 Apple Link
ContentStudio Plugin cstu_get_metadata authorization (8.4) Jan, 28 2023 ContentStudio Link
ContentStudio Plugin authorization (8.0) Jan, 28 2023 ContentStudio Link
Common Desktop Environment libXm ParseColors stack-based overflow (8.0) Jan, 29 2023 Common Link
Apple macOS PackageKit state issue (7.5) Jan, 29 2023 Apple Link
Apple macOS Kernel memory corruption (7.5) Jan, 29 2023 Apple Link
Apple macOS Intel Graphics Driver memory corruption (7.5) Jan, 29 2023 Apple Link
Apple watchOS Kernel memory corruption (7.5) Jan, 29 2023 Apple Link
LPAR2RRD command injection (8.4) Jan, 29 2023 LPAR2RRD Link
D-Link DIR-878 SubnetMask command injection (7.7) Jan, 29 2023 D-Link Link
D-Link DIR-878 IPAddress command injection (7.7) Jan, 29 2023 D-Link Link
Razer Synapse bin access control (8.4) Jan, 29 2023 Razer Link
Apple tvOS Kernel memory corruption (7.5) Jan, 29 2023 Apple Link
ContentStudio Plugin cstu_get_metadata authorization (8.4) Jan, 29 2023 ContentStudio Link
ContentStudio Plugin authorization (8.0) Jan, 29 2023 ContentStudio Link
Linux Kernel io_uring io_prep_async_work use after free (8.1) Jan, 30 2023 Linux Link
Linux Kernel ALSA PCM Package SNDRV_CTL_IOCTL_ELEM_WRITE use after free (7.5) Jan, 30 2023 Linux Link
QNAP QuTS hero/QTS sql injection (8.4) Jan, 30 2023 QNAP Link
Linux Kernel io_uring io_prep_async_work use after free (8.1) Jan, 31 2023 Linux Link
Linux Kernel ALSA PCM Package SNDRV_CTL_IOCTL_ELEM_WRITE use after free (7.5) Jan, 31 2023 Linux Link
QNAP QuTS hero/QTS sql injection (8.4) Jan, 31 2023 QNAP Link
Schneider Electric EcoStruxure Geo SCADA Expert 2019 Message improper authorization (8.0) Jan, 31 2023 Schneider Link
Schneider Electric EcoStruxure Control Expert authentication replay (8.1) Jan, 31 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller improper authentication (9.6) Jan, 31 2023 Schneider Link
Schneider Electric C-Bus Network Automation Controller weak password (8.4) Jan, 31 2023 Schneider Link
Motorola MR2600 input validation (7.5) Jan, 31 2023 Motorola Link
Schneider Electric IGSS Data Server IGSSdataServer.exe missing authentication (7.8) Jan, 31 2023 Schneider Link
Vulnerability CVSSv3 Release Date Products References
oretnom23 Purchase Order Management System unrestricted upload (9.3) Dec, 01 2022 oretnom23 Link
AVS Audio Converter buffer overflow (7.9) Dec, 01 2022 AVS Link
crewjam saml Assertion Element improper authentication (8.0) Dec, 01 2022 crewjam Link
Online Tours & Travels Management System file.php unrestricted upload (9.3) Dec, 01 2022 Online Link
Poultry Farm Management System category.php sql injection (7.5) Dec, 01 2022 Poultry Link
Acer Notebook HQSwSmiDxe Driver default permission (7.7) Dec, 01 2022 Acer Link
School Management System sql injection (7.7) Dec, 01 2022 School Link
GPAC unquantize.c Q_IsTypeOn use after free (7.5) Dec, 01 2022 GPAC Link
ghost Newsletter access control (7.8) Dec, 01 2022 ghost Link
Squirrly SEO Plugin unrestricted upload (7.9) Dec, 01 2022 Squirrly Link
Russound XSourcePlayer 777D scriptRunner.cgi Privilege Escalation (7.7) Dec, 01 2022 Russound Link
PuneethReddyHC online-shopping-system-advanced product.php sql injection (7.5) Dec, 01 2022 PuneethReddyHC Link
Microsoft Edge GPU heap-based overflow (7.8) Dec, 01 2022 Microsoft Link
Tribal Systems Zenario CMS Privilege Escalation (8.0) Dec, 01 2022 Tribal Link
oretnom23 Simple Inventory Management System login.php sql injection (7.5) Dec, 01 2022 oretnom23 Link
SourceCodester Book Store Management System index.php access control (7.9) Dec, 01 2022 SourceCodester Link
owncast sql injection (8.2) Dec, 01 2022 owncast Link
Book Store Management System Admin Panel hard-coded credentials (7.9) Dec, 01 2022 Book Link
Sanitization Management System Admin Panel hard-coded credentials (7.9) Dec, 01 2022 Sanitization Link
OP-TEE Trusted OS cleanup_shm_refs array index (7.8) Dec, 01 2022 OP-TEE Link
Symantec Endpoint Protection privileges management (7.6) Dec, 01 2022 Symantec Link
asith-eranga ISIC Tour Booking controller.php sql injection (7.9) Dec, 01 2022 asith-eranga Link
Asus NAS-M25 Cookie os command injection (9.8) Dec, 01 2022 Asus Link
Rocket TRUfusion Enterprise JSP File unrestricted upload (7.9) Dec, 01 2022 Rocket Link
Festo VTEM-S1 insufficient technical documentation (9.6) Dec, 01 2022 Festo Link
SnakeYAML Constructor deserialization (8.1) Dec, 01 2022 SnakeYAML Link
ff4j Privilege Escalation (8.0) Dec, 01 2022 ff4j Link
discourse-bbcode CSS injection (8.2) Dec, 01 2022 discourse-bbcode Link
Xiongmai MBD6304T/NBD6808T-PL JSON File deserialization (8.3) Dec, 01 2022 Xiongmai Link
oretnom23 Purchase Order Management System unrestricted upload (9.3) Dec, 02 2022 oretnom23 Link
AVS Audio Converter buffer overflow (7.9) Dec, 02 2022 AVS Link
crewjam saml Assertion Element improper authentication (8.0) Dec, 02 2022 crewjam Link
Online Tours & Travels Management System file.php unrestricted upload (9.3) Dec, 02 2022 Online Link
Poultry Farm Management System category.php sql injection (7.5) Dec, 02 2022 Poultry Link
Acer Notebook HQSwSmiDxe Driver default permission (7.7) Dec, 02 2022 Acer Link
School Management System sql injection (7.7) Dec, 02 2022 School Link
GPAC unquantize.c Q_IsTypeOn use after free (7.5) Dec, 02 2022 GPAC Link
ghost Newsletter access control (7.8) Dec, 02 2022 ghost Link
Squirrly SEO Plugin unrestricted upload (7.9) Dec, 02 2022 Squirrly Link
Russound XSourcePlayer 777D scriptRunner.cgi Privilege Escalation (7.7) Dec, 02 2022 Russound Link
PuneethReddyHC online-shopping-system-advanced product.php sql injection (7.5) Dec, 02 2022 PuneethReddyHC Link
Microsoft Edge GPU heap-based overflow (7.8) Dec, 02 2022 Microsoft Link
Tribal Systems Zenario CMS Privilege Escalation (8.0) Dec, 02 2022 Tribal Link
oretnom23 Simple Inventory Management System login.php sql injection (7.5) Dec, 02 2022 oretnom23 Link
SourceCodester Book Store Management System index.php access control (7.9) Dec, 02 2022 SourceCodester Link
owncast sql injection (8.2) Dec, 02 2022 owncast Link
Book Store Management System Admin Panel hard-coded credentials (7.9) Dec, 02 2022 Book Link
Sanitization Management System Admin Panel hard-coded credentials (7.9) Dec, 02 2022 Sanitization Link
OP-TEE Trusted OS cleanup_shm_refs array index (7.8) Dec, 02 2022 OP-TEE Link
Symantec Endpoint Protection privileges management (7.6) Dec, 02 2022 Symantec Link
asith-eranga ISIC Tour Booking controller.php sql injection (7.9) Dec, 02 2022 asith-eranga Link
Asus NAS-M25 Cookie os command injection (9.8) Dec, 02 2022 Asus Link
Rocket TRUfusion Enterprise JSP File unrestricted upload (7.9) Dec, 02 2022 Rocket Link
Festo VTEM-S1 insufficient technical documentation (9.6) Dec, 02 2022 Festo Link
SnakeYAML Constructor deserialization (8.1) Dec, 02 2022 SnakeYAML Link
ff4j Privilege Escalation (8.0) Dec, 02 2022 ff4j Link
discourse-bbcode CSS injection (8.2) Dec, 02 2022 discourse-bbcode Link
Xiongmai MBD6304T/NBD6808T-PL JSON File deserialization (8.3) Dec, 02 2022 Xiongmai Link
vim heap-based overflow (7.9) Dec, 02 2022 vim Link
Rukovoditel sql injection (7.5) Dec, 02 2022 Rukovoditel Link
Horner Automation RCC 972 hard-coded key (9.6) Dec, 02 2022 Horner Link
Capsule authorization (8.6) Dec, 02 2022 Capsule Link
webTareas phasesets.php sql injection (7.6) Dec, 02 2022 webTareas Link
webTareas deleteapprovalstages.php sql injection (7.6) Dec, 02 2022 webTareas Link
Tenda i21 setUplinkInfo buffer overflow (7.5) Dec, 02 2022 Tenda Link
Tenda i21 setSysPwd stack-based overflow (7.5) Dec, 02 2022 Tenda Link
Tenda i21 setSnmpInfo buffer overflow (7.5) Dec, 02 2022 Tenda Link
Tenda i21 AddSysLogRule buffer overflow (7.5) Dec, 02 2022 Tenda Link
oretnom23 Purchase Order Management System unrestricted upload (9.3) Dec, 03 2022 oretnom23 Link
AVS Audio Converter buffer overflow (7.9) Dec, 03 2022 AVS Link
crewjam saml Assertion Element improper authentication (8.0) Dec, 03 2022 crewjam Link
Online Tours & Travels Management System file.php unrestricted upload (9.3) Dec, 03 2022 Online Link
Poultry Farm Management System category.php sql injection (7.5) Dec, 03 2022 Poultry Link
Acer Notebook HQSwSmiDxe Driver default permission (7.7) Dec, 03 2022 Acer Link
School Management System sql injection (7.7) Dec, 03 2022 School Link
GPAC unquantize.c Q_IsTypeOn use after free (7.5) Dec, 03 2022 GPAC Link
ghost Newsletter access control (7.8) Dec, 03 2022 ghost Link
Squirrly SEO Plugin unrestricted upload (7.9) Dec, 03 2022 Squirrly Link
Russound XSourcePlayer 777D scriptRunner.cgi Privilege Escalation (7.7) Dec, 03 2022 Russound Link
PuneethReddyHC online-shopping-system-advanced product.php sql injection (7.5) Dec, 03 2022 PuneethReddyHC Link
Microsoft Edge GPU heap-based overflow (7.8) Dec, 03 2022 Microsoft Link
Tribal Systems Zenario CMS Privilege Escalation (8.0) Dec, 03 2022 Tribal Link
oretnom23 Simple Inventory Management System login.php sql injection (7.5) Dec, 03 2022 oretnom23 Link
SourceCodester Book Store Management System index.php access control (7.9) Dec, 03 2022 SourceCodester Link
owncast sql injection (8.2) Dec, 03 2022 owncast Link
Book Store Management System Admin Panel hard-coded credentials (7.9) Dec, 03 2022 Book Link
Sanitization Management System Admin Panel hard-coded credentials (7.9) Dec, 03 2022 Sanitization Link
OP-TEE Trusted OS cleanup_shm_refs array index (7.8) Dec, 03 2022 OP-TEE Link
Symantec Endpoint Protection privileges management (7.6) Dec, 03 2022 Symantec Link
asith-eranga ISIC Tour Booking controller.php sql injection (7.9) Dec, 03 2022 asith-eranga Link
Asus NAS-M25 Cookie os command injection (9.8) Dec, 03 2022 Asus Link
Rocket TRUfusion Enterprise JSP File unrestricted upload (7.9) Dec, 03 2022 Rocket Link
Festo VTEM-S1 insufficient technical documentation (9.6) Dec, 03 2022 Festo Link
SnakeYAML Constructor deserialization (8.1) Dec, 03 2022 SnakeYAML Link
ff4j Privilege Escalation (8.0) Dec, 03 2022 ff4j Link
discourse-bbcode CSS injection (8.2) Dec, 03 2022 discourse-bbcode Link
Xiongmai MBD6304T/NBD6808T-PL JSON File deserialization (8.3) Dec, 03 2022 Xiongmai Link
vim heap-based overflow (7.9) Dec, 03 2022 vim Link
Rukovoditel sql injection (7.5) Dec, 03 2022 Rukovoditel Link
Horner Automation RCC 972 hard-coded key (9.6) Dec, 03 2022 Horner Link
Capsule authorization (8.6) Dec, 03 2022 Capsule Link
webTareas phasesets.php sql injection (7.6) Dec, 03 2022 webTareas Link
webTareas deleteapprovalstages.php sql injection (7.6) Dec, 03 2022 webTareas Link
Tenda i21 setUplinkInfo buffer overflow (7.5) Dec, 03 2022 Tenda Link
Tenda i21 setSysPwd stack-based overflow (7.5) Dec, 03 2022 Tenda Link
Tenda i21 setSnmpInfo buffer overflow (7.5) Dec, 03 2022 Tenda Link
Tenda i21 AddSysLogRule buffer overflow (7.5) Dec, 03 2022 Tenda Link
SourceCodester Human Resource Management System Content-Type employee.php unrestricted upload (7.9) Dec, 03 2022 SourceCodester Link
oretnom23 Purchase Order Management System unrestricted upload (9.3) Dec, 04 2022 oretnom23 Link
AVS Audio Converter buffer overflow (7.9) Dec, 04 2022 AVS Link
crewjam saml Assertion Element improper authentication (8.0) Dec, 04 2022 crewjam Link
Online Tours & Travels Management System file.php unrestricted upload (9.3) Dec, 04 2022 Online Link
Poultry Farm Management System category.php sql injection (7.5) Dec, 04 2022 Poultry Link
Acer Notebook HQSwSmiDxe Driver default permission (7.7) Dec, 04 2022 Acer Link
School Management System sql injection (7.7) Dec, 04 2022 School Link
GPAC unquantize.c Q_IsTypeOn use after free (7.5) Dec, 04 2022 GPAC Link
ghost Newsletter access control (7.8) Dec, 04 2022 ghost Link
Squirrly SEO Plugin unrestricted upload (7.9) Dec, 04 2022 Squirrly Link
Russound XSourcePlayer 777D scriptRunner.cgi Privilege Escalation (7.7) Dec, 04 2022 Russound Link
PuneethReddyHC online-shopping-system-advanced product.php sql injection (7.5) Dec, 04 2022 PuneethReddyHC Link
Microsoft Edge GPU heap-based overflow (7.8) Dec, 04 2022 Microsoft Link
Tribal Systems Zenario CMS Privilege Escalation (8.0) Dec, 04 2022 Tribal Link
oretnom23 Simple Inventory Management System login.php sql injection (7.5) Dec, 04 2022 oretnom23 Link
SourceCodester Book Store Management System index.php access control (7.9) Dec, 04 2022 SourceCodester Link
owncast sql injection (8.2) Dec, 04 2022 owncast Link
Book Store Management System Admin Panel hard-coded credentials (7.9) Dec, 04 2022 Book Link
Sanitization Management System Admin Panel hard-coded credentials (7.9) Dec, 04 2022 Sanitization Link
OP-TEE Trusted OS cleanup_shm_refs array index (7.8) Dec, 04 2022 OP-TEE Link
Symantec Endpoint Protection privileges management (7.6) Dec, 04 2022 Symantec Link
asith-eranga ISIC Tour Booking controller.php sql injection (7.9) Dec, 04 2022 asith-eranga Link
Asus NAS-M25 Cookie os command injection (9.8) Dec, 04 2022 Asus Link
Rocket TRUfusion Enterprise JSP File unrestricted upload (7.9) Dec, 04 2022 Rocket Link
Festo VTEM-S1 insufficient technical documentation (9.6) Dec, 04 2022 Festo Link
SnakeYAML Constructor deserialization (8.1) Dec, 04 2022 SnakeYAML Link
ff4j Privilege Escalation (8.0) Dec, 04 2022 ff4j Link
discourse-bbcode CSS injection (8.2) Dec, 04 2022 discourse-bbcode Link
Xiongmai MBD6304T/NBD6808T-PL JSON File deserialization (8.3) Dec, 04 2022 Xiongmai Link
vim heap-based overflow (7.9) Dec, 04 2022 vim Link
Rukovoditel sql injection (7.5) Dec, 04 2022 Rukovoditel Link
Horner Automation RCC 972 hard-coded key (9.6) Dec, 04 2022 Horner Link
Capsule authorization (8.6) Dec, 04 2022 Capsule Link
webTareas phasesets.php sql injection (7.6) Dec, 04 2022 webTareas Link
webTareas deleteapprovalstages.php sql injection (7.6) Dec, 04 2022 webTareas Link
Tenda i21 setUplinkInfo buffer overflow (7.5) Dec, 04 2022 Tenda Link
Tenda i21 setSysPwd stack-based overflow (7.5) Dec, 04 2022 Tenda Link
Tenda i21 setSnmpInfo buffer overflow (7.5) Dec, 04 2022 Tenda Link
Tenda i21 AddSysLogRule buffer overflow (7.5) Dec, 04 2022 Tenda Link
SourceCodester Human Resource Management System Content-Type employee.php unrestricted upload (7.9) Dec, 04 2022 SourceCodester Link
Veritas NetBackup Flex Scale sandbox (8.8) Dec, 04 2022 Veritas Link
Veritas NetBackup Flex Scale/Access Appliance Management Portal Remote Code Execution (9.8) Dec, 04 2022 Veritas Link
Veritas NetBackup Flex Scale/Access Appliance Management Portal Privilege Escalation (8.8) Dec, 04 2022 Veritas Link
Veritas NetBackup Flex Scale privileges management (8.8) Dec, 04 2022 Veritas Link
Veritas NetBackup Flex Scale/Access Appliance Installation hard-coded password (8.8) Dec, 04 2022 Veritas Link
oretnom23 Purchase Order Management System unrestricted upload (9.3) Dec, 05 2022 oretnom23 Link
AVS Audio Converter buffer overflow (7.9) Dec, 05 2022 AVS Link
crewjam saml Assertion Element improper authentication (8.0) Dec, 05 2022 crewjam Link
Online Tours & Travels Management System file.php unrestricted upload (9.3) Dec, 05 2022 Online Link
Poultry Farm Management System category.php sql injection (7.5) Dec, 05 2022 Poultry Link
Acer Notebook HQSwSmiDxe Driver default permission (7.7) Dec, 05 2022 Acer Link
School Management System sql injection (7.7) Dec, 05 2022 School Link
GPAC unquantize.c Q_IsTypeOn use after free (7.5) Dec, 05 2022 GPAC Link
ghost Newsletter access control (7.8) Dec, 05 2022 ghost Link
Squirrly SEO Plugin unrestricted upload (7.9) Dec, 05 2022 Squirrly Link
Russound XSourcePlayer 777D scriptRunner.cgi Privilege Escalation (7.7) Dec, 05 2022 Russound Link
PuneethReddyHC online-shopping-system-advanced product.php sql injection (7.5) Dec, 05 2022 PuneethReddyHC Link
Microsoft Edge GPU heap-based overflow (7.8) Dec, 05 2022 Microsoft Link
Tribal Systems Zenario CMS Privilege Escalation (8.0) Dec, 05 2022 Tribal Link
oretnom23 Simple Inventory Management System login.php sql injection (7.5) Dec, 05 2022 oretnom23 Link
SourceCodester Book Store Management System index.php access control (7.9) Dec, 05 2022 SourceCodester Link
owncast sql injection (8.2) Dec, 05 2022 owncast Link
Book Store Management System Admin Panel hard-coded credentials (7.9) Dec, 05 2022 Book Link
Sanitization Management System Admin Panel hard-coded credentials (7.9) Dec, 05 2022 Sanitization Link
OP-TEE Trusted OS cleanup_shm_refs array index (7.8) Dec, 05 2022 OP-TEE Link
Symantec Endpoint Protection privileges management (7.6) Dec, 05 2022 Symantec Link
asith-eranga ISIC Tour Booking controller.php sql injection (7.9) Dec, 05 2022 asith-eranga Link
Asus NAS-M25 Cookie os command injection (9.8) Dec, 05 2022 Asus Link
Rocket TRUfusion Enterprise JSP File unrestricted upload (7.9) Dec, 05 2022 Rocket Link
Festo VTEM-S1 insufficient technical documentation (9.6) Dec, 05 2022 Festo Link
SnakeYAML Constructor deserialization (8.1) Dec, 05 2022 SnakeYAML Link
ff4j Privilege Escalation (8.0) Dec, 05 2022 ff4j Link
discourse-bbcode CSS injection (8.2) Dec, 05 2022 discourse-bbcode Link
Xiongmai MBD6304T/NBD6808T-PL JSON File deserialization (8.3) Dec, 05 2022 Xiongmai Link
vim heap-based overflow (7.9) Dec, 05 2022 vim Link
Rukovoditel sql injection (7.5) Dec, 05 2022 Rukovoditel Link
Horner Automation RCC 972 hard-coded key (9.6) Dec, 05 2022 Horner Link
Capsule authorization (8.6) Dec, 05 2022 Capsule Link
webTareas phasesets.php sql injection (7.6) Dec, 05 2022 webTareas Link
webTareas deleteapprovalstages.php sql injection (7.6) Dec, 05 2022 webTareas Link
Tenda i21 setUplinkInfo buffer overflow (7.5) Dec, 05 2022 Tenda Link
Tenda i21 setSysPwd stack-based overflow (7.5) Dec, 05 2022 Tenda Link
Tenda i21 setSnmpInfo buffer overflow (7.5) Dec, 05 2022 Tenda Link
Tenda i21 AddSysLogRule buffer overflow (7.5) Dec, 05 2022 Tenda Link
SourceCodester Human Resource Management System Content-Type employee.php unrestricted upload (7.9) Dec, 05 2022 SourceCodester Link
Veritas NetBackup Flex Scale sandbox (8.8) Dec, 05 2022 Veritas Link
Veritas NetBackup Flex Scale/Access Appliance Management Portal Remote Code Execution (9.8) Dec, 05 2022 Veritas Link
Veritas NetBackup Flex Scale/Access Appliance Management Portal Privilege Escalation (8.8) Dec, 05 2022 Veritas Link
Veritas NetBackup Flex Scale privileges management (8.8) Dec, 05 2022 Veritas Link
Veritas NetBackup Flex Scale/Access Appliance Installation hard-coded password (8.8) Dec, 05 2022 Veritas Link
Nadesiko3 Nako3edit os command injection (8.0) Dec, 05 2022 Nadesiko3 Link
Nadesiko3 os command injection (8.0) Dec, 05 2022 Nadesiko3 Link
Proxmox Virtual Environment/Mail Gateway HTTP Request server-side request forgery (7.9) Dec, 05 2022 Proxmox Link
oretnom23 Purchase Order Management System unrestricted upload (9.3) Dec, 06 2022 oretnom23 Link
AVS Audio Converter buffer overflow (7.9) Dec, 06 2022 AVS Link
crewjam saml Assertion Element improper authentication (8.0) Dec, 06 2022 crewjam Link
Online Tours & Travels Management System file.php unrestricted upload (9.3) Dec, 06 2022 Online Link
Poultry Farm Management System category.php sql injection (7.5) Dec, 06 2022 Poultry Link
Acer Notebook HQSwSmiDxe Driver default permission (7.7) Dec, 06 2022 Acer Link
School Management System sql injection (7.7) Dec, 06 2022 School Link
GPAC unquantize.c Q_IsTypeOn use after free (7.5) Dec, 06 2022 GPAC Link
ghost Newsletter access control (7.8) Dec, 06 2022 ghost Link
Squirrly SEO Plugin unrestricted upload (7.9) Dec, 06 2022 Squirrly Link
Russound XSourcePlayer 777D scriptRunner.cgi Privilege Escalation (7.7) Dec, 06 2022 Russound Link
PuneethReddyHC online-shopping-system-advanced product.php sql injection (7.5) Dec, 06 2022 PuneethReddyHC Link
Microsoft Edge GPU heap-based overflow (7.8) Dec, 06 2022 Microsoft Link
Tribal Systems Zenario CMS Privilege Escalation (8.0) Dec, 06 2022 Tribal Link
oretnom23 Simple Inventory Management System login.php sql injection (7.5) Dec, 06 2022 oretnom23 Link
SourceCodester Book Store Management System index.php access control (7.9) Dec, 06 2022 SourceCodester Link
owncast sql injection (8.2) Dec, 06 2022 owncast Link
Book Store Management System Admin Panel hard-coded credentials (7.9) Dec, 06 2022 Book Link
Sanitization Management System Admin Panel hard-coded credentials (7.9) Dec, 06 2022 Sanitization Link
OP-TEE Trusted OS cleanup_shm_refs array index (7.8) Dec, 06 2022 OP-TEE Link
Symantec Endpoint Protection privileges management (7.6) Dec, 06 2022 Symantec Link
asith-eranga ISIC Tour Booking controller.php sql injection (7.9) Dec, 06 2022 asith-eranga Link
Asus NAS-M25 Cookie os command injection (9.8) Dec, 06 2022 Asus Link
Rocket TRUfusion Enterprise JSP File unrestricted upload (7.9) Dec, 06 2022 Rocket Link
Festo VTEM-S1 insufficient technical documentation (9.6) Dec, 06 2022 Festo Link
SnakeYAML Constructor deserialization (8.1) Dec, 06 2022 SnakeYAML Link
ff4j Privilege Escalation (8.0) Dec, 06 2022 ff4j Link
discourse-bbcode CSS injection (8.2) Dec, 06 2022 discourse-bbcode Link
Xiongmai MBD6304T/NBD6808T-PL JSON File deserialization (8.3) Dec, 06 2022 Xiongmai Link
vim heap-based overflow (7.9) Dec, 06 2022 vim Link
Rukovoditel sql injection (7.5) Dec, 06 2022 Rukovoditel Link
Horner Automation RCC 972 hard-coded key (9.6) Dec, 06 2022 Horner Link
Capsule authorization (8.6) Dec, 06 2022 Capsule Link
webTareas phasesets.php sql injection (7.6) Dec, 06 2022 webTareas Link
webTareas deleteapprovalstages.php sql injection (7.6) Dec, 06 2022 webTareas Link
Tenda i21 setUplinkInfo buffer overflow (7.5) Dec, 06 2022 Tenda Link
Tenda i21 setSysPwd stack-based overflow (7.5) Dec, 06 2022 Tenda Link
Tenda i21 setSnmpInfo buffer overflow (7.5) Dec, 06 2022 Tenda Link
Tenda i21 AddSysLogRule buffer overflow (7.5) Dec, 06 2022 Tenda Link
SourceCodester Human Resource Management System Content-Type employee.php unrestricted upload (7.9) Dec, 06 2022 SourceCodester Link
Veritas NetBackup Flex Scale sandbox (8.8) Dec, 06 2022 Veritas Link
Veritas NetBackup Flex Scale/Access Appliance Management Portal Remote Code Execution (9.8) Dec, 06 2022 Veritas Link
Veritas NetBackup Flex Scale/Access Appliance Management Portal Privilege Escalation (8.8) Dec, 06 2022 Veritas Link
Veritas NetBackup Flex Scale privileges management (8.8) Dec, 06 2022 Veritas Link
Veritas NetBackup Flex Scale/Access Appliance Installation hard-coded password (8.8) Dec, 06 2022 Veritas Link
Nadesiko3 Nako3edit os command injection (8.0) Dec, 06 2022 Nadesiko3 Link
Nadesiko3 os command injection (8.0) Dec, 06 2022 Nadesiko3 Link
Proxmox Virtual Environment/Mail Gateway HTTP Request server-side request forgery (7.9) Dec, 06 2022 Proxmox Link
Seagate Central NAS STCG4000300 Web-Management Application mv_backend_helper.php mv_backend_launch os command injection (7.5) Dec, 06 2022 Seagate Link
Google Android integer overflow (8.4) Dec, 06 2022 Google Link
Google Android Remote Code Execution (8.6) Dec, 06 2022 Google Link
Google Android array index (8.4) Dec, 06 2022 Google Link
hope-boot deserialization (8.0) Dec, 07 2022 hope-boot Link
PaddlePaddle paddle.audio.functional.get_window code injection (9.0) Dec, 07 2022 PaddlePaddle Link
Itd-inc bingo!CMS improper authentication (8.5) Dec, 07 2022 Itd-inc Link
Buffalo WHR-HP-G300N improper authentication (7.5) Dec, 07 2022 Buffalo Link
Markdown Preview Enhanced GFM Export os command injection (7.6) Dec, 07 2022 Markdown Link
Markdown Preview Enhanced PDF File Import command injection (7.6) Dec, 07 2022 Markdown Link
ARMember premium Plugin privileges management (8.6) Dec, 07 2022 ARMember Link
hope-boot deserialization (8.0) Dec, 08 2022 hope-boot Link
PaddlePaddle paddle.audio.functional.get_window code injection (9.0) Dec, 08 2022 PaddlePaddle Link
Itd-inc bingo!CMS improper authentication (8.5) Dec, 08 2022 Itd-inc Link
Buffalo WHR-HP-G300N improper authentication (7.5) Dec, 08 2022 Buffalo Link
Markdown Preview Enhanced GFM Export os command injection (7.6) Dec, 08 2022 Markdown Link
Markdown Preview Enhanced PDF File Import command injection (7.6) Dec, 08 2022 Markdown Link
ARMember premium Plugin privileges management (8.6) Dec, 08 2022 ARMember Link
hope-boot deserialization (8.0) Dec, 09 2022 hope-boot Link
PaddlePaddle paddle.audio.functional.get_window code injection (9.0) Dec, 09 2022 PaddlePaddle Link
Itd-inc bingo!CMS improper authentication (8.5) Dec, 09 2022 Itd-inc Link
Buffalo WHR-HP-G300N improper authentication (7.5) Dec, 09 2022 Buffalo Link
Markdown Preview Enhanced GFM Export os command injection (7.6) Dec, 09 2022 Markdown Link
Markdown Preview Enhanced PDF File Import command injection (7.6) Dec, 09 2022 Markdown Link
ARMember premium Plugin privileges management (8.6) Dec, 09 2022 ARMember Link
Brocade Fabric OS os command injection (8.5) Dec, 09 2022 Brocade Link
hope-boot deserialization (8.0) Dec, 10 2022 hope-boot Link
PaddlePaddle paddle.audio.functional.get_window code injection (9.0) Dec, 10 2022 PaddlePaddle Link
Itd-inc bingo!CMS improper authentication (8.5) Dec, 10 2022 Itd-inc Link
Buffalo WHR-HP-G300N improper authentication (7.5) Dec, 10 2022 Buffalo Link
Markdown Preview Enhanced GFM Export os command injection (7.6) Dec, 10 2022 Markdown Link
Markdown Preview Enhanced PDF File Import command injection (7.6) Dec, 10 2022 Markdown Link
ARMember premium Plugin privileges management (8.6) Dec, 10 2022 ARMember Link
Brocade Fabric OS os command injection (8.5) Dec, 10 2022 Brocade Link
snap-confine must_mkdir_and_open_with_perms race condition (7.5) Dec, 10 2022 snap-confine Link
CHICKEN EGG File egg-compile.scm os command injection (7.5) Dec, 10 2022 CHICKEN Link
Zephyr IF Statement smp_check_keys state issue (8.6) Dec, 10 2022 Zephyr Link
Netgear RAX30 AX2400 IPv6 access control (8.5) Dec, 10 2022 Netgear Link
VMware ESXi/Cloud Foundation ESXi Network Socket memory corruption (7.5) Dec, 10 2022 VMware Link
cube-js sql-runner sql injection (8.1) Dec, 10 2022 cube-js Link
Marc Lehmann rxvt-unicode Perl Background Extension injection (8.0) Dec, 10 2022 Marc Link
hope-boot deserialization (8.0) Dec, 11 2022 hope-boot Link
PaddlePaddle paddle.audio.functional.get_window code injection (9.0) Dec, 11 2022 PaddlePaddle Link
Itd-inc bingo!CMS improper authentication (8.5) Dec, 11 2022 Itd-inc Link
Buffalo WHR-HP-G300N improper authentication (7.5) Dec, 11 2022 Buffalo Link
Markdown Preview Enhanced GFM Export os command injection (7.6) Dec, 11 2022 Markdown Link
Markdown Preview Enhanced PDF File Import command injection (7.6) Dec, 11 2022 Markdown Link
ARMember premium Plugin privileges management (8.6) Dec, 11 2022 ARMember Link
Brocade Fabric OS os command injection (8.5) Dec, 11 2022 Brocade Link
snap-confine must_mkdir_and_open_with_perms race condition (7.5) Dec, 11 2022 snap-confine Link
CHICKEN EGG File egg-compile.scm os command injection (7.5) Dec, 11 2022 CHICKEN Link
Zephyr IF Statement smp_check_keys state issue (8.6) Dec, 11 2022 Zephyr Link
Netgear RAX30 AX2400 IPv6 access control (8.5) Dec, 11 2022 Netgear Link
VMware ESXi/Cloud Foundation ESXi Network Socket memory corruption (7.5) Dec, 11 2022 VMware Link
cube-js sql-runner sql injection (8.1) Dec, 11 2022 cube-js Link
Marc Lehmann rxvt-unicode Perl Background Extension injection (8.0) Dec, 11 2022 Marc Link
Rockwell Automation CompactLogix Network Message denial of service (7.8) Dec, 11 2022 Rockwell Link
hope-boot deserialization (8.0) Dec, 12 2022 hope-boot Link
PaddlePaddle paddle.audio.functional.get_window code injection (9.0) Dec, 12 2022 PaddlePaddle Link
Itd-inc bingo!CMS improper authentication (8.5) Dec, 12 2022 Itd-inc Link
Buffalo WHR-HP-G300N improper authentication (7.5) Dec, 12 2022 Buffalo Link
Markdown Preview Enhanced GFM Export os command injection (7.6) Dec, 12 2022 Markdown Link
Markdown Preview Enhanced PDF File Import command injection (7.6) Dec, 12 2022 Markdown Link
ARMember premium Plugin privileges management (8.6) Dec, 12 2022 ARMember Link
Brocade Fabric OS os command injection (8.5) Dec, 12 2022 Brocade Link
snap-confine must_mkdir_and_open_with_perms race condition (7.5) Dec, 12 2022 snap-confine Link
CHICKEN EGG File egg-compile.scm os command injection (7.5) Dec, 12 2022 CHICKEN Link
Zephyr IF Statement smp_check_keys state issue (8.6) Dec, 12 2022 Zephyr Link
Netgear RAX30 AX2400 IPv6 access control (8.5) Dec, 12 2022 Netgear Link
VMware ESXi/Cloud Foundation ESXi Network Socket memory corruption (7.5) Dec, 12 2022 VMware Link
cube-js sql-runner sql injection (8.1) Dec, 12 2022 cube-js Link
Marc Lehmann rxvt-unicode Perl Background Extension injection (8.0) Dec, 12 2022 Marc Link
Rockwell Automation CompactLogix Network Message denial of service (7.8) Dec, 12 2022 Rockwell Link
IFM Moneo Appliance password recovery (8.1) Dec, 12 2022 IFM Link
Devolutions Remote Desktop Manager Azure SQL Data Source Privilege Escalation (7.5) Dec, 12 2022 Devolutions Link
hope-boot deserialization (8.0) Dec, 13 2022 hope-boot Link
PaddlePaddle paddle.audio.functional.get_window code injection (9.0) Dec, 13 2022 PaddlePaddle Link
Itd-inc bingo!CMS improper authentication (8.5) Dec, 13 2022 Itd-inc Link
Buffalo WHR-HP-G300N improper authentication (7.5) Dec, 13 2022 Buffalo Link
Markdown Preview Enhanced GFM Export os command injection (7.6) Dec, 13 2022 Markdown Link
Markdown Preview Enhanced PDF File Import command injection (7.6) Dec, 13 2022 Markdown Link
ARMember premium Plugin privileges management (8.6) Dec, 13 2022 ARMember Link
Brocade Fabric OS os command injection (8.5) Dec, 13 2022 Brocade Link
snap-confine must_mkdir_and_open_with_perms race condition (7.5) Dec, 13 2022 snap-confine Link
CHICKEN EGG File egg-compile.scm os command injection (7.5) Dec, 13 2022 CHICKEN Link
Zephyr IF Statement smp_check_keys state issue (8.6) Dec, 13 2022 Zephyr Link
Netgear RAX30 AX2400 IPv6 access control (8.5) Dec, 13 2022 Netgear Link
VMware ESXi/Cloud Foundation ESXi Network Socket memory corruption (7.5) Dec, 13 2022 VMware Link
cube-js sql-runner sql injection (8.1) Dec, 13 2022 cube-js Link
Marc Lehmann rxvt-unicode Perl Background Extension injection (8.0) Dec, 13 2022 Marc Link
Rockwell Automation CompactLogix Network Message denial of service (7.8) Dec, 13 2022 Rockwell Link
IFM Moneo Appliance password recovery (8.1) Dec, 13 2022 IFM Link
Devolutions Remote Desktop Manager Azure SQL Data Source Privilege Escalation (7.5) Dec, 13 2022 Devolutions Link
Qualcomm Snapdragon Mobile/Snapdragon Wearables SPI Bus memory corruption (8.5) Dec, 13 2022 Qualcomm Link
Qualcomm Snapdragon Mobile/Snapdragon Wearables i2c Driver memory corruption (7.9) Dec, 13 2022 Qualcomm Link
Citrix ADC/Gateway resource control (9.6) Dec, 13 2022 Citrix Link
Netgear Nighthawk httpsniff Service command injection (8.6) Dec, 16 2022 Netgear Link
Rockwell Automation MicroLogix 1100/MicroLogix 1400 TCP Packet denial of service (7.5) Dec, 16 2022 Rockwell Link
Google Android Privilege Escalation (7.5) Dec, 16 2022 Google Link
Broadcom Symantec Identity Manager Management Console xml external entity reference (7.5) Dec, 16 2022 Broadcom Link
Netgear Nighthawk httpsniff Service command injection (8.6) Dec, 17 2022 Netgear Link
Rockwell Automation MicroLogix 1100/MicroLogix 1400 TCP Packet denial of service (7.5) Dec, 17 2022 Rockwell Link
Google Android Privilege Escalation (7.5) Dec, 17 2022 Google Link
Broadcom Symantec Identity Manager Management Console xml external entity reference (7.5) Dec, 17 2022 Broadcom Link
Rockwell Automation GuardLogix/ControlLogix CIP Request denial of service (7.9) Dec, 17 2022 Rockwell Link
Mutiny hard-coded password (7.6) Dec, 17 2022 Mutiny Link
y_project Ruoyi Shiro Framework deserialization (7.9) Dec, 17 2022 y_project Link
SourceCodester Online Grading System sql injection (7.7) Dec, 17 2022 SourceCodester Link
PAX Technology A930 PayDroid systool_server os command injection (7.9) Dec, 17 2022 PAX Link
Netgear Nighthawk httpsniff Service command injection (8.6) Dec, 18 2022 Netgear Link
Rockwell Automation MicroLogix 1100/MicroLogix 1400 TCP Packet denial of service (7.5) Dec, 18 2022 Rockwell Link
Google Android Privilege Escalation (7.5) Dec, 18 2022 Google Link
Broadcom Symantec Identity Manager Management Console xml external entity reference (7.5) Dec, 18 2022 Broadcom Link
Rockwell Automation GuardLogix/ControlLogix CIP Request denial of service (7.9) Dec, 18 2022 Rockwell Link
Mutiny hard-coded password (7.6) Dec, 18 2022 Mutiny Link
y_project Ruoyi Shiro Framework deserialization (7.9) Dec, 18 2022 y_project Link
SourceCodester Online Grading System sql injection (7.7) Dec, 18 2022 SourceCodester Link
PAX Technology A930 PayDroid systool_server os command injection (7.9) Dec, 18 2022 PAX Link
Netgear Nighthawk httpsniff Service command injection (8.6) Dec, 19 2022 Netgear Link
Rockwell Automation MicroLogix 1100/MicroLogix 1400 TCP Packet denial of service (7.5) Dec, 19 2022 Rockwell Link
Google Android Privilege Escalation (7.5) Dec, 19 2022 Google Link
Broadcom Symantec Identity Manager Management Console xml external entity reference (7.5) Dec, 19 2022 Broadcom Link
Rockwell Automation GuardLogix/ControlLogix CIP Request denial of service (7.9) Dec, 19 2022 Rockwell Link
Mutiny hard-coded password (7.6) Dec, 19 2022 Mutiny Link
y_project Ruoyi Shiro Framework deserialization (7.9) Dec, 19 2022 y_project Link
SourceCodester Online Grading System sql injection (7.7) Dec, 19 2022 SourceCodester Link
PAX Technology A930 PayDroid systool_server os command injection (7.9) Dec, 19 2022 PAX Link
Netgear Nighthawk httpsniff Service command injection (8.6) Dec, 20 2022 Netgear Link
Rockwell Automation MicroLogix 1100/MicroLogix 1400 TCP Packet denial of service (7.5) Dec, 20 2022 Rockwell Link
Google Android Privilege Escalation (7.5) Dec, 20 2022 Google Link
Broadcom Symantec Identity Manager Management Console xml external entity reference (7.5) Dec, 20 2022 Broadcom Link
Rockwell Automation GuardLogix/ControlLogix CIP Request denial of service (7.9) Dec, 20 2022 Rockwell Link
Mutiny hard-coded password (7.6) Dec, 20 2022 Mutiny Link
y_project Ruoyi Shiro Framework deserialization (7.9) Dec, 20 2022 y_project Link
SourceCodester Online Grading System sql injection (7.7) Dec, 20 2022 SourceCodester Link
PAX Technology A930 PayDroid systool_server os command injection (7.9) Dec, 20 2022 PAX Link
Baijiacms common.inc.php code injection (7.5) Dec, 20 2022 Baijiacms Link
Apache Airflow Hive Provider. command injection (7.5) Dec, 20 2022 Apache Link
pdftojson makeFilter stack-based overflow (7.6) Dec, 20 2022 pdftojson Link
pdftojson Object.cc copy(Object*) stack-based overflow (7.6) Dec, 20 2022 pdftojson Link
safe-eval safeEval prototype pollution (8.2) Dec, 20 2022 safe-eval Link
Zoho ManageEngine Device Control Plus Endpoint Protection Agent access control (7.9) Dec, 20 2022 Zoho Link
Zoho ManageEngine Device Control Plus Endpoint Protection Agent access control (7.9) Dec, 20 2022 Zoho Link
Netgear Nighthawk httpsniff Service command injection (8.6) Dec, 21 2022 Netgear Link
Rockwell Automation MicroLogix 1100/MicroLogix 1400 TCP Packet denial of service (7.5) Dec, 21 2022 Rockwell Link
Google Android Privilege Escalation (7.5) Dec, 21 2022 Google Link
Broadcom Symantec Identity Manager Management Console xml external entity reference (7.5) Dec, 21 2022 Broadcom Link
Rockwell Automation GuardLogix/ControlLogix CIP Request denial of service (7.9) Dec, 21 2022 Rockwell Link
Mutiny hard-coded password (7.6) Dec, 21 2022 Mutiny Link
y_project Ruoyi Shiro Framework deserialization (7.9) Dec, 21 2022 y_project Link
SourceCodester Online Grading System sql injection (7.7) Dec, 21 2022 SourceCodester Link
PAX Technology A930 PayDroid systool_server os command injection (7.9) Dec, 21 2022 PAX Link
Baijiacms common.inc.php code injection (7.5) Dec, 21 2022 Baijiacms Link
Apache Airflow Hive Provider. command injection (7.5) Dec, 21 2022 Apache Link
pdftojson makeFilter stack-based overflow (7.6) Dec, 21 2022 pdftojson Link
pdftojson Object.cc copy(Object*) stack-based overflow (7.6) Dec, 21 2022 pdftojson Link
safe-eval safeEval prototype pollution (8.2) Dec, 21 2022 safe-eval Link
Zoho ManageEngine Device Control Plus Endpoint Protection Agent access control (7.9) Dec, 21 2022 Zoho Link
Zoho ManageEngine Device Control Plus Endpoint Protection Agent access control (7.9) Dec, 21 2022 Zoho Link
Apache Karaf JDBC JNDI URL doCreateDatasource injection (7.9) Dec, 21 2022 Apache Link
Netgear Nighthawk httpsniff Service command injection (8.6) Dec, 22 2022 Netgear Link
Rockwell Automation MicroLogix 1100/MicroLogix 1400 TCP Packet denial of service (7.5) Dec, 22 2022 Rockwell Link
Google Android Privilege Escalation (7.5) Dec, 22 2022 Google Link
Broadcom Symantec Identity Manager Management Console xml external entity reference (7.5) Dec, 22 2022 Broadcom Link
Rockwell Automation GuardLogix/ControlLogix CIP Request denial of service (7.9) Dec, 22 2022 Rockwell Link
Mutiny hard-coded password (7.6) Dec, 22 2022 Mutiny Link
y_project Ruoyi Shiro Framework deserialization (7.9) Dec, 22 2022 y_project Link
SourceCodester Online Grading System sql injection (7.7) Dec, 22 2022 SourceCodester Link
PAX Technology A930 PayDroid systool_server os command injection (7.9) Dec, 22 2022 PAX Link
Baijiacms common.inc.php code injection (7.5) Dec, 22 2022 Baijiacms Link
Apache Airflow Hive Provider. command injection (7.5) Dec, 22 2022 Apache Link
pdftojson makeFilter stack-based overflow (7.6) Dec, 22 2022 pdftojson Link
pdftojson Object.cc copy(Object*) stack-based overflow (7.6) Dec, 22 2022 pdftojson Link
safe-eval safeEval prototype pollution (8.2) Dec, 22 2022 safe-eval Link
Zoho ManageEngine Device Control Plus Endpoint Protection Agent access control (7.9) Dec, 22 2022 Zoho Link
Zoho ManageEngine Device Control Plus Endpoint Protection Agent access control (7.9) Dec, 22 2022 Zoho Link
Apache Karaf JDBC JNDI URL doCreateDatasource injection (7.9) Dec, 22 2022 Apache Link
Mozilla Thunderbird Angle Remote Code Execution (7.9) Dec, 22 2022 Mozilla Link
Mozilla Firefox Angle Remote Code Execution (7.9) Dec, 22 2022 Mozilla Link
Mozilla Thunderbird memory corruption (7.9) Dec, 22 2022 Mozilla Link
Mozilla Firefox memory corruption (7.9) Dec, 22 2022 Mozilla Link
AyaCMS fst_down.inc.php unrestricted upload (7.6) Dec, 22 2022 AyaCMS Link
Apache ShardingSphere-Proxy Client Authentication cleanup (7.5) Dec, 22 2022 Apache Link
Netgear Nighthawk httpsniff Service command injection (8.6) Dec, 23 2022 Netgear Link
Rockwell Automation MicroLogix 1100/MicroLogix 1400 TCP Packet denial of service (7.5) Dec, 23 2022 Rockwell Link
Google Android Privilege Escalation (7.5) Dec, 23 2022 Google Link
Broadcom Symantec Identity Manager Management Console xml external entity reference (7.5) Dec, 23 2022 Broadcom Link
Rockwell Automation GuardLogix/ControlLogix CIP Request denial of service (7.9) Dec, 23 2022 Rockwell Link
Mutiny hard-coded password (7.6) Dec, 23 2022 Mutiny Link
y_project Ruoyi Shiro Framework deserialization (7.9) Dec, 23 2022 y_project Link
SourceCodester Online Grading System sql injection (7.7) Dec, 23 2022 SourceCodester Link
PAX Technology A930 PayDroid systool_server os command injection (7.9) Dec, 23 2022 PAX Link
Baijiacms common.inc.php code injection (7.5) Dec, 23 2022 Baijiacms Link
Apache Airflow Hive Provider. command injection (7.5) Dec, 23 2022 Apache Link
pdftojson makeFilter stack-based overflow (7.6) Dec, 23 2022 pdftojson Link
pdftojson Object.cc copy(Object*) stack-based overflow (7.6) Dec, 23 2022 pdftojson Link
safe-eval safeEval prototype pollution (8.2) Dec, 23 2022 safe-eval Link
Zoho ManageEngine Device Control Plus Endpoint Protection Agent access control (7.9) Dec, 23 2022 Zoho Link
Zoho ManageEngine Device Control Plus Endpoint Protection Agent access control (7.9) Dec, 23 2022 Zoho Link
Apache Karaf JDBC JNDI URL doCreateDatasource injection (7.9) Dec, 23 2022 Apache Link
Mozilla Thunderbird Angle Remote Code Execution (7.9) Dec, 23 2022 Mozilla Link
Mozilla Firefox Angle Remote Code Execution (7.9) Dec, 23 2022 Mozilla Link
Mozilla Thunderbird memory corruption (7.9) Dec, 23 2022 Mozilla Link
Mozilla Firefox memory corruption (7.9) Dec, 23 2022 Mozilla Link
AyaCMS fst_down.inc.php unrestricted upload (7.6) Dec, 23 2022 AyaCMS Link
Apache ShardingSphere-Proxy Client Authentication cleanup (7.5) Dec, 23 2022 Apache Link
D-Link DIR-846 SetAutoUpgradeInfo command injection (7.7) Dec, 23 2022 D-Link Link
D-Link DIR-846 SetIpMacBindSettings command injection (7.6) Dec, 23 2022 D-Link Link
Linux Kernel ksmbd smb2pdu.c smb2_tree_disconnect use after free (8.7) Dec, 23 2022 Linux Link
usememos access control (7.7) Dec, 23 2022 usememos Link
usememos improper authorization (7.9) Dec, 23 2022 usememos Link
usememos improper authentication (8.5) Dec, 23 2022 usememos Link
usememos access control (7.5) Dec, 23 2022 usememos Link
Netgear Nighthawk httpsniff Service command injection (8.6) Dec, 24 2022 Netgear Link
Rockwell Automation MicroLogix 1100/MicroLogix 1400 TCP Packet denial of service (7.5) Dec, 24 2022 Rockwell Link
Google Android Privilege Escalation (7.5) Dec, 24 2022 Google Link
Broadcom Symantec Identity Manager Management Console xml external entity reference (7.5) Dec, 24 2022 Broadcom Link
Rockwell Automation GuardLogix/ControlLogix CIP Request denial of service (7.9) Dec, 24 2022 Rockwell Link
Mutiny hard-coded password (7.6) Dec, 24 2022 Mutiny Link
y_project Ruoyi Shiro Framework deserialization (7.9) Dec, 24 2022 y_project Link
SourceCodester Online Grading System sql injection (7.7) Dec, 24 2022 SourceCodester Link
PAX Technology A930 PayDroid systool_server os command injection (7.9) Dec, 24 2022 PAX Link
Baijiacms common.inc.php code injection (7.5) Dec, 24 2022 Baijiacms Link
Apache Airflow Hive Provider. command injection (7.5) Dec, 24 2022 Apache Link
pdftojson makeFilter stack-based overflow (7.6) Dec, 24 2022 pdftojson Link
pdftojson Object.cc copy(Object*) stack-based overflow (7.6) Dec, 24 2022 pdftojson Link
safe-eval safeEval prototype pollution (8.2) Dec, 24 2022 safe-eval Link
Zoho ManageEngine Device Control Plus Endpoint Protection Agent access control (7.9) Dec, 24 2022 Zoho Link
Zoho ManageEngine Device Control Plus Endpoint Protection Agent access control (7.9) Dec, 24 2022 Zoho Link
Apache Karaf JDBC JNDI URL doCreateDatasource injection (7.9) Dec, 24 2022 Apache Link
Mozilla Thunderbird Angle Remote Code Execution (7.9) Dec, 24 2022 Mozilla Link
Mozilla Firefox Angle Remote Code Execution (7.9) Dec, 24 2022 Mozilla Link
Mozilla Thunderbird memory corruption (7.9) Dec, 24 2022 Mozilla Link
Mozilla Firefox memory corruption (7.9) Dec, 24 2022 Mozilla Link
AyaCMS fst_down.inc.php unrestricted upload (7.6) Dec, 24 2022 AyaCMS Link
Apache ShardingSphere-Proxy Client Authentication cleanup (7.5) Dec, 24 2022 Apache Link
D-Link DIR-846 SetAutoUpgradeInfo command injection (7.7) Dec, 24 2022 D-Link Link
D-Link DIR-846 SetIpMacBindSettings command injection (7.6) Dec, 24 2022 D-Link Link
Linux Kernel ksmbd smb2pdu.c smb2_tree_disconnect use after free (8.7) Dec, 24 2022 Linux Link
usememos access control (7.7) Dec, 24 2022 usememos Link
usememos improper authorization (7.9) Dec, 24 2022 usememos Link
usememos improper authentication (8.5) Dec, 24 2022 usememos Link
usememos access control (7.5) Dec, 24 2022 usememos Link
ThinkPHP Language Pack pearcmd.php file inclusion (8.4) Dec, 24 2022 ThinkPHP Link
IP-COM M50 formDelWewifiPic buffer overflow (7.6) Dec, 24 2022 IP-COM Link
IP-COM M50 formPortalAuth buffer overflow (7.6) Dec, 24 2022 IP-COM Link
SourceCodester School Dormitory Management System Admin Login sql injection (7.9) Dec, 25 2022 SourceCodester Link
SourceCodester Blood Bank Management System login.php sql injection (7.9) Dec, 25 2022 SourceCodester Link
Heimdal ASN.1 Codec Privilege Escalation (7.9) Dec, 25 2022 Heimdal Link
Simmeth Lieferantenmanager MSSQL xp_cmdshell sql injection (7.5) Dec, 25 2022 Simmeth Link
Simmeth Lieferantenmanager API Call improper authentication (7.5) Dec, 25 2022 Simmeth Link
Nintendo NetworkBuffer UDP Packet buffer overflow (8.5) Dec, 25 2022 Nintendo Link
SourceCodester School Dormitory Management System Admin Login sql injection (7.9) Dec, 26 2022 SourceCodester Link
SourceCodester Blood Bank Management System login.php sql injection (7.9) Dec, 26 2022 SourceCodester Link
Heimdal ASN.1 Codec Privilege Escalation (7.9) Dec, 26 2022 Heimdal Link
Simmeth Lieferantenmanager MSSQL xp_cmdshell sql injection (7.5) Dec, 26 2022 Simmeth Link
Simmeth Lieferantenmanager API Call improper authentication (7.5) Dec, 26 2022 Simmeth Link
Nintendo NetworkBuffer UDP Packet buffer overflow (8.5) Dec, 26 2022 Nintendo Link
fastrack Reflex Firmware Update data authenticity (8.2) Dec, 26 2022 fastrack Link
SourceCodester School Dormitory Management System Admin Login sql injection (7.9) Dec, 27 2022 SourceCodester Link
SourceCodester Blood Bank Management System login.php sql injection (7.9) Dec, 27 2022 SourceCodester Link
Heimdal ASN.1 Codec Privilege Escalation (7.9) Dec, 27 2022 Heimdal Link
Simmeth Lieferantenmanager MSSQL xp_cmdshell sql injection (7.5) Dec, 27 2022 Simmeth Link
Simmeth Lieferantenmanager API Call improper authentication (7.5) Dec, 27 2022 Simmeth Link
Nintendo NetworkBuffer UDP Packet buffer overflow (8.5) Dec, 27 2022 Nintendo Link
fastrack Reflex Firmware Update data authenticity (8.2) Dec, 27 2022 fastrack Link
ikus060 rdiffweb access control (8.4) Dec, 27 2022 ikus060 Link
SourceCodester School Dormitory Management System Admin Login sql injection (7.9) Dec, 28 2022 SourceCodester Link
SourceCodester Blood Bank Management System login.php sql injection (7.9) Dec, 28 2022 SourceCodester Link
Heimdal ASN.1 Codec Privilege Escalation (7.9) Dec, 28 2022 Heimdal Link
Simmeth Lieferantenmanager MSSQL xp_cmdshell sql injection (7.5) Dec, 28 2022 Simmeth Link
Simmeth Lieferantenmanager API Call improper authentication (7.5) Dec, 28 2022 Simmeth Link
Nintendo NetworkBuffer UDP Packet buffer overflow (8.5) Dec, 28 2022 Nintendo Link
fastrack Reflex Firmware Update data authenticity (8.2) Dec, 28 2022 fastrack Link
ikus060 rdiffweb access control (8.4) Dec, 28 2022 ikus060 Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 28 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 28 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 28 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 28 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 28 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 28 2022 D-Link Link
usememos unknown vulnerability (7.8) Dec, 28 2022 usememos Link
usememos access control (7.7) Dec, 28 2022 usememos Link
usememos access control (7.6) Dec, 28 2022 usememos Link
SourceCodester School Dormitory Management System Admin Login sql injection (7.9) Dec, 29 2022 SourceCodester Link
SourceCodester Blood Bank Management System login.php sql injection (7.9) Dec, 29 2022 SourceCodester Link
Heimdal ASN.1 Codec Privilege Escalation (7.9) Dec, 29 2022 Heimdal Link
Simmeth Lieferantenmanager MSSQL xp_cmdshell sql injection (7.5) Dec, 29 2022 Simmeth Link
Simmeth Lieferantenmanager API Call improper authentication (7.5) Dec, 29 2022 Simmeth Link
Nintendo NetworkBuffer UDP Packet buffer overflow (8.5) Dec, 29 2022 Nintendo Link
fastrack Reflex Firmware Update data authenticity (8.2) Dec, 29 2022 fastrack Link
ikus060 rdiffweb access control (8.4) Dec, 29 2022 ikus060 Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 29 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 29 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 29 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 29 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 29 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 29 2022 D-Link Link
usememos unknown vulnerability (7.8) Dec, 29 2022 usememos Link
usememos access control (7.7) Dec, 29 2022 usememos Link
usememos access control (7.6) Dec, 29 2022 usememos Link
Elvexys StreamX HTML Component improper authentication (7.5) Dec, 29 2022 Elvexys Link
X.org X11 Server XkbCopyNames double free (8.8) Dec, 29 2022 X.org Link
SourceCodester School Dormitory Management System Admin Login sql injection (7.9) Dec, 30 2022 SourceCodester Link
SourceCodester Blood Bank Management System login.php sql injection (7.9) Dec, 30 2022 SourceCodester Link
Heimdal ASN.1 Codec Privilege Escalation (7.9) Dec, 30 2022 Heimdal Link
Simmeth Lieferantenmanager MSSQL xp_cmdshell sql injection (7.5) Dec, 30 2022 Simmeth Link
Simmeth Lieferantenmanager API Call improper authentication (7.5) Dec, 30 2022 Simmeth Link
Nintendo NetworkBuffer UDP Packet buffer overflow (8.5) Dec, 30 2022 Nintendo Link
fastrack Reflex Firmware Update data authenticity (8.2) Dec, 30 2022 fastrack Link
ikus060 rdiffweb access control (8.4) Dec, 30 2022 ikus060 Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 30 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 30 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 30 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 30 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 30 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 30 2022 D-Link Link
usememos unknown vulnerability (7.8) Dec, 30 2022 usememos Link
usememos access control (7.7) Dec, 30 2022 usememos Link
usememos access control (7.6) Dec, 30 2022 usememos Link
Elvexys StreamX HTML Component improper authentication (7.5) Dec, 30 2022 Elvexys Link
X.org X11 Server XkbCopyNames double free (8.8) Dec, 30 2022 X.org Link
Apache Kylin Diagnosis Controller command injection (7.9) Dec, 30 2022 Apache Link
Netgear RAX40 buffer overflow (7.8) Dec, 30 2022 Netgear Link
SourceCodester School Dormitory Management System Admin Login sql injection (7.9) Dec, 31 2022 SourceCodester Link
SourceCodester Blood Bank Management System login.php sql injection (7.9) Dec, 31 2022 SourceCodester Link
Heimdal ASN.1 Codec Privilege Escalation (7.9) Dec, 31 2022 Heimdal Link
Simmeth Lieferantenmanager MSSQL xp_cmdshell sql injection (7.5) Dec, 31 2022 Simmeth Link
Simmeth Lieferantenmanager API Call improper authentication (7.5) Dec, 31 2022 Simmeth Link
Nintendo NetworkBuffer UDP Packet buffer overflow (8.5) Dec, 31 2022 Nintendo Link
fastrack Reflex Firmware Update data authenticity (8.2) Dec, 31 2022 fastrack Link
ikus060 rdiffweb access control (8.4) Dec, 31 2022 ikus060 Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 31 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 31 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 31 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 31 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 31 2022 D-Link Link
D-Link DIR-825 xupnpd command injection (8.8) Dec, 31 2022 D-Link Link
usememos unknown vulnerability (7.8) Dec, 31 2022 usememos Link
usememos access control (7.7) Dec, 31 2022 usememos Link
usememos access control (7.6) Dec, 31 2022 usememos Link
Elvexys StreamX HTML Component improper authentication (7.5) Dec, 31 2022 Elvexys Link
X.org X11 Server XkbCopyNames double free (8.8) Dec, 31 2022 X.org Link
Apache Kylin Diagnosis Controller command injection (7.9) Dec, 31 2022 Apache Link
Netgear RAX40 buffer overflow (7.8) Dec, 31 2022 Netgear Link
usememos cross site scripting (7.6) Dec, 31 2022 usememos Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Dec, 31 2022 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Dec, 31 2022 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Dec, 31 2022 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Dec, 31 2022 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Dec, 31 2022 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Dec, 31 2022 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Dec, 31 2022 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Dec, 31 2022 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Dec, 31 2022 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Dec, 31 2022 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Dec, 31 2022 Tenda Link
Tenda A15 WifiBasicSet stack-based overflow (7.6) Dec, 31 2022 Tenda Link
Tenda Tenda A15 WifiBasicSet stack-based overflow (7.6) Dec, 31 2022 Tenda Link
TRENDnet TEW755AP icp_setbg_img stack-based overflow (7.6) Dec, 31 2022 TRENDnet Link
TRENDnet TEW755AP set_sta_enrollee_pin_24g stack-based overflow (7.6) Dec, 31 2022 TRENDnet Link
TRENDnet TEW755AP icp_setlogo_img stack-based overflow (7.6) Dec, 31 2022 TRENDnet Link
TRENDnet TEW755AP set_sta_enrollee_pin_5g command injection (7.6) Dec, 31 2022 TRENDnet Link
TRENDnet TEW755AP setup_wizard_mydlink command injection (7.6) Dec, 31 2022 TRENDnet Link
TRENDnet TEW755AP icp_delete_img stack-based overflow (7.6) Dec, 31 2022 TRENDnet Link
TRENDnet TEW755AP auto_up_fw stack-based overflow (7.6) Dec, 31 2022 TRENDnet Link
TRENDnet TEW755AP do_sta_enrollee_wifi stack-based overflow (7.6) Dec, 31 2022 TRENDnet Link
TRENDnet TEW755AP set_sta_enrollee_pin_5g stack-based overflow (7.6) Dec, 31 2022 TRENDnet Link
TRENDnet TEW755AP reject stack-based overflow (7.6) Dec, 31 2022 TRENDnet Link
TRENDnet TEW755AP tools_netstat stack-based overflow (7.6) Dec, 31 2022 TRENDnet Link
Vulnerability CVSSv3 Release Date Products References
Silicon Labs Bootloader GBL Parser memory corruption (8.7) Nov, 02 2022 Silicon Link
Frauscher Sensortechnik FDS102 Configuration unrestricted upload (9.6) Nov, 02 2022 Frauscher Link
Discourse Email Address improper authorization (7.7) Nov, 02 2022 Discourse Link
xmldom improper validation of consistency within input (8.7) Nov, 02 2022 xmldom Link
Silicon Labs Bootloader GBL Parser memory corruption (8.7) Nov, 03 2022 Silicon Link
Frauscher Sensortechnik FDS102 Configuration unrestricted upload (9.6) Nov, 03 2022 Frauscher Link
Discourse Email Address improper authorization (7.7) Nov, 03 2022 Discourse Link
xmldom improper validation of consistency within input (8.7) Nov, 03 2022 xmldom Link
Tenda AC23 formSetFirewallCfg stack-based overflow (9.3) Nov, 03 2022 Tenda Link
Tenda AC23 setSmartPowerManagement stack-based overflow (9.3) Nov, 03 2022 Tenda Link
Tenda AC23 setSchedWifi stack-based overflow (8.9) Nov, 03 2022 Tenda Link
Tenda AC23 fromSetWifiGusetBasic stack-based overflow (9.3) Nov, 03 2022 Tenda Link
Tenda AC23 fromSetWirelessRepeat stack-based overflow (8.9) Nov, 03 2022 Tenda Link
Tenda AC23 Parameter formSetQosBand out-of-bounds write (9.3) Nov, 03 2022 Tenda Link
Tenda AC23 fromSetSysTime out-of-bounds write (9.3) Nov, 03 2022 Tenda Link
Tenda AC23 formSetDeviceName out-of-bounds write (8.2) Nov, 03 2022 Tenda Link
Keystone Environment Variable injection (8.4) Nov, 03 2022 Keystone Link
D-Link DIR-823G Packet SetNetworkTomographySettings command injection (7.6) Nov, 03 2022 D-Link Link
GLPI API REST sql injection (7.5) Nov, 03 2022 GLPI Link
Silicon Labs Bootloader GBL Parser memory corruption (8.7) Nov, 04 2022 Silicon Link
Frauscher Sensortechnik FDS102 Configuration unrestricted upload (9.6) Nov, 04 2022 Frauscher Link
Discourse Email Address improper authorization (7.7) Nov, 04 2022 Discourse Link
xmldom improper validation of consistency within input (8.7) Nov, 04 2022 xmldom Link
Tenda AC23 formSetFirewallCfg stack-based overflow (9.3) Nov, 04 2022 Tenda Link
Tenda AC23 setSmartPowerManagement stack-based overflow (9.3) Nov, 04 2022 Tenda Link
Tenda AC23 setSchedWifi stack-based overflow (8.9) Nov, 04 2022 Tenda Link
Tenda AC23 fromSetWifiGusetBasic stack-based overflow (9.3) Nov, 04 2022 Tenda Link
Tenda AC23 fromSetWirelessRepeat stack-based overflow (8.9) Nov, 04 2022 Tenda Link
Tenda AC23 Parameter formSetQosBand out-of-bounds write (9.3) Nov, 04 2022 Tenda Link
Tenda AC23 fromSetSysTime out-of-bounds write (9.3) Nov, 04 2022 Tenda Link
Tenda AC23 formSetDeviceName out-of-bounds write (8.2) Nov, 04 2022 Tenda Link
Keystone Environment Variable injection (8.4) Nov, 04 2022 Keystone Link
D-Link DIR-823G Packet SetNetworkTomographySettings command injection (7.6) Nov, 04 2022 D-Link Link
GLPI API REST sql injection (7.5) Nov, 04 2022 GLPI Link
Zoho ManageEngine ServiceDesk Plus exportMickeyList input validation (8.6) Nov, 04 2022 Zoho Link
D-Link DIR-1935 HNAP improper authentication (8.4) Nov, 04 2022 D-Link Link
D-Link DIR-1935 HNAP improper authentication (8.4) Nov, 04 2022 D-Link Link
D-Link DIR-1935 stack-based overflow (8.4) Nov, 04 2022 D-Link Link
Apache Commons BCEL API out-of-bounds (7.5) Nov, 04 2022 Apache Link
D-Link DIR-1935 SOAPAction stack-based overflow (8.4) Nov, 04 2022 D-Link Link
Silicon Labs Bootloader GBL Parser memory corruption (8.7) Nov, 05 2022 Silicon Link
Frauscher Sensortechnik FDS102 Configuration unrestricted upload (9.6) Nov, 05 2022 Frauscher Link
Discourse Email Address improper authorization (7.7) Nov, 05 2022 Discourse Link
xmldom improper validation of consistency within input (8.7) Nov, 05 2022 xmldom Link
Tenda AC23 formSetFirewallCfg stack-based overflow (9.3) Nov, 05 2022 Tenda Link
Tenda AC23 setSmartPowerManagement stack-based overflow (9.3) Nov, 05 2022 Tenda Link
Tenda AC23 setSchedWifi stack-based overflow (8.9) Nov, 05 2022 Tenda Link
Tenda AC23 fromSetWifiGusetBasic stack-based overflow (9.3) Nov, 05 2022 Tenda Link
Tenda AC23 fromSetWirelessRepeat stack-based overflow (8.9) Nov, 05 2022 Tenda Link
Tenda AC23 Parameter formSetQosBand out-of-bounds write (9.3) Nov, 05 2022 Tenda Link
Tenda AC23 fromSetSysTime out-of-bounds write (9.3) Nov, 05 2022 Tenda Link
Tenda AC23 formSetDeviceName out-of-bounds write (8.2) Nov, 05 2022 Tenda Link
Keystone Environment Variable injection (8.4) Nov, 05 2022 Keystone Link
D-Link DIR-823G Packet SetNetworkTomographySettings command injection (7.6) Nov, 05 2022 D-Link Link
GLPI API REST sql injection (7.5) Nov, 05 2022 GLPI Link
Zoho ManageEngine ServiceDesk Plus exportMickeyList input validation (8.6) Nov, 05 2022 Zoho Link
D-Link DIR-1935 HNAP improper authentication (8.4) Nov, 05 2022 D-Link Link
D-Link DIR-1935 HNAP improper authentication (8.4) Nov, 05 2022 D-Link Link
D-Link DIR-1935 stack-based overflow (8.4) Nov, 05 2022 D-Link Link
Apache Commons BCEL API out-of-bounds (7.5) Nov, 05 2022 Apache Link
D-Link DIR-1935 SOAPAction stack-based overflow (8.4) Nov, 05 2022 D-Link Link
Splunk Enterprise tstats Command access control (7.6) Nov, 05 2022 Splunk Link
Splunk Enterprise SPL Safeguard access control (7.6) Nov, 05 2022 Splunk Link
Azure RTOS USBX USB DFU UPLOAD ux_device_class_dfu_control_request buffer overflow (9.6) Nov, 05 2022 Azure Link
XWiki Request Parameter improper authentication (7.9) Nov, 05 2022 XWiki Link
Splunk Enterprise Mobile Alerts deserialization (8.6) Nov, 05 2022 Splunk Link
VMware Spring Tools/VSCode Extension Snakeyaml code injection (7.9) Nov, 05 2022 VMware Link
Silicon Labs Bootloader GBL Parser memory corruption (8.7) Nov, 06 2022 Silicon Link
Frauscher Sensortechnik FDS102 Configuration unrestricted upload (9.6) Nov, 06 2022 Frauscher Link
Discourse Email Address improper authorization (7.7) Nov, 06 2022 Discourse Link
xmldom improper validation of consistency within input (8.7) Nov, 06 2022 xmldom Link
Tenda AC23 formSetFirewallCfg stack-based overflow (9.3) Nov, 06 2022 Tenda Link
Tenda AC23 setSmartPowerManagement stack-based overflow (9.3) Nov, 06 2022 Tenda Link
Tenda AC23 setSchedWifi stack-based overflow (8.9) Nov, 06 2022 Tenda Link
Tenda AC23 fromSetWifiGusetBasic stack-based overflow (9.3) Nov, 06 2022 Tenda Link
Tenda AC23 fromSetWirelessRepeat stack-based overflow (8.9) Nov, 06 2022 Tenda Link
Tenda AC23 Parameter formSetQosBand out-of-bounds write (9.3) Nov, 06 2022 Tenda Link
Tenda AC23 fromSetSysTime out-of-bounds write (9.3) Nov, 06 2022 Tenda Link
Tenda AC23 formSetDeviceName out-of-bounds write (8.2) Nov, 06 2022 Tenda Link
Keystone Environment Variable injection (8.4) Nov, 06 2022 Keystone Link
D-Link DIR-823G Packet SetNetworkTomographySettings command injection (7.6) Nov, 06 2022 D-Link Link
GLPI API REST sql injection (7.5) Nov, 06 2022 GLPI Link
Zoho ManageEngine ServiceDesk Plus exportMickeyList input validation (8.6) Nov, 06 2022 Zoho Link
D-Link DIR-1935 HNAP improper authentication (8.4) Nov, 06 2022 D-Link Link
D-Link DIR-1935 HNAP improper authentication (8.4) Nov, 06 2022 D-Link Link
D-Link DIR-1935 stack-based overflow (8.4) Nov, 06 2022 D-Link Link
Apache Commons BCEL API out-of-bounds (7.5) Nov, 06 2022 Apache Link
D-Link DIR-1935 SOAPAction stack-based overflow (8.4) Nov, 06 2022 D-Link Link
Splunk Enterprise tstats Command access control (7.6) Nov, 06 2022 Splunk Link
Splunk Enterprise SPL Safeguard access control (7.6) Nov, 06 2022 Splunk Link
Azure RTOS USBX USB DFU UPLOAD ux_device_class_dfu_control_request buffer overflow (9.6) Nov, 06 2022 Azure Link
XWiki Request Parameter improper authentication (7.9) Nov, 06 2022 XWiki Link
Splunk Enterprise Mobile Alerts deserialization (8.6) Nov, 06 2022 Splunk Link
VMware Spring Tools/VSCode Extension Snakeyaml code injection (7.9) Nov, 06 2022 VMware Link
Silicon Labs Bootloader GBL Parser memory corruption (8.7) Nov, 07 2022 Silicon Link
Frauscher Sensortechnik FDS102 Configuration unrestricted upload (9.6) Nov, 07 2022 Frauscher Link
Discourse Email Address improper authorization (7.7) Nov, 07 2022 Discourse Link
xmldom improper validation of consistency within input (8.7) Nov, 07 2022 xmldom Link
Tenda AC23 formSetFirewallCfg stack-based overflow (9.3) Nov, 07 2022 Tenda Link
Tenda AC23 setSmartPowerManagement stack-based overflow (9.3) Nov, 07 2022 Tenda Link
Tenda AC23 setSchedWifi stack-based overflow (8.9) Nov, 07 2022 Tenda Link
Tenda AC23 fromSetWifiGusetBasic stack-based overflow (9.3) Nov, 07 2022 Tenda Link
Tenda AC23 fromSetWirelessRepeat stack-based overflow (8.9) Nov, 07 2022 Tenda Link
Tenda AC23 Parameter formSetQosBand out-of-bounds write (9.3) Nov, 07 2022 Tenda Link
Tenda AC23 fromSetSysTime out-of-bounds write (9.3) Nov, 07 2022 Tenda Link
Tenda AC23 formSetDeviceName out-of-bounds write (8.2) Nov, 07 2022 Tenda Link
Keystone Environment Variable injection (8.4) Nov, 07 2022 Keystone Link
D-Link DIR-823G Packet SetNetworkTomographySettings command injection (7.6) Nov, 07 2022 D-Link Link
GLPI API REST sql injection (7.5) Nov, 07 2022 GLPI Link
Zoho ManageEngine ServiceDesk Plus exportMickeyList input validation (8.6) Nov, 07 2022 Zoho Link
D-Link DIR-1935 HNAP improper authentication (8.4) Nov, 07 2022 D-Link Link
D-Link DIR-1935 HNAP improper authentication (8.4) Nov, 07 2022 D-Link Link
D-Link DIR-1935 stack-based overflow (8.4) Nov, 07 2022 D-Link Link
Apache Commons BCEL API out-of-bounds (7.5) Nov, 07 2022 Apache Link
D-Link DIR-1935 SOAPAction stack-based overflow (8.4) Nov, 07 2022 D-Link Link
Splunk Enterprise tstats Command access control (7.6) Nov, 07 2022 Splunk Link
Splunk Enterprise SPL Safeguard access control (7.6) Nov, 07 2022 Splunk Link
Azure RTOS USBX USB DFU UPLOAD ux_device_class_dfu_control_request buffer overflow (9.6) Nov, 07 2022 Azure Link
XWiki Request Parameter improper authentication (7.9) Nov, 07 2022 XWiki Link
Splunk Enterprise Mobile Alerts deserialization (8.6) Nov, 07 2022 Splunk Link
VMware Spring Tools/VSCode Extension Snakeyaml code injection (7.9) Nov, 07 2022 VMware Link
d8s-xml backdoor (7.5) Nov, 07 2022 d8s-xml Link
d8s-networking backdoor (7.5) Nov, 07 2022 d8s-networking Link
d8s-dates backdoor (7.5) Nov, 07 2022 d8s-dates Link
d8s-stats backdoor (7.5) Nov, 07 2022 d8s-stats Link
d8s-networking backdoor (7.5) Nov, 07 2022 d8s-networking Link
d8s-python backdoor (7.5) Nov, 07 2022 d8s-python Link
d8s-urls backdoor (7.5) Nov, 07 2022 d8s-urls Link
d8s-python backdoor (7.5) Nov, 07 2022 d8s-python Link
d8s-timer backdoor (7.5) Nov, 07 2022 d8s-timer Link
d8s-strings backdoor (7.5) Nov, 07 2022 d8s-strings Link
Contact Form Plugin Plugin csv injection (7.5) Nov, 07 2022 Contact Link
WooCommerce Dropshipping Plugin REST Endpoint sql injection (8.4) Nov, 07 2022 WooCommerce Link
Role Based Pricing for WooCommerce Plugin unrestricted upload (7.9) Nov, 07 2022 Role Link
Lightning Labs Ind btcd Privilege Escalation (7.5) Nov, 07 2022 Lightning Link
NTFS-3G NTFS Image buffer overflow (7.6) Nov, 07 2022 NTFS-3G Link
Silicon Labs Bootloader GBL Parser memory corruption (8.7) Nov, 08 2022 Silicon Link
Frauscher Sensortechnik FDS102 Configuration unrestricted upload (9.6) Nov, 08 2022 Frauscher Link
Discourse Email Address improper authorization (7.7) Nov, 08 2022 Discourse Link
xmldom improper validation of consistency within input (8.7) Nov, 08 2022 xmldom Link
Tenda AC23 formSetFirewallCfg stack-based overflow (9.3) Nov, 08 2022 Tenda Link
Tenda AC23 setSmartPowerManagement stack-based overflow (9.3) Nov, 08 2022 Tenda Link
Tenda AC23 setSchedWifi stack-based overflow (8.9) Nov, 08 2022 Tenda Link
Tenda AC23 fromSetWifiGusetBasic stack-based overflow (9.3) Nov, 08 2022 Tenda Link
Tenda AC23 fromSetWirelessRepeat stack-based overflow (8.9) Nov, 08 2022 Tenda Link
Tenda AC23 Parameter formSetQosBand out-of-bounds write (9.3) Nov, 08 2022 Tenda Link
Tenda AC23 fromSetSysTime out-of-bounds write (9.3) Nov, 08 2022 Tenda Link
Tenda AC23 formSetDeviceName out-of-bounds write (8.2) Nov, 08 2022 Tenda Link
Keystone Environment Variable injection (8.4) Nov, 08 2022 Keystone Link
D-Link DIR-823G Packet SetNetworkTomographySettings command injection (7.6) Nov, 08 2022 D-Link Link
GLPI API REST sql injection (7.5) Nov, 08 2022 GLPI Link
Zoho ManageEngine ServiceDesk Plus exportMickeyList input validation (8.6) Nov, 08 2022 Zoho Link
D-Link DIR-1935 HNAP improper authentication (8.4) Nov, 08 2022 D-Link Link
D-Link DIR-1935 HNAP improper authentication (8.4) Nov, 08 2022 D-Link Link
D-Link DIR-1935 stack-based overflow (8.4) Nov, 08 2022 D-Link Link
Apache Commons BCEL API out-of-bounds (7.5) Nov, 08 2022 Apache Link
D-Link DIR-1935 SOAPAction stack-based overflow (8.4) Nov, 08 2022 D-Link Link
Splunk Enterprise tstats Command access control (7.6) Nov, 08 2022 Splunk Link
Splunk Enterprise SPL Safeguard access control (7.6) Nov, 08 2022 Splunk Link
Azure RTOS USBX USB DFU UPLOAD ux_device_class_dfu_control_request buffer overflow (9.6) Nov, 08 2022 Azure Link
XWiki Request Parameter improper authentication (7.9) Nov, 08 2022 XWiki Link
Splunk Enterprise Mobile Alerts deserialization (8.6) Nov, 08 2022 Splunk Link
VMware Spring Tools/VSCode Extension Snakeyaml code injection (7.9) Nov, 08 2022 VMware Link
d8s-xml backdoor (7.5) Nov, 08 2022 d8s-xml Link
d8s-networking backdoor (7.5) Nov, 08 2022 d8s-networking Link
d8s-dates backdoor (7.5) Nov, 08 2022 d8s-dates Link
d8s-stats backdoor (7.5) Nov, 08 2022 d8s-stats Link
d8s-networking backdoor (7.5) Nov, 08 2022 d8s-networking Link
d8s-python backdoor (7.5) Nov, 08 2022 d8s-python Link
d8s-urls backdoor (7.5) Nov, 08 2022 d8s-urls Link
d8s-python backdoor (7.5) Nov, 08 2022 d8s-python Link
d8s-timer backdoor (7.5) Nov, 08 2022 d8s-timer Link
d8s-strings backdoor (7.5) Nov, 08 2022 d8s-strings Link
Contact Form Plugin Plugin csv injection (7.5) Nov, 08 2022 Contact Link
WooCommerce Dropshipping Plugin REST Endpoint sql injection (8.4) Nov, 08 2022 WooCommerce Link
Role Based Pricing for WooCommerce Plugin unrestricted upload (7.9) Nov, 08 2022 Role Link
Lightning Labs Ind btcd Privilege Escalation (7.5) Nov, 08 2022 Lightning Link
NTFS-3G NTFS Image buffer overflow (7.6) Nov, 08 2022 NTFS-3G Link
Microsoft Windows ODBC Driver Remote Code Execution (8.1) Nov, 08 2022 Microsoft Link
Microsoft Windows Scripting Language Remote Code Execution (8.4) Nov, 08 2022 Microsoft Link
Silicon Labs Bootloader GBL Parser memory corruption (8.7) Nov, 09 2022 Silicon Link
Frauscher Sensortechnik FDS102 Configuration unrestricted upload (9.6) Nov, 09 2022 Frauscher Link
Discourse Email Address improper authorization (7.7) Nov, 09 2022 Discourse Link
xmldom improper validation of consistency within input (8.7) Nov, 09 2022 xmldom Link
Tenda AC23 formSetFirewallCfg stack-based overflow (9.3) Nov, 09 2022 Tenda Link
Tenda AC23 setSmartPowerManagement stack-based overflow (9.3) Nov, 09 2022 Tenda Link
Tenda AC23 setSchedWifi stack-based overflow (8.9) Nov, 09 2022 Tenda Link
Tenda AC23 fromSetWifiGusetBasic stack-based overflow (9.3) Nov, 09 2022 Tenda Link
Tenda AC23 fromSetWirelessRepeat stack-based overflow (8.9) Nov, 09 2022 Tenda Link
Tenda AC23 Parameter formSetQosBand out-of-bounds write (9.3) Nov, 09 2022 Tenda Link
Tenda AC23 fromSetSysTime out-of-bounds write (9.3) Nov, 09 2022 Tenda Link
Tenda AC23 formSetDeviceName out-of-bounds write (8.2) Nov, 09 2022 Tenda Link
Keystone Environment Variable injection (8.4) Nov, 09 2022 Keystone Link
D-Link DIR-823G Packet SetNetworkTomographySettings command injection (7.6) Nov, 09 2022 D-Link Link
GLPI API REST sql injection (7.5) Nov, 09 2022 GLPI Link
Zoho ManageEngine ServiceDesk Plus exportMickeyList input validation (8.6) Nov, 09 2022 Zoho Link
D-Link DIR-1935 HNAP improper authentication (8.4) Nov, 09 2022 D-Link Link
D-Link DIR-1935 HNAP improper authentication (8.4) Nov, 09 2022 D-Link Link
D-Link DIR-1935 stack-based overflow (8.4) Nov, 09 2022 D-Link Link
Apache Commons BCEL API out-of-bounds (7.5) Nov, 09 2022 Apache Link
D-Link DIR-1935 SOAPAction stack-based overflow (8.4) Nov, 09 2022 D-Link Link
Splunk Enterprise tstats Command access control (7.6) Nov, 09 2022 Splunk Link
Splunk Enterprise SPL Safeguard access control (7.6) Nov, 09 2022 Splunk Link
Azure RTOS USBX USB DFU UPLOAD ux_device_class_dfu_control_request buffer overflow (9.6) Nov, 09 2022 Azure Link
XWiki Request Parameter improper authentication (7.9) Nov, 09 2022 XWiki Link
Splunk Enterprise Mobile Alerts deserialization (8.6) Nov, 09 2022 Splunk Link
VMware Spring Tools/VSCode Extension Snakeyaml code injection (7.9) Nov, 09 2022 VMware Link
d8s-xml backdoor (7.5) Nov, 09 2022 d8s-xml Link
d8s-networking backdoor (7.5) Nov, 09 2022 d8s-networking Link
d8s-dates backdoor (7.5) Nov, 09 2022 d8s-dates Link
d8s-stats backdoor (7.5) Nov, 09 2022 d8s-stats Link
d8s-networking backdoor (7.5) Nov, 09 2022 d8s-networking Link
d8s-python backdoor (7.5) Nov, 09 2022 d8s-python Link
d8s-urls backdoor (7.5) Nov, 09 2022 d8s-urls Link
d8s-python backdoor (7.5) Nov, 09 2022 d8s-python Link
d8s-timer backdoor (7.5) Nov, 09 2022 d8s-timer Link
d8s-strings backdoor (7.5) Nov, 09 2022 d8s-strings Link
Contact Form Plugin Plugin csv injection (7.5) Nov, 09 2022 Contact Link
WooCommerce Dropshipping Plugin REST Endpoint sql injection (8.4) Nov, 09 2022 WooCommerce Link
Role Based Pricing for WooCommerce Plugin unrestricted upload (7.9) Nov, 09 2022 Role Link
Lightning Labs Ind btcd Privilege Escalation (7.5) Nov, 09 2022 Lightning Link
NTFS-3G NTFS Image buffer overflow (7.6) Nov, 09 2022 NTFS-3G Link
Microsoft Windows ODBC Driver Remote Code Execution (8.1) Nov, 09 2022 Microsoft Link
Microsoft Windows Scripting Language Remote Code Execution (8.4) Nov, 09 2022 Microsoft Link
WAGO 750-81xx Packet os command injection (9.6) Nov, 09 2022 WAGO Link
AccuSoft ImageGear PICT Parser pctwread_14841 out-of-bounds write (7.9) Nov, 09 2022 AccuSoft Link
InHand InRouter302 Incomplete Fix access control (7.8) Nov, 09 2022 InHand Link
WAGO 750-81xx Packet buffer overflow (9.3) Nov, 09 2022 WAGO Link
WAGO 750-81xx Packet out-of-bounds (7.6) Nov, 09 2022 WAGO Link
Cisco ASA/Firepower Threat Defense Dynamic Access Policy memory corruption (7.8) Nov, 09 2022 Cisco Link
Vela Server/Worker/UI privileges management (9.0) Nov, 10 2022 Vela Link
Hualing Agentflow BPM URL unrestricted upload (8.4) Nov, 10 2022 Hualing Link
UPSMON Pro Login improper authentication (8.4) Nov, 10 2022 UPSMON Link
AyaCMS fst_upload.inc.php unrestricted upload (7.6) Nov, 10 2022 AyaCMS Link
xterm OSC 50 Response command injection (7.5) Nov, 10 2022 xterm Link
Huawei HarmonyOS System Framework Layer deserialization (7.6) Nov, 10 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 10 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 10 2022 Huawei Link
Huawei HarmonyOS iAware Module Privilege Escalation (7.6) Nov, 10 2022 Huawei Link
Vela Server/Worker/UI privileges management (9.0) Nov, 11 2022 Vela Link
Hualing Agentflow BPM URL unrestricted upload (8.4) Nov, 11 2022 Hualing Link
UPSMON Pro Login improper authentication (8.4) Nov, 11 2022 UPSMON Link
AyaCMS fst_upload.inc.php unrestricted upload (7.6) Nov, 11 2022 AyaCMS Link
xterm OSC 50 Response command injection (7.5) Nov, 11 2022 xterm Link
Huawei HarmonyOS System Framework Layer deserialization (7.6) Nov, 11 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 11 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 11 2022 Huawei Link
Huawei HarmonyOS iAware Module Privilege Escalation (7.6) Nov, 11 2022 Huawei Link
Vela Server/Worker/UI privileges management (9.0) Nov, 12 2022 Vela Link
Hualing Agentflow BPM URL unrestricted upload (8.4) Nov, 12 2022 Hualing Link
UPSMON Pro Login improper authentication (8.4) Nov, 12 2022 UPSMON Link
AyaCMS fst_upload.inc.php unrestricted upload (7.6) Nov, 12 2022 AyaCMS Link
xterm OSC 50 Response command injection (7.5) Nov, 12 2022 xterm Link
Huawei HarmonyOS System Framework Layer deserialization (7.6) Nov, 12 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 12 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 12 2022 Huawei Link
Huawei HarmonyOS iAware Module Privilege Escalation (7.6) Nov, 12 2022 Huawei Link
Zoho ManageEngine Password Manager Pro/PAM360/Access Manager Plus sql injection (7.9) Nov, 12 2022 Zoho Link
Pi-Star_DV_Dash Privilege Escalation (7.5) Nov, 12 2022 Pi-Star_DV_Dash Link
Intel DCM protection mechanism (8.7) Nov, 12 2022 Intel Link
Intel NUC Kit BIOS Firmware improper authentication (7.6) Nov, 12 2022 Intel Link
Vela Server/Worker/UI privileges management (9.0) Nov, 13 2022 Vela Link
Hualing Agentflow BPM URL unrestricted upload (8.4) Nov, 13 2022 Hualing Link
UPSMON Pro Login improper authentication (8.4) Nov, 13 2022 UPSMON Link
AyaCMS fst_upload.inc.php unrestricted upload (7.6) Nov, 13 2022 AyaCMS Link
xterm OSC 50 Response command injection (7.5) Nov, 13 2022 xterm Link
Huawei HarmonyOS System Framework Layer deserialization (7.6) Nov, 13 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 13 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 13 2022 Huawei Link
Huawei HarmonyOS iAware Module Privilege Escalation (7.6) Nov, 13 2022 Huawei Link
Zoho ManageEngine Password Manager Pro/PAM360/Access Manager Plus sql injection (7.9) Nov, 13 2022 Zoho Link
Pi-Star_DV_Dash Privilege Escalation (7.5) Nov, 13 2022 Pi-Star_DV_Dash Link
Intel DCM protection mechanism (8.7) Nov, 13 2022 Intel Link
Intel NUC Kit BIOS Firmware improper authentication (7.6) Nov, 13 2022 Intel Link
Pingkon HMS-PHP Data Pump Metadata admin.php sql injection (7.9) Nov, 13 2022 Pingkon Link
Pingkon HMS-PHP adminlogin.php sql injection (7.9) Nov, 13 2022 Pingkon Link
Vela Server/Worker/UI privileges management (9.0) Nov, 14 2022 Vela Link
Hualing Agentflow BPM URL unrestricted upload (8.4) Nov, 14 2022 Hualing Link
UPSMON Pro Login improper authentication (8.4) Nov, 14 2022 UPSMON Link
AyaCMS fst_upload.inc.php unrestricted upload (7.6) Nov, 14 2022 AyaCMS Link
xterm OSC 50 Response command injection (7.5) Nov, 14 2022 xterm Link
Huawei HarmonyOS System Framework Layer deserialization (7.6) Nov, 14 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 14 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 14 2022 Huawei Link
Huawei HarmonyOS iAware Module Privilege Escalation (7.6) Nov, 14 2022 Huawei Link
Zoho ManageEngine Password Manager Pro/PAM360/Access Manager Plus sql injection (7.9) Nov, 14 2022 Zoho Link
Pi-Star_DV_Dash Privilege Escalation (7.5) Nov, 14 2022 Pi-Star_DV_Dash Link
Intel DCM protection mechanism (8.7) Nov, 14 2022 Intel Link
Intel NUC Kit BIOS Firmware improper authentication (7.6) Nov, 14 2022 Intel Link
Pingkon HMS-PHP Data Pump Metadata admin.php sql injection (7.9) Nov, 14 2022 Pingkon Link
Pingkon HMS-PHP adminlogin.php sql injection (7.9) Nov, 14 2022 Pingkon Link
kareadita kavita authentication bypass (8.7) Nov, 14 2022 kareadita Link
Silicon Labs Ember ZNet memory corruption (7.6) Nov, 14 2022 Silicon Link
WPForms Pro Plugin csv injection (7.5) Nov, 14 2022 WPForms Link
tagDiv Composer Plugin Facebook Login improper authentication (7.6) Nov, 14 2022 tagDiv Link
Apache SOAP RPCRouterServlet deserialization (8.5) Nov, 14 2022 Apache Link
Vela Server/Worker/UI privileges management (9.0) Nov, 15 2022 Vela Link
Hualing Agentflow BPM URL unrestricted upload (8.4) Nov, 15 2022 Hualing Link
UPSMON Pro Login improper authentication (8.4) Nov, 15 2022 UPSMON Link
AyaCMS fst_upload.inc.php unrestricted upload (7.6) Nov, 15 2022 AyaCMS Link
xterm OSC 50 Response command injection (7.5) Nov, 15 2022 xterm Link
Huawei HarmonyOS System Framework Layer deserialization (7.6) Nov, 15 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 15 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 15 2022 Huawei Link
Huawei HarmonyOS iAware Module Privilege Escalation (7.6) Nov, 15 2022 Huawei Link
Zoho ManageEngine Password Manager Pro/PAM360/Access Manager Plus sql injection (7.9) Nov, 15 2022 Zoho Link
Pi-Star_DV_Dash Privilege Escalation (7.5) Nov, 15 2022 Pi-Star_DV_Dash Link
Intel DCM protection mechanism (8.7) Nov, 15 2022 Intel Link
Intel NUC Kit BIOS Firmware improper authentication (7.6) Nov, 15 2022 Intel Link
Pingkon HMS-PHP Data Pump Metadata admin.php sql injection (7.9) Nov, 15 2022 Pingkon Link
Pingkon HMS-PHP adminlogin.php sql injection (7.9) Nov, 15 2022 Pingkon Link
kareadita kavita authentication bypass (8.7) Nov, 15 2022 kareadita Link
Silicon Labs Ember ZNet memory corruption (7.6) Nov, 15 2022 Silicon Link
WPForms Pro Plugin csv injection (7.5) Nov, 15 2022 WPForms Link
tagDiv Composer Plugin Facebook Login improper authentication (7.6) Nov, 15 2022 tagDiv Link
Apache SOAP RPCRouterServlet deserialization (8.5) Nov, 15 2022 Apache Link
JAPEX Plugin XML Parser xml external entity reference (7.6) Nov, 15 2022 JAPEX Link
OSF Builder Suite XML Linter Plugin XML Parser xml external entity reference (7.6) Nov, 15 2022 OSF Link
CCCC Plugin XML Parser xml external entity reference (7.6) Nov, 15 2022 CCCC Link
ceph Crash Service Local Privilege Escalation (7.5) Nov, 15 2022 ceph Link
Vela Server/Worker/UI privileges management (9.0) Nov, 16 2022 Vela Link
Hualing Agentflow BPM URL unrestricted upload (8.4) Nov, 16 2022 Hualing Link
UPSMON Pro Login improper authentication (8.4) Nov, 16 2022 UPSMON Link
AyaCMS fst_upload.inc.php unrestricted upload (7.6) Nov, 16 2022 AyaCMS Link
xterm OSC 50 Response command injection (7.5) Nov, 16 2022 xterm Link
Huawei HarmonyOS System Framework Layer deserialization (7.6) Nov, 16 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 16 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 16 2022 Huawei Link
Huawei HarmonyOS iAware Module Privilege Escalation (7.6) Nov, 16 2022 Huawei Link
Zoho ManageEngine Password Manager Pro/PAM360/Access Manager Plus sql injection (7.9) Nov, 16 2022 Zoho Link
Pi-Star_DV_Dash Privilege Escalation (7.5) Nov, 16 2022 Pi-Star_DV_Dash Link
Intel DCM protection mechanism (8.7) Nov, 16 2022 Intel Link
Intel NUC Kit BIOS Firmware improper authentication (7.6) Nov, 16 2022 Intel Link
Pingkon HMS-PHP Data Pump Metadata admin.php sql injection (7.9) Nov, 16 2022 Pingkon Link
Pingkon HMS-PHP adminlogin.php sql injection (7.9) Nov, 16 2022 Pingkon Link
kareadita kavita authentication bypass (8.7) Nov, 16 2022 kareadita Link
Silicon Labs Ember ZNet memory corruption (7.6) Nov, 16 2022 Silicon Link
WPForms Pro Plugin csv injection (7.5) Nov, 16 2022 WPForms Link
tagDiv Composer Plugin Facebook Login improper authentication (7.6) Nov, 16 2022 tagDiv Link
Apache SOAP RPCRouterServlet deserialization (8.5) Nov, 16 2022 Apache Link
JAPEX Plugin XML Parser xml external entity reference (7.6) Nov, 16 2022 JAPEX Link
OSF Builder Suite XML Linter Plugin XML Parser xml external entity reference (7.6) Nov, 16 2022 OSF Link
CCCC Plugin XML Parser xml external entity reference (7.6) Nov, 16 2022 CCCC Link
ceph Crash Service Local Privilege Escalation (7.5) Nov, 16 2022 ceph Link
SeaCms index.php sql injection (7.9) Nov, 16 2022 SeaCms Link
Hoosk PHP File attachments unrestricted upload (7.5) Nov, 16 2022 Hoosk Link
Human Resource Management System login.php sql injection (7.9) Nov, 16 2022 Human Link
Sophos Mobile Managed On-Premises XML server-side request forgery (8.5) Nov, 16 2022 Sophos Link
mastodon excessive authentication (7.7) Nov, 16 2022 mastodon Link
Micrium uC-HTTP HTTP Request heap-based overflow (8.7) Nov, 16 2022 Micrium Link
Apache Mina SSHD Java deserialization (7.5) Nov, 16 2022 Apache Link
Wiesemann & Theis AT-Modem-Emulator/Com-Server HTTP GET Request missing authentication (8.4) Nov, 16 2022 Wiesemann Link
Canteen Management System save_user.php unrestricted upload (7.6) Nov, 16 2022 Canteen Link
Vela Server/Worker/UI privileges management (9.0) Nov, 17 2022 Vela Link
Hualing Agentflow BPM URL unrestricted upload (8.4) Nov, 17 2022 Hualing Link
UPSMON Pro Login improper authentication (8.4) Nov, 17 2022 UPSMON Link
AyaCMS fst_upload.inc.php unrestricted upload (7.6) Nov, 17 2022 AyaCMS Link
xterm OSC 50 Response command injection (7.5) Nov, 17 2022 xterm Link
Huawei HarmonyOS System Framework Layer deserialization (7.6) Nov, 17 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 17 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 17 2022 Huawei Link
Huawei HarmonyOS iAware Module Privilege Escalation (7.6) Nov, 17 2022 Huawei Link
Zoho ManageEngine Password Manager Pro/PAM360/Access Manager Plus sql injection (7.9) Nov, 17 2022 Zoho Link
Pi-Star_DV_Dash Privilege Escalation (7.5) Nov, 17 2022 Pi-Star_DV_Dash Link
Intel DCM protection mechanism (8.7) Nov, 17 2022 Intel Link
Intel NUC Kit BIOS Firmware improper authentication (7.6) Nov, 17 2022 Intel Link
Pingkon HMS-PHP Data Pump Metadata admin.php sql injection (7.9) Nov, 17 2022 Pingkon Link
Pingkon HMS-PHP adminlogin.php sql injection (7.9) Nov, 17 2022 Pingkon Link
kareadita kavita authentication bypass (8.7) Nov, 17 2022 kareadita Link
Silicon Labs Ember ZNet memory corruption (7.6) Nov, 17 2022 Silicon Link
WPForms Pro Plugin csv injection (7.5) Nov, 17 2022 WPForms Link
tagDiv Composer Plugin Facebook Login improper authentication (7.6) Nov, 17 2022 tagDiv Link
Apache SOAP RPCRouterServlet deserialization (8.5) Nov, 17 2022 Apache Link
JAPEX Plugin XML Parser xml external entity reference (7.6) Nov, 17 2022 JAPEX Link
OSF Builder Suite XML Linter Plugin XML Parser xml external entity reference (7.6) Nov, 17 2022 OSF Link
CCCC Plugin XML Parser xml external entity reference (7.6) Nov, 17 2022 CCCC Link
ceph Crash Service Local Privilege Escalation (7.5) Nov, 17 2022 ceph Link
SeaCms index.php sql injection (7.9) Nov, 17 2022 SeaCms Link
Hoosk PHP File attachments unrestricted upload (7.5) Nov, 17 2022 Hoosk Link
Human Resource Management System login.php sql injection (7.9) Nov, 17 2022 Human Link
Sophos Mobile Managed On-Premises XML server-side request forgery (8.5) Nov, 17 2022 Sophos Link
mastodon excessive authentication (7.7) Nov, 17 2022 mastodon Link
Micrium uC-HTTP HTTP Request heap-based overflow (8.7) Nov, 17 2022 Micrium Link
Apache Mina SSHD Java deserialization (7.5) Nov, 17 2022 Apache Link
Wiesemann & Theis AT-Modem-Emulator/Com-Server HTTP GET Request missing authentication (8.4) Nov, 17 2022 Wiesemann Link
Canteen Management System save_user.php unrestricted upload (7.6) Nov, 17 2022 Canteen Link
Dolibarr API privileges management (7.7) Nov, 17 2022 Dolibarr Link
Veritas NetBackup Java Admin Console os command injection (7.9) Nov, 17 2022 Veritas Link
Online Diagnostic Lab Management System login.php sql injection (7.9) Nov, 17 2022 Online Link
Dreamer CMS sql injection (8.0) Nov, 17 2022 Dreamer Link
BACKCLICK Professional sql injection (7.9) Nov, 17 2022 BACKCLICK Link
BACKCLICK Professional CORBA Management Services missing authentication (7.5) Nov, 17 2022 BACKCLICK Link
Vela Server/Worker/UI privileges management (9.0) Nov, 18 2022 Vela Link
Hualing Agentflow BPM URL unrestricted upload (8.4) Nov, 18 2022 Hualing Link
UPSMON Pro Login improper authentication (8.4) Nov, 18 2022 UPSMON Link
AyaCMS fst_upload.inc.php unrestricted upload (7.6) Nov, 18 2022 AyaCMS Link
xterm OSC 50 Response command injection (7.5) Nov, 18 2022 xterm Link
Huawei HarmonyOS System Framework Layer deserialization (7.6) Nov, 18 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 18 2022 Huawei Link
Huawei HarmonyOS AMS Module deserialization (7.6) Nov, 18 2022 Huawei Link
Huawei HarmonyOS iAware Module Privilege Escalation (7.6) Nov, 18 2022 Huawei Link
Zoho ManageEngine Password Manager Pro/PAM360/Access Manager Plus sql injection (7.9) Nov, 18 2022 Zoho Link
Pi-Star_DV_Dash Privilege Escalation (7.5) Nov, 18 2022 Pi-Star_DV_Dash Link
Intel DCM protection mechanism (8.7) Nov, 18 2022 Intel Link
Intel NUC Kit BIOS Firmware improper authentication (7.6) Nov, 18 2022 Intel Link
Pingkon HMS-PHP Data Pump Metadata admin.php sql injection (7.9) Nov, 18 2022 Pingkon Link
Pingkon HMS-PHP adminlogin.php sql injection (7.9) Nov, 18 2022 Pingkon Link
kareadita kavita authentication bypass (8.7) Nov, 18 2022 kareadita Link
Silicon Labs Ember ZNet memory corruption (7.6) Nov, 18 2022 Silicon Link
WPForms Pro Plugin csv injection (7.5) Nov, 18 2022 WPForms Link
tagDiv Composer Plugin Facebook Login improper authentication (7.6) Nov, 18 2022 tagDiv Link
Apache SOAP RPCRouterServlet deserialization (8.5) Nov, 18 2022 Apache Link
JAPEX Plugin XML Parser xml external entity reference (7.6) Nov, 18 2022 JAPEX Link
OSF Builder Suite XML Linter Plugin XML Parser xml external entity reference (7.6) Nov, 18 2022 OSF Link
CCCC Plugin XML Parser xml external entity reference (7.6) Nov, 18 2022 CCCC Link
ceph Crash Service Local Privilege Escalation (7.5) Nov, 18 2022 ceph Link
SeaCms index.php sql injection (7.9) Nov, 18 2022 SeaCms Link
Hoosk PHP File attachments unrestricted upload (7.5) Nov, 18 2022 Hoosk Link
Human Resource Management System login.php sql injection (7.9) Nov, 18 2022 Human Link
Sophos Mobile Managed On-Premises XML server-side request forgery (8.5) Nov, 18 2022 Sophos Link
mastodon excessive authentication (7.7) Nov, 18 2022 mastodon Link
Micrium uC-HTTP HTTP Request heap-based overflow (8.7) Nov, 18 2022 Micrium Link
Apache Mina SSHD Java deserialization (7.5) Nov, 18 2022 Apache Link
Wiesemann & Theis AT-Modem-Emulator/Com-Server HTTP GET Request missing authentication (8.4) Nov, 18 2022 Wiesemann Link
Canteen Management System save_user.php unrestricted upload (7.6) Nov, 18 2022 Canteen Link
Dolibarr API privileges management (7.7) Nov, 18 2022 Dolibarr Link
Veritas NetBackup Java Admin Console os command injection (7.9) Nov, 18 2022 Veritas Link
Online Diagnostic Lab Management System login.php sql injection (7.9) Nov, 18 2022 Online Link
Dreamer CMS sql injection (8.0) Nov, 18 2022 Dreamer Link
BACKCLICK Professional sql injection (7.9) Nov, 18 2022 BACKCLICK Link
BACKCLICK Professional CORBA Management Services missing authentication (7.5) Nov, 18 2022 BACKCLICK Link
drachtio server request-handler.cpp event_cb use after free (7.6) Nov, 18 2022 drachtio Link
D-Link DIR3060 buffer overflow (7.5) Nov, 18 2022 D-Link Link
Webvendome GET Request sql injection (7.5) Nov, 18 2022 Webvendome Link
BACKCLICK Professional CORBA Back-End Services improper authentication (7.9) Nov, 18 2022 BACKCLICK Link
wpForo Forum Plugin unrestricted upload (8.3) Nov, 18 2022 wpForo Link
Carel Boss Mini access control (7.6) Nov, 19 2022 Carel Link
WatchTowerHQ Plugin denial of service (7.7) Nov, 19 2022 WatchTowerHQ Link
Api2Cart Bridge Connector Plugin unrestricted upload (8.4) Nov, 19 2022 Api2Cart Link
Permalink Manager Lite Plugin access control (7.8) Nov, 19 2022 Permalink Link
Carel Boss Mini access control (7.6) Nov, 20 2022 Carel Link
WatchTowerHQ Plugin denial of service (7.7) Nov, 20 2022 WatchTowerHQ Link
Api2Cart Bridge Connector Plugin unrestricted upload (8.4) Nov, 20 2022 Api2Cart Link
Permalink Manager Lite Plugin access control (7.8) Nov, 20 2022 Permalink Link
librenms deserialization (7.7) Nov, 20 2022 librenms Link
Carel Boss Mini access control (7.6) Nov, 21 2022 Carel Link
WatchTowerHQ Plugin denial of service (7.7) Nov, 21 2022 WatchTowerHQ Link
Api2Cart Bridge Connector Plugin unrestricted upload (8.4) Nov, 21 2022 Api2Cart Link
Permalink Manager Lite Plugin access control (7.8) Nov, 21 2022 Permalink Link
librenms deserialization (7.7) Nov, 21 2022 librenms Link
Trend Micro Apex One Change Prevention Service memory corruption (7.5) Nov, 21 2022 Trend Link
Trend Micro Apex One out-of-bounds (7.5) Nov, 21 2022 Trend Link
Trend Micro Apex One exceptional condition (8.1) Nov, 21 2022 Trend Link
Trend Micro Apex One Security Agent pathname traversal (8.1) Nov, 21 2022 Trend Link
Tenda AC18 formSetWifiGuestBasic buffer overflow (7.5) Nov, 21 2022 Tenda Link
Tenda AC18 addWifiMacFilter buffer overflow (7.5) Nov, 21 2022 Tenda Link
Tenda AC18 formWifiWpsOOB buffer overflow (7.5) Nov, 21 2022 Tenda Link
Tenda AC18 fromSetRouteStatic buffer overflow (7.5) Nov, 21 2022 Tenda Link
Tenda AC18 formSetMacFilterCfg buffer overflow (7.5) Nov, 21 2022 Tenda Link
Tenda AC18 formSetDeviceName buffer overflow (7.5) Nov, 21 2022 Tenda Link
Tenda AC18 R7WebsSecurityHandler buffer overflow (7.5) Nov, 21 2022 Tenda Link
Tenda AC18 form_fast_setting_wifi_set buffer overflow (7.5) Nov, 21 2022 Tenda Link
Insyde Kernel UEFI Variable stack-based overflow (7.8) Nov, 21 2022 Insyde Link
Carel Boss Mini access control (7.6) Nov, 22 2022 Carel Link
WatchTowerHQ Plugin denial of service (7.7) Nov, 22 2022 WatchTowerHQ Link
Api2Cart Bridge Connector Plugin unrestricted upload (8.4) Nov, 22 2022 Api2Cart Link
Permalink Manager Lite Plugin access control (7.8) Nov, 22 2022 Permalink Link
librenms deserialization (7.7) Nov, 22 2022 librenms Link
Trend Micro Apex One Change Prevention Service memory corruption (7.5) Nov, 22 2022 Trend Link
Trend Micro Apex One out-of-bounds (7.5) Nov, 22 2022 Trend Link
Trend Micro Apex One exceptional condition (8.1) Nov, 22 2022 Trend Link
Trend Micro Apex One Security Agent pathname traversal (8.1) Nov, 22 2022 Trend Link
Tenda AC18 formSetWifiGuestBasic buffer overflow (7.5) Nov, 22 2022 Tenda Link
Tenda AC18 addWifiMacFilter buffer overflow (7.5) Nov, 22 2022 Tenda Link
Tenda AC18 formWifiWpsOOB buffer overflow (7.5) Nov, 22 2022 Tenda Link
Tenda AC18 fromSetRouteStatic buffer overflow (7.5) Nov, 22 2022 Tenda Link
Tenda AC18 formSetMacFilterCfg buffer overflow (7.5) Nov, 22 2022 Tenda Link
Tenda AC18 formSetDeviceName buffer overflow (7.5) Nov, 22 2022 Tenda Link
Tenda AC18 R7WebsSecurityHandler buffer overflow (7.5) Nov, 22 2022 Tenda Link
Tenda AC18 form_fast_setting_wifi_set buffer overflow (7.5) Nov, 22 2022 Tenda Link
Insyde Kernel UEFI Variable stack-based overflow (7.8) Nov, 22 2022 Insyde Link
ZTE PON OLT access control (8.0) Nov, 22 2022 ZTE Link
Billing System Project fetchOrderData.php sql injection (7.5) Nov, 22 2022 Billing Link
D-Link DIR-882 webGetVarString buffer overflow (7.5) Nov, 22 2022 D-Link Link
D-Link DIR-882 buffer overflow (7.5) Nov, 22 2022 D-Link Link
D-Link DIR-882 websRedirect buffer overflow (7.5) Nov, 22 2022 D-Link Link
D-Link DIR-878 access control (7.5) Nov, 22 2022 D-Link Link
D-Link DIR878 buffer overflow (7.5) Nov, 22 2022 D-Link Link
D-Link DIR823G command injection (7.5) Nov, 22 2022 D-Link Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 22 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 22 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 22 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 22 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 22 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 22 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 22 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 22 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 22 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 22 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 22 2022 Netgear Link
Netgear R7000P wan_dns1_pri buffer overflow (7.5) Nov, 22 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 22 2022 Netgear Link
D-Link DIR-823G HNAP API HNAP1 command injection (7.6) Nov, 22 2022 D-Link Link
Linux Kernel Local Privilege io_uring use after free (8.1) Nov, 22 2022 Linux Link
Carel Boss Mini access control (7.6) Nov, 23 2022 Carel Link
WatchTowerHQ Plugin denial of service (7.7) Nov, 23 2022 WatchTowerHQ Link
Api2Cart Bridge Connector Plugin unrestricted upload (8.4) Nov, 23 2022 Api2Cart Link
Permalink Manager Lite Plugin access control (7.8) Nov, 23 2022 Permalink Link
librenms deserialization (7.7) Nov, 23 2022 librenms Link
Trend Micro Apex One Change Prevention Service memory corruption (7.5) Nov, 23 2022 Trend Link
Trend Micro Apex One out-of-bounds (7.5) Nov, 23 2022 Trend Link
Trend Micro Apex One exceptional condition (8.1) Nov, 23 2022 Trend Link
Trend Micro Apex One Security Agent pathname traversal (8.1) Nov, 23 2022 Trend Link
Tenda AC18 formSetWifiGuestBasic buffer overflow (7.5) Nov, 23 2022 Tenda Link
Tenda AC18 addWifiMacFilter buffer overflow (7.5) Nov, 23 2022 Tenda Link
Tenda AC18 formWifiWpsOOB buffer overflow (7.5) Nov, 23 2022 Tenda Link
Tenda AC18 fromSetRouteStatic buffer overflow (7.5) Nov, 23 2022 Tenda Link
Tenda AC18 formSetMacFilterCfg buffer overflow (7.5) Nov, 23 2022 Tenda Link
Tenda AC18 formSetDeviceName buffer overflow (7.5) Nov, 23 2022 Tenda Link
Tenda AC18 R7WebsSecurityHandler buffer overflow (7.5) Nov, 23 2022 Tenda Link
Tenda AC18 form_fast_setting_wifi_set buffer overflow (7.5) Nov, 23 2022 Tenda Link
Insyde Kernel UEFI Variable stack-based overflow (7.8) Nov, 23 2022 Insyde Link
ZTE PON OLT access control (8.0) Nov, 23 2022 ZTE Link
Billing System Project fetchOrderData.php sql injection (7.5) Nov, 23 2022 Billing Link
D-Link DIR-882 webGetVarString buffer overflow (7.5) Nov, 23 2022 D-Link Link
D-Link DIR-882 buffer overflow (7.5) Nov, 23 2022 D-Link Link
D-Link DIR-882 websRedirect buffer overflow (7.5) Nov, 23 2022 D-Link Link
D-Link DIR-878 access control (7.5) Nov, 23 2022 D-Link Link
D-Link DIR878 buffer overflow (7.5) Nov, 23 2022 D-Link Link
D-Link DIR823G command injection (7.5) Nov, 23 2022 D-Link Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 23 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 23 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 23 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 23 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 23 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 23 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 23 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 23 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 23 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 23 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 23 2022 Netgear Link
Netgear R7000P wan_dns1_pri buffer overflow (7.5) Nov, 23 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 23 2022 Netgear Link
D-Link DIR-823G HNAP API HNAP1 command injection (7.6) Nov, 23 2022 D-Link Link
Linux Kernel Local Privilege io_uring use after free (8.1) Nov, 23 2022 Linux Link
TOTOLINK LR350 setIpPortFilterRules buffer overflow (7.5) Nov, 23 2022 TOTOLINK Link
TOTOLINK LR350 setParentalRules buffer overflow (7.5) Nov, 23 2022 TOTOLINK Link
TOTOLINK LR350 setTracerouteCfg buffer overflow (7.5) Nov, 23 2022 TOTOLINK Link
TOTOLINK LR350 setOpModeCfg buffer overflow (7.5) Nov, 23 2022 TOTOLINK Link
TOTOLINK LR350 buffer overflow (8.0) Nov, 23 2022 TOTOLINK Link
TOTOLINK LR350 setSmsCfg buffer overflow (7.5) Nov, 23 2022 TOTOLINK Link
TOTOLINK NR1800X setUploadSetting command injection (7.6) Nov, 23 2022 TOTOLINK Link
TOTOLINK NR1800X setUssd command injection (7.6) Nov, 23 2022 TOTOLINK Link
TOTOLINK NR1800X setOpModeCfg command injection (7.6) Nov, 23 2022 TOTOLINK Link
TOTOLINK NR1800X UploadFirmwareFile command injection (7.6) Nov, 23 2022 TOTOLINK Link
TOTOLINK LR350 setDiagnosisCfg improper authentication (7.5) Nov, 23 2022 TOTOLINK Link
yii unserialize deserialization (7.8) Nov, 23 2022 yii Link
rizalafani cms-php login_manager.php get_user sql injection (7.6) Nov, 23 2022 rizalafani Link
oretnom23 Apartment Visitor Management System index.php sql injection (7.5) Nov, 23 2022 oretnom23 Link
Linux Kernel Bluetooth l2cap_core.c’s l2cap_le_connect_req use after free (8.0) Nov, 23 2022 Linux Link
quarkus Dev UI Config Editor code injection (8.0) Nov, 23 2022 quarkus Link
Carel Boss Mini access control (7.6) Nov, 24 2022 Carel Link
WatchTowerHQ Plugin denial of service (7.7) Nov, 24 2022 WatchTowerHQ Link
Api2Cart Bridge Connector Plugin unrestricted upload (8.4) Nov, 24 2022 Api2Cart Link
Permalink Manager Lite Plugin access control (7.8) Nov, 24 2022 Permalink Link
librenms deserialization (7.7) Nov, 24 2022 librenms Link
Trend Micro Apex One Change Prevention Service memory corruption (7.5) Nov, 24 2022 Trend Link
Trend Micro Apex One out-of-bounds (7.5) Nov, 24 2022 Trend Link
Trend Micro Apex One exceptional condition (8.1) Nov, 24 2022 Trend Link
Trend Micro Apex One Security Agent pathname traversal (8.1) Nov, 24 2022 Trend Link
Tenda AC18 formSetWifiGuestBasic buffer overflow (7.5) Nov, 24 2022 Tenda Link
Tenda AC18 addWifiMacFilter buffer overflow (7.5) Nov, 24 2022 Tenda Link
Tenda AC18 formWifiWpsOOB buffer overflow (7.5) Nov, 24 2022 Tenda Link
Tenda AC18 fromSetRouteStatic buffer overflow (7.5) Nov, 24 2022 Tenda Link
Tenda AC18 formSetMacFilterCfg buffer overflow (7.5) Nov, 24 2022 Tenda Link
Tenda AC18 formSetDeviceName buffer overflow (7.5) Nov, 24 2022 Tenda Link
Tenda AC18 R7WebsSecurityHandler buffer overflow (7.5) Nov, 24 2022 Tenda Link
Tenda AC18 form_fast_setting_wifi_set buffer overflow (7.5) Nov, 24 2022 Tenda Link
Insyde Kernel UEFI Variable stack-based overflow (7.8) Nov, 24 2022 Insyde Link
ZTE PON OLT access control (8.0) Nov, 24 2022 ZTE Link
Billing System Project fetchOrderData.php sql injection (7.5) Nov, 24 2022 Billing Link
D-Link DIR-882 webGetVarString buffer overflow (7.5) Nov, 24 2022 D-Link Link
D-Link DIR-882 buffer overflow (7.5) Nov, 24 2022 D-Link Link
D-Link DIR-882 websRedirect buffer overflow (7.5) Nov, 24 2022 D-Link Link
D-Link DIR-878 access control (7.5) Nov, 24 2022 D-Link Link
D-Link DIR878 buffer overflow (7.5) Nov, 24 2022 D-Link Link
D-Link DIR823G command injection (7.5) Nov, 24 2022 D-Link Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 24 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 24 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 24 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 24 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 24 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 24 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 24 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 24 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 24 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 24 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 24 2022 Netgear Link
Netgear R7000P wan_dns1_pri buffer overflow (7.5) Nov, 24 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 24 2022 Netgear Link
D-Link DIR-823G HNAP API HNAP1 command injection (7.6) Nov, 24 2022 D-Link Link
Linux Kernel Local Privilege io_uring use after free (8.1) Nov, 24 2022 Linux Link
TOTOLINK LR350 setIpPortFilterRules buffer overflow (7.5) Nov, 24 2022 TOTOLINK Link
TOTOLINK LR350 setParentalRules buffer overflow (7.5) Nov, 24 2022 TOTOLINK Link
TOTOLINK LR350 setTracerouteCfg buffer overflow (7.5) Nov, 24 2022 TOTOLINK Link
TOTOLINK LR350 setOpModeCfg buffer overflow (7.5) Nov, 24 2022 TOTOLINK Link
TOTOLINK LR350 buffer overflow (8.0) Nov, 24 2022 TOTOLINK Link
TOTOLINK LR350 setSmsCfg buffer overflow (7.5) Nov, 24 2022 TOTOLINK Link
TOTOLINK NR1800X setUploadSetting command injection (7.6) Nov, 24 2022 TOTOLINK Link
TOTOLINK NR1800X setUssd command injection (7.6) Nov, 24 2022 TOTOLINK Link
TOTOLINK NR1800X setOpModeCfg command injection (7.6) Nov, 24 2022 TOTOLINK Link
TOTOLINK NR1800X UploadFirmwareFile command injection (7.6) Nov, 24 2022 TOTOLINK Link
TOTOLINK LR350 setDiagnosisCfg improper authentication (7.5) Nov, 24 2022 TOTOLINK Link
yii unserialize deserialization (7.8) Nov, 24 2022 yii Link
rizalafani cms-php login_manager.php get_user sql injection (7.6) Nov, 24 2022 rizalafani Link
oretnom23 Apartment Visitor Management System index.php sql injection (7.5) Nov, 24 2022 oretnom23 Link
Linux Kernel Bluetooth l2cap_core.c’s l2cap_le_connect_req use after free (8.0) Nov, 24 2022 Linux Link
quarkus Dev UI Config Editor code injection (8.0) Nov, 24 2022 quarkus Link
Moxa UC-8100A-ME-T unnecessary privileges (8.1) Nov, 24 2022 Moxa Link
GE CIMPLICITY out-of-bounds write (8.3) Nov, 24 2022 GE Link
GE CIMPLICITY CGmmiOptionContainer untrusted pointer dereference (8.8) Nov, 24 2022 GE Link
GE CIMPLICITY heap-based overflow (8.3) Nov, 24 2022 GE Link
GE CIMPLICITY CGmmiOptionContainer uninitialized pointer (8.3) Nov, 24 2022 GE Link
GE CIMPLICITY CGmmiRootOptionTable uninitialized pointer (8.3) Nov, 24 2022 GE Link
AVEVA Edge StADOSvr.exe access control (9.4) Nov, 24 2022 AVEVA Link
Pilz PASvisu Server ZIP Configuration File path traversal (8.1) Nov, 24 2022 Pilz Link
qmpaas leadshop routine (8.5) Nov, 24 2022 qmpaas Link
rickxy Stock Management System processlogin.php sql injection (7.9) Nov, 24 2022 rickxy Link
iTerm2 DECRQSS Response Privilege Escalation (7.5) Nov, 24 2022 iTerm2 Link
Boa sql injection (7.5) Nov, 24 2022 Boa Link
SolarWinds Network Performance Monitor WebUserSettingsCrudHandler input validation (8.6) Nov, 24 2022 SolarWinds Link
SolarWinds Network Performance Monitor DeserializeFromStrippedXml deserialization (8.4) Nov, 24 2022 SolarWinds Link
Carel Boss Mini access control (7.6) Nov, 25 2022 Carel Link
WatchTowerHQ Plugin denial of service (7.7) Nov, 25 2022 WatchTowerHQ Link
Api2Cart Bridge Connector Plugin unrestricted upload (8.4) Nov, 25 2022 Api2Cart Link
Permalink Manager Lite Plugin access control (7.8) Nov, 25 2022 Permalink Link
librenms deserialization (7.7) Nov, 25 2022 librenms Link
Trend Micro Apex One Change Prevention Service memory corruption (7.5) Nov, 25 2022 Trend Link
Trend Micro Apex One out-of-bounds (7.5) Nov, 25 2022 Trend Link
Trend Micro Apex One exceptional condition (8.1) Nov, 25 2022 Trend Link
Trend Micro Apex One Security Agent pathname traversal (8.1) Nov, 25 2022 Trend Link
Tenda AC18 formSetWifiGuestBasic buffer overflow (7.5) Nov, 25 2022 Tenda Link
Tenda AC18 addWifiMacFilter buffer overflow (7.5) Nov, 25 2022 Tenda Link
Tenda AC18 formWifiWpsOOB buffer overflow (7.5) Nov, 25 2022 Tenda Link
Tenda AC18 fromSetRouteStatic buffer overflow (7.5) Nov, 25 2022 Tenda Link
Tenda AC18 formSetMacFilterCfg buffer overflow (7.5) Nov, 25 2022 Tenda Link
Tenda AC18 formSetDeviceName buffer overflow (7.5) Nov, 25 2022 Tenda Link
Tenda AC18 R7WebsSecurityHandler buffer overflow (7.5) Nov, 25 2022 Tenda Link
Tenda AC18 form_fast_setting_wifi_set buffer overflow (7.5) Nov, 25 2022 Tenda Link
Insyde Kernel UEFI Variable stack-based overflow (7.8) Nov, 25 2022 Insyde Link
ZTE PON OLT access control (8.0) Nov, 25 2022 ZTE Link
Billing System Project fetchOrderData.php sql injection (7.5) Nov, 25 2022 Billing Link
D-Link DIR-882 webGetVarString buffer overflow (7.5) Nov, 25 2022 D-Link Link
D-Link DIR-882 buffer overflow (7.5) Nov, 25 2022 D-Link Link
D-Link DIR-882 websRedirect buffer overflow (7.5) Nov, 25 2022 D-Link Link
D-Link DIR-878 access control (7.5) Nov, 25 2022 D-Link Link
D-Link DIR878 buffer overflow (7.5) Nov, 25 2022 D-Link Link
D-Link DIR823G command injection (7.5) Nov, 25 2022 D-Link Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 25 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 25 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 25 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 25 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 25 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 25 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 25 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 25 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 25 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 25 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 25 2022 Netgear Link
Netgear R7000P wan_dns1_pri buffer overflow (7.5) Nov, 25 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 25 2022 Netgear Link
D-Link DIR-823G HNAP API HNAP1 command injection (7.6) Nov, 25 2022 D-Link Link
Linux Kernel Local Privilege io_uring use after free (8.1) Nov, 25 2022 Linux Link
TOTOLINK LR350 setIpPortFilterRules buffer overflow (7.5) Nov, 25 2022 TOTOLINK Link
TOTOLINK LR350 setParentalRules buffer overflow (7.5) Nov, 25 2022 TOTOLINK Link
TOTOLINK LR350 setTracerouteCfg buffer overflow (7.5) Nov, 25 2022 TOTOLINK Link
TOTOLINK LR350 setOpModeCfg buffer overflow (7.5) Nov, 25 2022 TOTOLINK Link
TOTOLINK LR350 buffer overflow (8.0) Nov, 25 2022 TOTOLINK Link
TOTOLINK LR350 setSmsCfg buffer overflow (7.5) Nov, 25 2022 TOTOLINK Link
TOTOLINK NR1800X setUploadSetting command injection (7.6) Nov, 25 2022 TOTOLINK Link
TOTOLINK NR1800X setUssd command injection (7.6) Nov, 25 2022 TOTOLINK Link
TOTOLINK NR1800X setOpModeCfg command injection (7.6) Nov, 25 2022 TOTOLINK Link
TOTOLINK NR1800X UploadFirmwareFile command injection (7.6) Nov, 25 2022 TOTOLINK Link
TOTOLINK LR350 setDiagnosisCfg improper authentication (7.5) Nov, 25 2022 TOTOLINK Link
yii unserialize deserialization (7.8) Nov, 25 2022 yii Link
rizalafani cms-php login_manager.php get_user sql injection (7.6) Nov, 25 2022 rizalafani Link
oretnom23 Apartment Visitor Management System index.php sql injection (7.5) Nov, 25 2022 oretnom23 Link
Linux Kernel Bluetooth l2cap_core.c’s l2cap_le_connect_req use after free (8.0) Nov, 25 2022 Linux Link
quarkus Dev UI Config Editor code injection (8.0) Nov, 25 2022 quarkus Link
Moxa UC-8100A-ME-T unnecessary privileges (8.1) Nov, 25 2022 Moxa Link
GE CIMPLICITY out-of-bounds write (8.3) Nov, 25 2022 GE Link
GE CIMPLICITY CGmmiOptionContainer untrusted pointer dereference (8.8) Nov, 25 2022 GE Link
GE CIMPLICITY heap-based overflow (8.3) Nov, 25 2022 GE Link
GE CIMPLICITY CGmmiOptionContainer uninitialized pointer (8.3) Nov, 25 2022 GE Link
GE CIMPLICITY CGmmiRootOptionTable uninitialized pointer (8.3) Nov, 25 2022 GE Link
AVEVA Edge StADOSvr.exe access control (9.4) Nov, 25 2022 AVEVA Link
Pilz PASvisu Server ZIP Configuration File path traversal (8.1) Nov, 25 2022 Pilz Link
qmpaas leadshop routine (8.5) Nov, 25 2022 qmpaas Link
rickxy Stock Management System processlogin.php sql injection (7.9) Nov, 25 2022 rickxy Link
iTerm2 DECRQSS Response Privilege Escalation (7.5) Nov, 25 2022 iTerm2 Link
Boa sql injection (7.5) Nov, 25 2022 Boa Link
SolarWinds Network Performance Monitor WebUserSettingsCrudHandler input validation (8.6) Nov, 25 2022 SolarWinds Link
SolarWinds Network Performance Monitor DeserializeFromStrippedXml deserialization (8.4) Nov, 25 2022 SolarWinds Link
Badaso unrestricted upload (8.5) Nov, 25 2022 Badaso Link
Epson TM-C3500/TM-C7500 improper authentication (7.7) Nov, 25 2022 Epson Link
activerecord Gem YAML deserialization (8.4) Nov, 25 2022 activerecord Link
Linux Kernel dvbdev.c dvb_register_device use after free (8.8) Nov, 25 2022 Linux Link
Mitsubishi Electric GX Works3 hard-coded key (7.8) Nov, 25 2022 Mitsubishi Link
Carel Boss Mini access control (7.6) Nov, 26 2022 Carel Link
WatchTowerHQ Plugin denial of service (7.7) Nov, 26 2022 WatchTowerHQ Link
Api2Cart Bridge Connector Plugin unrestricted upload (8.4) Nov, 26 2022 Api2Cart Link
Permalink Manager Lite Plugin access control (7.8) Nov, 26 2022 Permalink Link
librenms deserialization (7.7) Nov, 26 2022 librenms Link
Trend Micro Apex One Change Prevention Service memory corruption (7.5) Nov, 26 2022 Trend Link
Trend Micro Apex One out-of-bounds (7.5) Nov, 26 2022 Trend Link
Trend Micro Apex One exceptional condition (8.1) Nov, 26 2022 Trend Link
Trend Micro Apex One Security Agent pathname traversal (8.1) Nov, 26 2022 Trend Link
Tenda AC18 formSetWifiGuestBasic buffer overflow (7.5) Nov, 26 2022 Tenda Link
Tenda AC18 addWifiMacFilter buffer overflow (7.5) Nov, 26 2022 Tenda Link
Tenda AC18 formWifiWpsOOB buffer overflow (7.5) Nov, 26 2022 Tenda Link
Tenda AC18 fromSetRouteStatic buffer overflow (7.5) Nov, 26 2022 Tenda Link
Tenda AC18 formSetMacFilterCfg buffer overflow (7.5) Nov, 26 2022 Tenda Link
Tenda AC18 formSetDeviceName buffer overflow (7.5) Nov, 26 2022 Tenda Link
Tenda AC18 R7WebsSecurityHandler buffer overflow (7.5) Nov, 26 2022 Tenda Link
Tenda AC18 form_fast_setting_wifi_set buffer overflow (7.5) Nov, 26 2022 Tenda Link
Insyde Kernel UEFI Variable stack-based overflow (7.8) Nov, 26 2022 Insyde Link
ZTE PON OLT access control (8.0) Nov, 26 2022 ZTE Link
Billing System Project fetchOrderData.php sql injection (7.5) Nov, 26 2022 Billing Link
D-Link DIR-882 webGetVarString buffer overflow (7.5) Nov, 26 2022 D-Link Link
D-Link DIR-882 buffer overflow (7.5) Nov, 26 2022 D-Link Link
D-Link DIR-882 websRedirect buffer overflow (7.5) Nov, 26 2022 D-Link Link
D-Link DIR-878 access control (7.5) Nov, 26 2022 D-Link Link
D-Link DIR878 buffer overflow (7.5) Nov, 26 2022 D-Link Link
D-Link DIR823G command injection (7.5) Nov, 26 2022 D-Link Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 26 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 26 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 26 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 26 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 26 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 26 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 26 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 26 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 26 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 26 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 26 2022 Netgear Link
Netgear R7000P wan_dns1_pri buffer overflow (7.5) Nov, 26 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 26 2022 Netgear Link
D-Link DIR-823G HNAP API HNAP1 command injection (7.6) Nov, 26 2022 D-Link Link
Linux Kernel Local Privilege io_uring use after free (8.1) Nov, 26 2022 Linux Link
TOTOLINK LR350 setIpPortFilterRules buffer overflow (7.5) Nov, 26 2022 TOTOLINK Link
TOTOLINK LR350 setParentalRules buffer overflow (7.5) Nov, 26 2022 TOTOLINK Link
TOTOLINK LR350 setTracerouteCfg buffer overflow (7.5) Nov, 26 2022 TOTOLINK Link
TOTOLINK LR350 setOpModeCfg buffer overflow (7.5) Nov, 26 2022 TOTOLINK Link
TOTOLINK LR350 buffer overflow (8.0) Nov, 26 2022 TOTOLINK Link
TOTOLINK LR350 setSmsCfg buffer overflow (7.5) Nov, 26 2022 TOTOLINK Link
TOTOLINK NR1800X setUploadSetting command injection (7.6) Nov, 26 2022 TOTOLINK Link
TOTOLINK NR1800X setUssd command injection (7.6) Nov, 26 2022 TOTOLINK Link
TOTOLINK NR1800X setOpModeCfg command injection (7.6) Nov, 26 2022 TOTOLINK Link
TOTOLINK NR1800X UploadFirmwareFile command injection (7.6) Nov, 26 2022 TOTOLINK Link
TOTOLINK LR350 setDiagnosisCfg improper authentication (7.5) Nov, 26 2022 TOTOLINK Link
yii unserialize deserialization (7.8) Nov, 26 2022 yii Link
rizalafani cms-php login_manager.php get_user sql injection (7.6) Nov, 26 2022 rizalafani Link
oretnom23 Apartment Visitor Management System index.php sql injection (7.5) Nov, 26 2022 oretnom23 Link
Linux Kernel Bluetooth l2cap_core.c’s l2cap_le_connect_req use after free (8.0) Nov, 26 2022 Linux Link
quarkus Dev UI Config Editor code injection (8.0) Nov, 26 2022 quarkus Link
Moxa UC-8100A-ME-T unnecessary privileges (8.1) Nov, 26 2022 Moxa Link
GE CIMPLICITY out-of-bounds write (8.3) Nov, 26 2022 GE Link
GE CIMPLICITY CGmmiOptionContainer untrusted pointer dereference (8.8) Nov, 26 2022 GE Link
GE CIMPLICITY heap-based overflow (8.3) Nov, 26 2022 GE Link
GE CIMPLICITY CGmmiOptionContainer uninitialized pointer (8.3) Nov, 26 2022 GE Link
GE CIMPLICITY CGmmiRootOptionTable uninitialized pointer (8.3) Nov, 26 2022 GE Link
AVEVA Edge StADOSvr.exe access control (9.4) Nov, 26 2022 AVEVA Link
Pilz PASvisu Server ZIP Configuration File path traversal (8.1) Nov, 26 2022 Pilz Link
qmpaas leadshop routine (8.5) Nov, 26 2022 qmpaas Link
rickxy Stock Management System processlogin.php sql injection (7.9) Nov, 26 2022 rickxy Link
iTerm2 DECRQSS Response Privilege Escalation (7.5) Nov, 26 2022 iTerm2 Link
Boa sql injection (7.5) Nov, 26 2022 Boa Link
SolarWinds Network Performance Monitor WebUserSettingsCrudHandler input validation (8.6) Nov, 26 2022 SolarWinds Link
SolarWinds Network Performance Monitor DeserializeFromStrippedXml deserialization (8.4) Nov, 26 2022 SolarWinds Link
Badaso unrestricted upload (8.5) Nov, 26 2022 Badaso Link
Epson TM-C3500/TM-C7500 improper authentication (7.7) Nov, 26 2022 Epson Link
activerecord Gem YAML deserialization (8.4) Nov, 26 2022 activerecord Link
Linux Kernel dvbdev.c dvb_register_device use after free (8.8) Nov, 26 2022 Linux Link
Mitsubishi Electric GX Works3 hard-coded key (7.8) Nov, 26 2022 Mitsubishi Link
PyTorch torch.jit.annotations.parse_type_line command injection (7.5) Nov, 26 2022 PyTorch Link
TOTOLINK A7100RU setOpenVpnCfg command injection (7.5) Nov, 26 2022 TOTOLINK Link
TOTOLINK A7100RU setOpenVpnClientCfg the command injection (7.5) Nov, 26 2022 TOTOLINK Link
Jeecg-boot updateNullByEmptyString sql injection (7.6) Nov, 26 2022 Jeecg-boot Link
Jeecg-boot check sql injection (7.6) Nov, 26 2022 Jeecg-boot Link
Moodle LTI Provider Library server-side request forgery (7.5) Nov, 26 2022 Moodle Link
Kyungrinara ERP Solution sERP Server hard-coded credentials (8.7) Nov, 26 2022 Kyungrinara Link
PaddlePaddle paddle.audio.functional.get_window code injection (7.5) Nov, 26 2022 PaddlePaddle Link
Carel Boss Mini access control (7.6) Nov, 27 2022 Carel Link
WatchTowerHQ Plugin denial of service (7.7) Nov, 27 2022 WatchTowerHQ Link
Api2Cart Bridge Connector Plugin unrestricted upload (8.4) Nov, 27 2022 Api2Cart Link
Permalink Manager Lite Plugin access control (7.8) Nov, 27 2022 Permalink Link
librenms deserialization (7.7) Nov, 27 2022 librenms Link
Trend Micro Apex One Change Prevention Service memory corruption (7.5) Nov, 27 2022 Trend Link
Trend Micro Apex One out-of-bounds (7.5) Nov, 27 2022 Trend Link
Trend Micro Apex One exceptional condition (8.1) Nov, 27 2022 Trend Link
Trend Micro Apex One Security Agent pathname traversal (8.1) Nov, 27 2022 Trend Link
Tenda AC18 formSetWifiGuestBasic buffer overflow (7.5) Nov, 27 2022 Tenda Link
Tenda AC18 addWifiMacFilter buffer overflow (7.5) Nov, 27 2022 Tenda Link
Tenda AC18 formWifiWpsOOB buffer overflow (7.5) Nov, 27 2022 Tenda Link
Tenda AC18 fromSetRouteStatic buffer overflow (7.5) Nov, 27 2022 Tenda Link
Tenda AC18 formSetMacFilterCfg buffer overflow (7.5) Nov, 27 2022 Tenda Link
Tenda AC18 formSetDeviceName buffer overflow (7.5) Nov, 27 2022 Tenda Link
Tenda AC18 R7WebsSecurityHandler buffer overflow (7.5) Nov, 27 2022 Tenda Link
Tenda AC18 form_fast_setting_wifi_set buffer overflow (7.5) Nov, 27 2022 Tenda Link
Insyde Kernel UEFI Variable stack-based overflow (7.8) Nov, 27 2022 Insyde Link
ZTE PON OLT access control (8.0) Nov, 27 2022 ZTE Link
Billing System Project fetchOrderData.php sql injection (7.5) Nov, 27 2022 Billing Link
D-Link DIR-882 webGetVarString buffer overflow (7.5) Nov, 27 2022 D-Link Link
D-Link DIR-882 buffer overflow (7.5) Nov, 27 2022 D-Link Link
D-Link DIR-882 websRedirect buffer overflow (7.5) Nov, 27 2022 D-Link Link
D-Link DIR-878 access control (7.5) Nov, 27 2022 D-Link Link
D-Link DIR878 buffer overflow (7.5) Nov, 27 2022 D-Link Link
D-Link DIR823G command injection (7.5) Nov, 27 2022 D-Link Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 27 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 27 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 27 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 27 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 27 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 27 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 27 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 27 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 27 2022 Netgear Link
Netgear R7000P buffer overflow (7.5) Nov, 27 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 27 2022 Netgear Link
Netgear R7000P wan_dns1_pri buffer overflow (7.5) Nov, 27 2022 Netgear Link
Netgear R7000P httpd buffer overflow (7.5) Nov, 27 2022 Netgear Link
D-Link DIR-823G HNAP API HNAP1 command injection (7.6) Nov, 27 2022 D-Link Link
Linux Kernel Local Privilege io_uring use after free (8.1) Nov, 27 2022 Linux Link
TOTOLINK LR350 setIpPortFilterRules buffer overflow (7.5) Nov, 27 2022 TOTOLINK Link
TOTOLINK LR350 setParentalRules buffer overflow (7.5) Nov, 27 2022 TOTOLINK Link
TOTOLINK LR350 setTracerouteCfg buffer overflow (7.5) Nov, 27 2022 TOTOLINK Link
TOTOLINK LR350 setOpModeCfg buffer overflow (7.5) Nov, 27 2022 TOTOLINK Link
TOTOLINK LR350 buffer overflow (8.0) Nov, 27 2022 TOTOLINK Link
TOTOLINK LR350 setSmsCfg buffer overflow (7.5) Nov, 27 2022 TOTOLINK Link
TOTOLINK NR1800X setUploadSetting command injection (7.6) Nov, 27 2022 TOTOLINK Link
TOTOLINK NR1800X setUssd command injection (7.6) Nov, 27 2022 TOTOLINK Link
TOTOLINK NR1800X setOpModeCfg command injection (7.6) Nov, 27 2022 TOTOLINK Link
TOTOLINK NR1800X UploadFirmwareFile command injection (7.6) Nov, 27 2022 TOTOLINK Link
TOTOLINK LR350 setDiagnosisCfg improper authentication (7.5) Nov, 27 2022 TOTOLINK Link
yii unserialize deserialization (7.8) Nov, 27 2022 yii Link
rizalafani cms-php login_manager.php get_user sql injection (7.6) Nov, 27 2022 rizalafani Link
oretnom23 Apartment Visitor Management System index.php sql injection (7.5) Nov, 27 2022 oretnom23 Link
Linux Kernel Bluetooth l2cap_core.c’s l2cap_le_connect_req use after free (8.0) Nov, 27 2022 Linux Link
quarkus Dev UI Config Editor code injection (8.0) Nov, 27 2022 quarkus Link
Moxa UC-8100A-ME-T unnecessary privileges (8.1) Nov, 27 2022 Moxa Link
GE CIMPLICITY out-of-bounds write (8.3) Nov, 27 2022 GE Link
GE CIMPLICITY CGmmiOptionContainer untrusted pointer dereference (8.8) Nov, 27 2022 GE Link
GE CIMPLICITY heap-based overflow (8.3) Nov, 27 2022 GE Link
GE CIMPLICITY CGmmiOptionContainer uninitialized pointer (8.3) Nov, 27 2022 GE Link
GE CIMPLICITY CGmmiRootOptionTable uninitialized pointer (8.3) Nov, 27 2022 GE Link
AVEVA Edge StADOSvr.exe access control (9.4) Nov, 27 2022 AVEVA Link
Pilz PASvisu Server ZIP Configuration File path traversal (8.1) Nov, 27 2022 Pilz Link
qmpaas leadshop routine (8.5) Nov, 27 2022 qmpaas Link
rickxy Stock Management System processlogin.php sql injection (7.9) Nov, 27 2022 rickxy Link
iTerm2 DECRQSS Response Privilege Escalation (7.5) Nov, 27 2022 iTerm2 Link
Boa sql injection (7.5) Nov, 27 2022 Boa Link
SolarWinds Network Performance Monitor WebUserSettingsCrudHandler input validation (8.6) Nov, 27 2022 SolarWinds Link
SolarWinds Network Performance Monitor DeserializeFromStrippedXml deserialization (8.4) Nov, 27 2022 SolarWinds Link
Badaso unrestricted upload (8.5) Nov, 27 2022 Badaso Link
Epson TM-C3500/TM-C7500 improper authentication (7.7) Nov, 27 2022 Epson Link
activerecord Gem YAML deserialization (8.4) Nov, 27 2022 activerecord Link
Linux Kernel dvbdev.c dvb_register_device use after free (8.8) Nov, 27 2022 Linux Link
Mitsubishi Electric GX Works3 hard-coded key (7.8) Nov, 27 2022 Mitsubishi Link
PyTorch torch.jit.annotations.parse_type_line command injection (7.5) Nov, 27 2022 PyTorch Link
TOTOLINK A7100RU setOpenVpnCfg command injection (7.5) Nov, 27 2022 TOTOLINK Link
TOTOLINK A7100RU setOpenVpnClientCfg the command injection (7.5) Nov, 27 2022 TOTOLINK Link
Jeecg-boot updateNullByEmptyString sql injection (7.6) Nov, 27 2022 Jeecg-boot Link
Jeecg-boot check sql injection (7.6) Nov, 27 2022 Jeecg-boot Link
Moodle LTI Provider Library server-side request forgery (7.5) Nov, 27 2022 Moodle Link
Kyungrinara ERP Solution sERP Server hard-coded credentials (8.7) Nov, 27 2022 Kyungrinara Link
PaddlePaddle paddle.audio.functional.get_window code injection (7.5) Nov, 27 2022 PaddlePaddle Link
Botan OCSP Response certificate validation (7.5) Nov, 27 2022 Botan Link
Linux Kernel l2cap_config_req Packet l2cap_core.c integer overflow (7.7) Nov, 27 2022 Linux Link
Linux Kernel dvb_ca_en50221.c dvb_ca_en50221_io_release use after free (7.7) Nov, 27 2022 Linux Link
oretnom23 Purchase Order Management System unrestricted upload (9.3) Nov, 28 2022 oretnom23 Link
AVS Audio Converter buffer overflow (7.9) Nov, 28 2022 AVS Link
crewjam saml Assertion Element improper authentication (8.0) Nov, 28 2022 crewjam Link
Online Tours & Travels Management System file.php unrestricted upload (9.3) Nov, 28 2022 Online Link
Poultry Farm Management System category.php sql injection (7.5) Nov, 28 2022 Poultry Link
Acer Notebook HQSwSmiDxe Driver default permission (7.7) Nov, 28 2022 Acer Link
School Management System sql injection (7.7) Nov, 28 2022 School Link
oretnom23 Purchase Order Management System unrestricted upload (9.3) Nov, 29 2022 oretnom23 Link
AVS Audio Converter buffer overflow (7.9) Nov, 29 2022 AVS Link
crewjam saml Assertion Element improper authentication (8.0) Nov, 29 2022 crewjam Link
Online Tours & Travels Management System file.php unrestricted upload (9.3) Nov, 29 2022 Online Link
Poultry Farm Management System category.php sql injection (7.5) Nov, 29 2022 Poultry Link
Acer Notebook HQSwSmiDxe Driver default permission (7.7) Nov, 29 2022 Acer Link
School Management System sql injection (7.7) Nov, 29 2022 School Link
GPAC unquantize.c Q_IsTypeOn use after free (7.5) Nov, 29 2022 GPAC Link
ghost Newsletter access control (7.8) Nov, 29 2022 ghost Link
Squirrly SEO Plugin unrestricted upload (7.9) Nov, 29 2022 Squirrly Link
Russound XSourcePlayer 777D scriptRunner.cgi Privilege Escalation (7.7) Nov, 29 2022 Russound Link
PuneethReddyHC online-shopping-system-advanced product.php sql injection (7.5) Nov, 29 2022 PuneethReddyHC Link
oretnom23 Purchase Order Management System unrestricted upload (9.3) Nov, 30 2022 oretnom23 Link
AVS Audio Converter buffer overflow (7.9) Nov, 30 2022 AVS Link
crewjam saml Assertion Element improper authentication (8.0) Nov, 30 2022 crewjam Link
Online Tours & Travels Management System file.php unrestricted upload (9.3) Nov, 30 2022 Online Link
Poultry Farm Management System category.php sql injection (7.5) Nov, 30 2022 Poultry Link
Acer Notebook HQSwSmiDxe Driver default permission (7.7) Nov, 30 2022 Acer Link
School Management System sql injection (7.7) Nov, 30 2022 School Link
GPAC unquantize.c Q_IsTypeOn use after free (7.5) Nov, 30 2022 GPAC Link
ghost Newsletter access control (7.8) Nov, 30 2022 ghost Link
Squirrly SEO Plugin unrestricted upload (7.9) Nov, 30 2022 Squirrly Link
Russound XSourcePlayer 777D scriptRunner.cgi Privilege Escalation (7.7) Nov, 30 2022 Russound Link
PuneethReddyHC online-shopping-system-advanced product.php sql injection (7.5) Nov, 30 2022 PuneethReddyHC Link
Microsoft Edge GPU heap-based overflow (7.8) Nov, 30 2022 Microsoft Link
Tribal Systems Zenario CMS Privilege Escalation (8.0) Nov, 30 2022 Tribal Link
oretnom23 Simple Inventory Management System login.php sql injection (7.5) Nov, 30 2022 oretnom23 Link
SourceCodester Book Store Management System index.php access control (7.9) Nov, 30 2022 SourceCodester Link
owncast sql injection (8.2) Nov, 30 2022 owncast Link
Book Store Management System Admin Panel hard-coded credentials (7.9) Nov, 30 2022 Book Link
Sanitization Management System Admin Panel hard-coded credentials (7.9) Nov, 30 2022 Sanitization Link
OP-TEE Trusted OS cleanup_shm_refs array index (7.8) Nov, 30 2022 OP-TEE Link
Vulnerability CVSSv3 Release Date Products References
Cisco SD-WAN CLI path traversal (8.1) Oct 1, 2022 Cisco SD-WAN CLI Link
Cisco SD-WAN CLI path traversal (8.1) Oct 1, 2022 Cisco SD-WAN CLI Link
Veritas NetBackup NBFSMCLIENT Service sql injection (8.1) Oct 3, 2022 Veritas NetBackup Link
Axiomatic Bento4 mp4mux ReadBit out-of-bounds write (7.5) Oct 3, 2022 Axiomatic Bento4 Link
Aruba InstantOS/ArubaOS PAPI Protocol buffer overflow (9.4) Oct 5, 2022 Aruba InstantOS Link
BD Totalys MultiProcessor hard-coded credentials (7.7) Oct 5, 2022 BD Totalys Link
Cisco TelePresence CE Version Control unknown vulnerability (8.4) Oct 6, 2022 Cisco Telepresence Link
Generex CS141 Web Interface gxserve-update.sh run_update Privilege Escalation (8.0) Oct 6, 2022 Generex CS141 Link
Fortinet FortiOS/FortiProxy Administrative Interface improper authorization (9.4) Oct 7, 2022 Fortinet FotiOS Link
ToolJet Invite privileges management (8.4) Oct 7, 2022 ToolJet Link
Panini Everest Engine Everest.exe untrusted search path (8.5) Oct 8, 2022 Panini Everest Link
Trend Micro Apex One Security Agent certificate validation (8.4) Oct 8, 2022 Trend Micro Link
puppetlabs-apt os command injection (7.6) Oct 8, 2022 Puppetlabs-apt Link
puppetlabs-mysql os command injection (7.6) Oct 8, 2022 Puppetlabs-mysql Link
Fortinet FortiOS CLI Command os command injection (8.9) Oct 10, 2022 Fortinet FotiOS Link
Dell Container Storage Modules goiscsi/gobrick os command injection (9.8) Oct 11, 2022 Dell Container Link
Dell Container Storage Modules goiscsi/gobrick os command injection (8.8) Oct 11, 2022 Dell Container Link
Microsoft Windows Local Security Authority Privilege Escalation (8.2) Oct 11, 2022 Microsoft Windows Local Security Link
Microsoft Windows ODBC Driver Remote Code Execution (7.7) Oct 11, 2022 Microsoft Windows ODBC Link
Microsoft Windows Server Service Privilege Escalation (7.7) Oct 11, 2022 Microsoft Windows Server Link
Array Networks ArrayOS command injection (8.4) Oct 13, 2022 Array Networks Link
Dell GeoDrive unquoted search path (7.6) Oct 13, 2022 Dell GeoDrive Link
PerFact OpenVPN Client Config Command unknown vulnerability (8.6) Oct 14, 2022 Perfect Openvpn Link
Huawei HarmonyOS MPTCP Module out-of-bounds write (7.8) Oct 14, 2022 Huawei HarmonyOS Link
Google Android HTBLogKM out-of-bounds write (7.5) Oct 14, 2022 Google Android Link
Adobe ColdFusion stack-based overflow (8.4) Oct 15, 2022 Adobe Link
Adobe ColdFusion heap-based overflow (8.4) Oct 15, 2022 Adobe Link
OpenHarmony Startup Subsystem improper authentication (8.1) Oct 15, 2022 OpenHarmony Link
Fortinet FortiTester Telnet Login os command injection (9.8) Oct 18, 2022 Fortinet FortiTester Link
Fortinet FortiTester SSH Login os command injection (9.8) Oct 18, 2022 Fortinet Link
D-Link Router lighttpd stack-based overflow (9.4) Oct 18, 2022 D-Link Link
D-Link DIR-2150 xupnpd command injection (9.4) Oct 18, 2022 D-Link Link
D-Link DIR-2150 xupnpd_generic command injection (9.4) Oct 18, 2022 D-Link Link
Windscribe uncontrolled search path (8.4) Oct 18, 2022 Windscribe Link
Linux Kernel nft_object use after free (8.4) Oct 18, 2022 Linux Kernel Link
D-Link DIR-2150 xupnpd ui_upload command injection (8.4) Oct 18, 2022 D-Link Link
D-Link DIR-2150 anweb websocket_data_handler stack-based overflow (8.4) Oct 18, 2022 D-Link Link
AVEVA Edge uncontrolled search path (8.4) Oct 18, 2022 AVEVA Link
AVEVA Edge SetBytesToManagedControl deserialization (8.4) Oct 18, 2022 AVEVA Link
OPC Labs QuickOPC deserialization (8.4) Oct 18, 2022 OPC Link
Apple macOS Remote Event memory corruption (7.7) Oct 18, 2022 Apple Macos Link
D-Link DIR-2150 anweb action_handler stack-based overflow (7.6) Oct 18, 2022 D-Link Link
Qualcomm Snapdragon Auto WLAN memory corruption (9.6) Oct 19, 2022 Qualcomm Link
Qualcomm Snapdragon Auto WLAN integer overflow (9.6) Oct 19, 2022 Qualcomm Link
Qualcomm Snapdragon Mobile Multimedia use after free (7.9) Oct 19, 2022 Qualcomm Link
Qualcomm Snapdragon Mobile BTHOST memory corruption (7.9) Oct 19, 2022 Qualcomm Link
Qualcomm Snapdragon Auto Automotive Multimedia memory corruption (7.9) Oct 19, 2022 Qualcomm Link
Qualcomm Snapdragon Auto Metadata memory corruption (7.9) Oct 19, 2022 Qualcomm Link
Nginx Plus ngx_http_hls_module out-of-bounds write (7.7) Oct 20, 2022 Nginx Link
ORing IAP-420 Telnet Server hard-coded credentials (9.2) Oct 21, 2022 ORing Link
Linux Kernel API io_uring Privilege Escalation (8.4) Oct 21, 2022 Linux Link
Aethon TUG Home Base Server authorization (7.6) Oct 21, 2022 Aethon Link
Aethon TUG Home Base Server channel accessible (7.6) Oct 21, 2022 Aethon Link
Aethon TUG Home Base Server authorization (7.6) Oct 21, 2022 Aethon Link
Lanner IAC-AST2500A spx_restservice Login_handler_func out-of-bounds write (9.9) Oct 24, 2022 Lanner Link
Lanner IAC-AST2500A spx_restservice SubNet_handler_func out-of-bounds write (9.9) Oct 24, 2022 Lanner Link
Lanner IAC-AST2500A spx_restservice KillDupUsr_func out-of-bounds write (9.8) Oct 24, 2022 Lanner Link
Lanner IAC-AST2500A spx_restservice Login_handler_func stack-based overflow (9.8) Oct 24, 2022 Lanner Link
Lanner IAC-AST2500A spx_restservice modifyUserb_func stack-based overflow (9.4) Oct 24, 2022 Lanner Link
Apache Heron Log injection (8.4) Oct 24, 2022 Apache Link
pikepdf PDF XMP Metadata Parser xml external entity reference (8.4) Oct 24, 2022 Pikepdf Link
Sony Content Transfer untrusted search path (8.2) Oct 24, 2022 Sony Link
Lanner IAC-AST2500A session fixiation (7.6) Oct 24, 2022 Lanner Link
Abode iota All-In-One Security Kit XCMD stack-based overflow (9.7) Oct 25, 2022 Abode Link
Abode iota All-In-One Security Kit Telnet hard-coded credentials (9.6) Oct 25, 2022 Abode Link
Abode iota All-In-One Security Kit XCMD getVarHA format string (8.4) Oct 25, 2022 Abode Link
Dataease MySQL Connection Parameter JdbcProvider.java deserialization (8.4) Oct 25, 2022 Dataease MySQL Link
Abode iota All-In-One Security Kit HTTP Request wirelessConnect os command injection (8.0) Oct 25, 2022 Abode Link
Microsoft Azure CLI code injection (7.7) Oct 25, 2022 Microsoft Azure Link
Abode iota All-In-One Security Kit XCMD ghome_process_control_packet format string (7.6) Oct 25, 2022 Abode Link
Abode iota All-In-One Security Kit XCMD testWifiAP format string (7.6) Oct 25, 2022 Abode Link
Socket.io JS Library Attachment Parser sql injection (8.5) Oct 26, 2022 Socket.io Link
OX Software OX App Suite Ghostscript os command injection (8.4) Oct 26, 2022 OX Software Link
Zalando Skipper server-side request forgery (7.9) Oct 26, 2022 Zalando Link
Delta Electronics InfraSuite Device Master CtrlLayerNWCmd_FileOperation pathname traversal (9.4) Oct 27, 2022 Delta Electronics Link
Delta Electronics InfraSuite Device Master ExeCommandInCommandLineMode improper authentication (9.4) Oct 27, 2022 Delta Electronics Link
Delta Electronics InfraSuite Device Master CheckLoadingStartupConfig pathname traversal (9.4) Oct 27, 2022 Delta Electronics Link
Delta Electronics InfraSuite Device Master Device-Gateway Service deserialization (9.4) Oct 27, 2022 Delta Electronics Link
Delta Electronics InfraSuite Device Master AddNewUser improper authentication (9.4) Oct 27, 2022 Delta Electronics Link
Delta Electronics InfraSuite Device Master Device-DataCollect Service deserialization (9.0) Oct 27, 2022 Delta Electronics Link
Delta Electronics InfraSuite Device Master DeSerializeBinary deserialization (8.4) Oct 27, 2022 Delta Electronics Link
Delta Electronics InfraSuite Device Master ModifyPrivByID improper authentication (8.4) Oct 27, 2022 Delta Electronics Link
Pimcore Twig Template code injection (8.4) Oct 27, 2022 Pimcore Link
OpenBMC bmcweb multipart_parser heap-based overflow (7.7) Oct 27, 2022 OpenBMC Link
OpenBMC bmcweb HTTP Header multipart_parser memory corruption (7.7) Oct 27, 2022 OpenBMC Link
Vulnerability CVSSv3 Release Date Products References
AutomationDirect DirectLOGIC Installation uncontrolled search path (8.1) Sep 1, 2022 AutomationDirect Link
Contiki-NG IPv6 Packet uipbuf.c uipbuf_get_next_header buffer overflow (7.7) Sep 1, 2022 Contiki-NG Link
Qualcomm Snapdragon Connectivity/Snapdragon Mobile Bluetooth Host stack-based overflow (8.4) Sep 2, 2022 Qualcomm Link
Qualcomm Snapdragon Auto IO Space xPUs permission (8.2) Sep 2, 2022 Qualcomm Link
Qualcomm Snapdragon Auto Multimedia memory corruption (7.9) Sep 2, 2022 Qualcomm Link
Qualcomm Snapdragon Auto DSP Service out-of-bounds write (7.9) Sep 2, 2022 Qualcomm Link
Qualcomm Snapdragon Connectivity ELF Header memory corruption (7.9) Sep 2, 2022 Qualcomm Link
Qualcomm Snapdragon Auto Video File Parser out-of-bounds (7.9) Sep 2, 2022 Qualcomm Link
Qualcomm Snapdragon Auto PCM Routing Process memory corruption (7.9) Sep 2, 2022 Qualcomm Link
Qualcomm Snapdragon Consumer IOT Graphic Driver use after free (7.9) Sep 2, 2022 Qualcomm Link
Qualcomm Snapdragon Auto Multimedia Driver memory corruption (7.9) Sep 2, 2022 Qualcomm Link
Qualcomm Snapdragon Auto Multimedia memory corruption (7.9) Sep 2, 2022 Qualcomm Link
Qualcomm Snapdragon Auto RPMB cryptographic issues (7.6) Sep 2, 2022 Qualcomm Link
Qualcomm Snapdragon Auto APR Routing Table memory corruption (7.6) Sep 2, 2022 Qualcomm Link
SFTPGo Two-factor Authentication improper authentication (7.6) Sep 2, 2022 SFTPGo Link
ZyXEL NAS326/NAS540/NAS542 UDP Packet format string (9.6) Sep 6, 2022 ZyXEL Link
BitDefender GravityZone Console On-Premise Message deserialization (8.6) Sep 6, 2022 BitDefender Link
Indy Node pool-upgrade Request improper authentication (7.9) Sep 6, 2022 Indy Link
Outbyte PC Repair Installation File iertutil.dll uncontrolled search path (8.5) Sep 7, 2022 Outbyte PC Repair Link
ActivityWatch authentication spoofing (7.9) Sep 7, 2022 ActivityWatch Link
phpfusion unverified password change (7.8) Sep 7, 2022 Phpfusion Link
QNAP QTS Photo Station external reference (9.7) Sep 8, 2022 QNAP QTS Link
ikus060 rdiffweb improper restriction of rendered ui layers (8.0) Sep 9, 2022 ikus060 Link
Wiki UI Main Wiki code injection (7.9) Sep 9, 2022 Wiki Ul Main Link
XWiki Platform Applications Tag code injection (7.9) Sep 9, 2022 XWiki Link
cruddl Schema special elements in data query logic (7.9) Sep 9, 2022 Cruddl Link
Fortinet FortiSOAR HTTP GET Request os command injection (7.8) Sep 9, 2022 Fortinet Link
XWiki Platform Web Templates Email Verification authentication bypass (7.7) Sep 9, 2022 XWiki Link
MZ Automation libIEC61850 memcpy stack-based overflow (9.4) Sep 10, 2022 Automation libIEC61850 Link
MZ Automation libIEC61850 stack-based overflow (9.4) Sep 10, 2022 Automation libIEC61850 Link
Microsoft Windows Enterprise App Management Service Privilege Escalation (7.8) Sep 13, 2022 Microsoft Windows Link
Microsoft Windows ODBC Driver Remote Code Execution (7.7) Sep 13, 2022 Microsoft Windows Link
Microsoft Windows OLE DB Provider for SQL Server Remote Code Execution (7.7) Sep 13, 2022 Microsoft Windows Link
Microsoft Dynamics CRM Privilege Escalation (7.7) Sep 13, 2022 Microsoft Windows Link
Microsoft SharePoint Server Privilege Escalation (7.7) Sep 13, 2022 Microsoft Windows Link
Onedev Docker Socket docker.sock external reference (9.1) Sep 14, 2022 Onedev Docker Link
Crestron AirMedia Installation permission (8.8) Sep 14, 2022 Crestron AirMedia Link
ionicabizau parse-url server-side request forgery (8.0) Sep 14, 2022 İonicabizau Link
EZVIZ CS-CV248 Motion Detection stack-based overflow (9.1) Sep 15, 2022 EZVIZ CS-CV248 Link
ionicabizau parse-url interpretation input (8.2) Sep 15, 2022 İonicabizau Link
Qualcomm Snapdragon Connectivity/Snapdragon Mobile WLAN Key Parser memory corruption (9.6) Sep 16, 2022 Qualcomm Snapdragon Link
Zoom On-Premise Meeting Connector MMR access control (7.6) Sep 17, 2022 Zoom Link
Suprema Bio Star PUT Request access control (8.8) Sep 20, 2022 Suprema Bio Link
Kayrasoft sql injection (8.2) Sep 20, 2022 Kayrasoft Link
ForgeRock IDM/Java Remote Connector Server LDAP Connector access control (7.6) Sep 20, 2022 ForgeRock Link
Aruba ClearPass Policy Manager OnGuard Agent Privilege Escalation (8.8) Sep 21, 2022 Aruba ClearPass Link
UI Desktop access control (8.8) Sep 23, 2022 UI Desktop Link
Sophos Firewall User Portal/Webadmin code injection (8.5) Sep 23, 2022 Sophos Firewall Link
FFmpeg build_open_gop_key_points heap-based overflow (7.5) Sep 23, 2022 FFmpeg Link
Grandstream GSD3710 strcopy stack-based overflow (9.3) Sep 24, 2022 Grandstream Link
Measuresoft ScadaPro Server access control (8.2) Sep 24, 2022 Measuresoft Link
Synacor Zimbra Collaboration Suite Nginx permission (8.8) Sep 26, 2022 Synacor Link
Contec FXA3200 Wireless LAN Manager Interface mnt_cmd.cgi permission (8.0) Sep 26, 2022 Contec FXA3200 Link
NuProcess Command Line Argument Java_java_lang_UNIXProcess_forkAndExec command injection (8.4) Sep 27, 2022 NuProcess Link
Qualcomm Snapdragon Auto ION use after free (7.9) Sep 27, 2022 Qualcomm Snapdragon Link
Mist Command-Line Interface permission (7.5) Sep 27, 2022 Mist Command-Line Link
Carlo Gavazzi UWP/CPY Car Park Server path traversal (9.6) Sep 28, 2022 Carlo Gavazzi Link
Carlo Gavazzi UWP/CPY Car Park Server hard-coded credentials (9.6) Sep 28, 2022 Carlo Gavazzi Link
Carlo Gavazzi UWP/CPY Car Park Server hard-coded credentials (9.6) Sep 28, 2022 Carlo Gavazzi Link
Carlo Gavazzi UWP/CPY Car Park Server API missing authentication (9.6) Sep 28, 2022 Carlo Gavazzi Link
Carlo Gavazzi UWP/CPY Car Park Server API Parameter os command injection (9.6) Sep 28, 2022 Carlo Gavazzi Link
Check Point ZoneAlarm Extreme Security Updates permission (8.4) Sep 28, 2022 Check Point Link
Mozilla Firefox Maintenance Service toctou (8.4) Sep 29, 2022 Mozilla Firefox Link
Mozilla Thunderbird Maintenance Service toctou (8.4) Sep 29, 2022 Mozilla Thunderbird Link
matrix-js-sdk Verification key exchange without entity authentication (7.8) Sep 29, 2022 matrix-js-sdk Link
Vulnerability CVSSv3 Release Date Products References
kromitgmbh titra improper authorization (8.4) Aug 1, 2022 Kromitgmbh titra Link
Shescape Regular Expression escapeAll injection (8.4) Aug 2, 2022 Shescape Link
fs2 certificate validation (8.0) Aug 2, 2022 fs2 certificate Link
CVAT server-side request forgery (7.8) Aug 2, 2022 CVAT Link
VMware Workspace ONE Access improper authentication (9.4) Aug 3, 2022 VMware Workspace Link
monorepo-build Remote Code Execution (8.4) Aug 3, 2022 Monorepo Link
image-tiler Remote Code Execution (8.4) Aug 3, 2022 İmage-tiler Link
tooljet access control (8.4) Aug 3, 2022 Tooljet Link
gitblame gitblame.js injection (8.2) Aug 3, 2022 Gitblame Link
heroku-env get.js injection (8.2) Aug 3, 2022 Heroku Link
npos-tesseract ocr.js injection (8.2) Aug 3, 2022 npos-tesseract Link
NHI Card Network Packet stack-based overflow (7.7) Aug 3, 2022 NHI Card Network Link
OMICARD EDM hard-coded credentials (9.6) Aug 4, 2022 OMICARD Link
DevExpress SafeBinaryFormatter deserialization (8.6) Aug 4, 2022 DevExpress Link
Vinchin Backup and Recovery hard-coded credentials (8.5) Aug 4, 2022 Vinchin Link
Sante PACS Server sql injection (8.4) Aug 4, 2022 Sante PACS Link
OMICARD EDM API Function sql injection (8.4) Aug 4, 2022 OMICARD EDM API Link
Sante DICOM Viewer Pro J2K File Parser out-of-bounds write (8.3) Aug 4, 2022 Sante DICOM Link
KVM use after free (7.8) Aug 5, 2022 KVM Link
Samsung Baseband heap-based overflow (7.8) Aug 5, 2022 Samsung Link
Ethermint exposure of resource (7.6) Aug 5, 2022 Ethermint Link
TCL LinkHub Mesh Wi-Fi MS1G Configuration logserver GetValue buffer overflow (9.2) Aug 6, 2022 TCL LinkHub Link
TCL LinkHub Mesh Wi-Fi MS1G Network ucloud_del_node access control (9.2) Aug 6, 2022 TCL LinkHub Link
TCL LinkHub Mesh Wi-Fi MS1G Network Packet addTimeGroup stack-based overflow (8.8) Aug 6, 2022 TCL LinkHub Link
TCL LinkHub Mesh Wi-Fi MS1G Network confctl_set_guest_wlan denial of service (8.8) Aug 6, 2022 TCL LinkHub Link
Microsoft Windows SMB Remote Code Execution (7.7) Aug 9, 2022 Microsoft Wİndows Link
KUKA V-KSS Robot Configuration missing authentication (9.6) Aug 10, 2022 KUKA V-KSS Link
Cisco Small Business RV345 buffer overflow (9.4) Aug 10, 2022 Cisco Small Link
Siemens SCALANCE XR-500 injection (8.4) Aug 10, 2022 Siemens Link
Cisco Small Business RV345 buffer overflow (8.3) Aug 10, 2022 Cisco Small Link
Cisco Small Business RV345 buffer overflow (8.3) Aug 10, 2022 Cisco Small Link
ClamAV Antivirus Regex Module out-of-bounds (8.3) Aug 10, 2022 ClamAV Link
mc-kill-port kill Local Privilege Escalation (7.6) Aug 10, 2022 mc-kill-port Link
B&R Studio input validation (8.2) Aug 11, 2022 B&R Link
Zoom Client for Meetings URL Parser input validation (7.8) Aug 11, 2022 Zoom Link
loopback-connector-postgresql sql injection (7.6) Aug 13, 2022 Postgrsql Link
Cockpit authentication bypass (8.4) Aug 15, 2022 Cockbit Link
nameless missing critical step in authentication (8.4) Aug 15, 2022 Nameless Link
Zoom Client for Meetings signature verification (8.6) Aug 16, 2022 Zoom Link
oxyno-zeta react-editable-json-tree neutralization of directives (7.7) Aug 16, 2022 Oxyno-zeta Link
Emerson ControlWave BSAP-IP Protocol integrity check (9.6) Aug 17, 2022 Emerson ControlWave Link
GOG Galaxy GOG.com permission (8.8) Aug 17, 2022 GOG Galaxy Link
Sequi PortBloque S Requests improper authorization (8.0) Aug 17, 2022 Sequi PortBloque Link
Sequi PortBloque S improper authentication (7.8) Aug 17, 2022 Sequi PortBloque Link
Device42 CMDB db_optimize os command injection (7.6) Aug 17, 2022 Device42 CMDB Link
Zoom Rooms for Conference Rooms signature verification (8.4) Aug 18, 2022 Zoom Link
Qualys Cloud Agent access control (8.4) Aug 18, 2022 Qualys Cloud Agent Link
Cisco Secure Web Appliance HTTP os command injection (8.4) Aug 19, 2022 Cisco Secure Link
Project-Nexus sql injection (8.5) Aug 20, 2022 Project-Nexus Link
IBM MQ XML Data xml external entity reference (7.6) Aug 20, 2022 IBM MQ Link
MA Lighting grandMA2 Light hard-coded credentials (8.8) Aug 21, 2022 MA Lighting Link
Linux Kernel eBPF out-of-bounds write (8.6) Aug 24, 2022 Linux Kernel Link
mySCADA myPRO command injection (8.4) Aug 24, 2022 mySCADA myPRO Link
Measuresoft ScadaPro Server ActiveX Control out-of-bounds write (8.4) Aug 24, 2022 Measuresoft Scada Pro Link
Linux Kernel NILFS File System inode.c security_inode_alloc use after free (8.4) Aug 24, 2022 Linux Kernel Link
Linksys MR8300 DDNS Service os command injection (7.7) Aug 24, 2022 Linksys MR8300 Link
Cisco NX-OS/FXOS Discovery Protocol Packet stack-based overflow (8.6) Aug 25, 2022 Cisco Link
Linux Kernel Pipe Buffer pipe_resize_ring locking (8.4) Aug 25, 2022 Linux Kernel Link
Linux Kernel LightNVM Subsystem heap-based overflow (8.4) Aug 25, 2022 Linux Kernel Link
RPM link following (8.4) Aug 26, 2022 RPM Link
Linux Kernel SUID/GUID begin_new_exec permission (8.4) Aug 26, 2022 Linux Kernel Link
Linux Kernel PLP Rose rose_bind use after free (8.5) Aug 29, 2022 Linux Kernel Link
Linux Kernel io_uring Subsystem io_uring.c io_register_personality use after free (8.4) Aug 29, 2022 Linux Kernel Link
Hytec Inter HWL-2511-SS Command Line Interface command injection (8.5) Aug 30, 2022 Hytec Link
Le-yan Personnel and Salary Management System hard-coded credentials (8.4) Aug 30, 2022 Le-yan Link
Patlite NH-FB Firmware unrestricted upload (7.7) Aug 30, 2022 Patlite Link
Dell Container Storage Modules goiscsi/gobrick os command injection (8.8) Aug 31, 2022 Dell Link
Dell EMC SmartFabric os command injection (7.9) Aug 31, 2022 Dell Link
Dell Container Storage Modules goiscsi/gobrick path traversal (7.5) Aug 31, 2022 Dell Link
Vulnerability CVSSv3 Release Date Products References
OpenSSL RSA Private Key rsaz_exp_x2.c ossl_rsaz_mod_exp_avx512_x2 memory corruption (9.4) July 1, 2022 OpenSSL Link
SaltStack Salt improper authorization (8.0) July 1, 2022 SaltStack Link
Distributed Data Systems WebHMI os command injection (8.0) July 2, 2022 Distrubuted Data System Link
Nokia DGX A100 BiosCfgTool memory corruption (8.0) July 2, 2022 Nokia Link
GitLab Project Import Privilege Escalation (7.9) July 2, 2022 GitLab Link
git-clone command injection (7.6) July 2, 2022 git-clone Link
Home Spot Cube2 DHCP Server Reply os command injection (8.5) July 3, 2022 Home Spot Cube2 Link
Linux Kernel User Namespace nf_tables_api.c nft_set_elem_init type confusion (8.4) July 5, 2022 Linux Kernel Link
IOBit Advanced System Care/Action Download Center Asc.exe permission (8.5) July 6, 2022 IOBit Link
MediaTek MT8797 Modem out-of-bounds write (8.4) July 6, 2022 MediaTek Link
IOBit Advanced System Care/Driver Booster Update Procedure data authenticity (7.8) July 6, 2022 IOBit Link
MediaTek MT8797 Modem 2G RR out-of-bounds write (7.7) July 6, 2022 MediaTek Link
CWP command injection (7.7) July 7, 2022 CWP Link
Dell EMC Storage Cloud Mobility Remote Code Execution (8.9) July 8, 2022 Dell EMC Link
atoms183 CMS product_admin.php sql injection (8.0) July 8, 2022 Atoms183 CMS Link
HPE IceWall SSO sql injection (7.9) July 8, 2022 HPE Link
Dell EMC PowerProtect Cyber Recovery access control (7.6) July 8, 2022 Dell EMC Link
Keycloak authorization (7.6) July 8, 2022 Keycloak Link
Hap-WI Roxy-WI options.py subprocess_execute os command injection (9.4) July 9, 2022 Hap-WI Roxy-WI Link
rpc.py HTTP Header deserialization (8.2) July 9, 2022 Rpc Link
Lenze cabinet c520/cabinet c550/cabinet c750 Password Verification missing critical step in authentication (9.6) July 11, 2022 Lenze cabinet Link
Microsoft Azure Site Recovery VMWare to Azure Remote Code Execution (8.1) July 12, 2022 Microsoft Azure Link
Microsoft Windows Shell Privilege Escalation (7.8) July 12, 2022 Microsoft Windows Shell Link
Kubernetes aws-iam-authenticator access control (7.7) July 12, 2022 Kubernetes Link
Microsoft Azure Site Recovery VMWare to Azure Privilege Escalation (7.6) July 12, 2022 Microsoft AZure Link
Pyramid EtherNet-IP Adapter Development Kit Packet out-of-bounds write (9.1) July 13, 2022 Pyramid EtherNet-IP Link
Verizon 5G Home LVSKIHP InDoorUnit crtcrpc JSON Listener crtcmode.sh enable_ssh os command injection (8.5) July 14, 2022 Verizon 5G Home Link
5G Home LVSKIHP InDoorUnit crtcrpc JSON Listener crtc.lua crtcreadpartition os command injection (8.5) July 14, 2022 5G Home Link
Verizon 5G Home LVSKIHP OutDoorUnit crtcrpc JSON Listener rpc.lua crtcswitchsimprofile os command injection (8.5) July 14, 2022 Verizon 5G Home Link
Verizon 5G Home LVSKIHP OutDoorUnit RPC Endpoint wnc_crtc_fw.sh crtc_fw_upgrade Privilege Escalation (8.0) July 14, 2022 Verizon 5G Home Link
Verizon 5G Home LVSKIHP InDoorUnit RPC Endpoint crtc.lua crtcfwimage unrestricted upload (8.0) July 14, 2022 Verizon 5G Home Link
Verizon 5G Home LVSKIHP OutDoorUnit Settings Page settings.lua os command injection (7.7) July 14, 2022 Verizon 5G Home Link
Hap-WI Roxy-WI options.py subprocess_execute command injection (8.5) July 16, 2022 Hap-WI Roxy-WI Link
Parallels Desktop HDAudio Virtual Device buffer overflow (7.7) July 16, 2022 Parallels Desktop HDAudio Link
Infiray IRAY-A8Z3 strcpy buffer overflow (8.0) July 18, 2022 Infiray IRAY Link
QVIS NVR DVR sudo Configuration access control (7.6) July 18, 2022 QVIS NVR DVR Link
AnyDesk symlink (8.5) July 19, 2022 AnyDesk Link
Feed Them Social Plugin deserialization (8.4) July 19, 2022 Feed Them Social Plugin Link
Parallels Desktop permission assignment (8.3) July 19, 2022 Parallels Desktop Link
Parallels Access uncontrolled search path (8.3) July 19, 2022 Parallels Desktop Link
Fortinet FortiClient FortiESNAC Service path traversal (8.3) July 19, 2022 Fortinet Link
Parallels Access Desktop Control Agent service uncontrolled search path (8.3) July 19, 2022 Parallels Access Desktop Link
Parallels Desktop ACPI Virtual Device out-of-bounds (7.7) July 19, 2022 Parallels Desktop ACPI Link
Zyxel USG ZyWALL CLI Command privileges management (7.6) July 19, 2022 Zyxel Link
Yokogawa Passage Drive Interprocess Communication os command injection (8.8) July 20, 2022 Yokogawa Link
Pega Platform JMX Interface deserialization (8.5) July 20, 2022 Pega Platform Link
Digiwin BPM sql injection (8.4) July 20, 2022 Digiwin Link
openSUSE Tumbleweed keylime symlink (7.8) July 20, 2022 openSUSE Link
Fortinet FortiAP-U CLI CLI Command path traversal (7.8) July 20, 2022 Fortinet Link
Fortinet FortiClientWindows unnecessary privileges (7.8) July 20, 2022 Fortinet Link
Apple watchOS AppleAVD buffer overflow (9.4) July 21, 2022 Apple Link
Apple watchOS Wi-Fi memory corruption (9.4) July 21, 2022 Apple Link
Apple tvOS Wi-Fi Remote Code Execution (8.4) July 21, 2022 Apple Link
Advantech iView command injection (9.6) July 22, 2022 Advantech iView Link
Apple macOS Wi-Fi Remote Code Execution (9.4) July 22, 2022 Apple Link
Apple macOS Wi-Fi Remote Code Execution (9.4) July 22, 2022 Apple Link
Advantech iView sql injection (7.6) July 22, 2022 Advantech iView Link
Advantech iView missing authentication (7.6) July 22, 2022 Advantech iView Link
convert-svg-core SVG File code injection (7.9) July 23, 2022 SVG File Link
Atos Unify OpenScape SBC/OpenScape Branch/OpenScape BCF Remote Code Execution (8.4) July 25, 2022 Atos Unify OpenScape Link
ffmpeg-sdk index.js injection (8.2) July 25, 2022 Link
Osamaesh WP Visitor Statistics Plugin sql injection (8.2) July 25, 2022 Osamaesh WP Visitor Link
Pega improper authorization (8.5) July 26, 2022 Pega Link
hestiacp os command injection (7.9) July 27, 2022 Hestiacp Link
Veritas NetBackup OpsCenter Java Classloader code injection (9.8) July 28, 2022 Veritas Link
Synology Media Server CGI buffer overflow (9.7) July 28, 2022 Synology Media server Link
Veritas NetBackup access control (9.3) July 28, 2022 Veritas Link
Veritas NetBackup access control (9.2) July 28, 2022 Veritas Link
Veritas NetBackup OpsCenter VxSS Subsystem hard-coded credentials (8.8) July 28, 2022 Veritas Link
Veritas NetBackup OpsCenter Remote Code Execution (8.7) July 28, 2022 Veritas Link
Veritas NetBackup OpsCenter Local Privilege Escalation (8.5) July 28, 2022 Veritas Link
Veritas NetBackup OpsCenter User Account access control (8.1) July 28, 2022 Veritas Link
Veritas Netbackup access control (7.9) July 28, 2022 Veritas Link
AVEVA Platform Common Services uncontrolled search path (7.9) July 28, 2022 AVEVA Platform Link
Veritas NetBackup access control (7.8) July 28, 2022 Veritas Link
Veritas NetBackup Privilege Escalation (7.7) July 28, 2022 Veritas Link
PHP libmagic finfo_buffer free of memory not on the heap (7.7) July 28, 2022 PHP Link
SonicWALL Analytics On-Prem sql injection (9.4) July 29, 2022 SonicWall Link
IBM PowerVM VIOS Remote Code Execution (9.3) July 29, 2022 IBM PowerVM Link
Ovarro TBox TG2 Configuration code injection (8.6) July 29, 2022 Ovarro TBox Link
Ovarro TBox TG2 Configuration File permission assignment (8.6) July 29, 2022 Ovarro TBox Link
Inavitas Solar Log sql injection (8.3) July 29, 2022 Inavitas Solar Link
HPE iLO 5 Remote Code Execution (8.4) July 31, 2022 HPE iLO 5 Link
Vulnerability CVSSv3 Release Date Products References
Sofia-SIP SDP Message Parser heap-based overflow (8.0) June 1, 2022 Sofia-SIP Link
ramank775 Chat Server Access Token Validator this.authProvider.verifyAccessKey improper authentication (8.0) June 1, 2022 Ramank775 Link
Schneider Electric Wiser Smart missing encryption (7.7) June 3, 2022 Schneider Electric Link
eG Agent permission (7.6) June 3, 2022 eG Agent Link
Atlassian Confluence Server/Data Center OGNL injection (9.4) June 4, 2022 Atlassian Confluence Server Link
Dominion Democracy Suite Voting System ImageCast X certificate validation (8.1) June 5, 2022 Dominion Democracy Suite Voting System Link
HID Mercury LP1501/LP1502/LP2500/LP4502/EP4502 Update buffer overflow (9.7) June 6, 2022 HID Mercury Link
HID Mercury LP1501/LP1502/LP2500/LP4502/EP4502 Hostname protection mechanism (9.5) June 6, 2022 HID Mercury Link
HID Mercury LP1501/LP1502/LP2500/LP4502/EP4502 Route edit_route.cgi os command injection (8.6) June 6, 2022 HID Mercury Link
HID Mercury LP1501/LP1502/LP2500/LP4502/EP4502 Firmware Binary direct request (8.5) June 6, 2022 HID Mercury Link
HID Mercury LP1501/LP1502/LP2500/LP4502/EP4502 path traversal (8.0) June 6, 2022 HID Mercury Link
3CX Phone System PhoneSystem Terminal improper authentication (8.8) June 7, 2022 3CX Phone System Link
emicklei go-restful authorization (8.1) June 8, 2022 Emicklei Link
ToaruOS Kernel access control (7.7) June 8, 2022 ToaruOS Link
ITarian SAAS/On-Premise procedures security check for standard (9.1) June 9, 2022 ITarian Link
Linux Kernel File System Notification copy_event_to_user use after free (8.4) June 9, 2022 Linux Kernel File System Link
PJSIP STUN buffer overflow (8.4) June 9, 2022 PJSIP Link
ITarian Endpoint Manage Communication Client OpenSSL Configuration openssl.conf permission (8.1) June 9, 2022 ITarian Link
Firejail User Namespace join.c access control (7.9) June 9, 2022 Firejail Link
gogs os command injection (8.5) June 10, 2022 gogs Link
gogs path traversal (8.5) June 10, 2022 gogs Link
jgraph drawio code injection (8.3) June 10, 2022 jgraph Link
ToolJet Remote Code Execution (7.6) June 10, 2022 ToolJet Link
RealVNC VNC Server Installer Repair access control (8.4) June 11, 2022 RealVNC Link
Dell SupportAssist Client Consumer uncontrolled search path (8.3) June 11, 2022 Dell Sport Asssist Link
Linux Kernel Floating Point Register ptrace-fpu.c ptrace_get_fpr buffer overflow (7.6) June 11, 2022 Linux Kernel Link
Festo Controller CECC-X-M1 POST Request os command injection (9.6) June 13, 2022 Festo Controller Link
NAVER Cloud Explorer privileges management (8.8) June 13, 2022 NAVER Cloud Link
Microsoft Windows Network File System Remote Code Execution (8.9) June 14, 2022 Microsoft Windows Link
Microsoft Windows LDAP Remote Code Execution (8.1) June 14, 2022 Microsoft Windows Link
Microsoft SharePoint Server Privilege Escalation (8.1) June 14, 2022 Microsoft Sharepoint Server Link
Microsoft SharePoint Server Privilege Escalation (8.1) June 14, 2022 Microsoft Sharepoint Server Link
Microsoft Windows LDAP Remote Code Execution (8.1) June 14, 2022 Microsoft Windows LDAP Link
Microsoft Windows Kerberos AppContainer Privilege Escalation (8.0) June 14, 2022 Microsoft Windows Kerberos Link
Microsoft Windows Kerberos Privilege Escalation (7.7) June 14, 2022 Microsoft Windows Kerberos Link
Microsoft System Center Operations Manager Privilege Escalation (7.6) June 14, 2022 Microsoft System Center Operations Manager Link
Splunk Enterprise Forwarder Bundle access control (8.3) June 15, 2022 Splunk Link
PHP Parametrized Query uninitialized pointer (7.7) June 16, 2022 PHP Link
Anker Eufy Homebase mips_collector use after free (8.0) June 17, 2022 Anker Eufy Hombase Link
Parse Server Apple Game Center Auth Adapter improper authentication (7.8) June 17, 2022 Apple Game Center Link
polonel trudesk API incorrect privileged apis (8.5) June 20, 2022 Polonel Trudesk Link
polonel trudesk unrestricted upload (8.3) June 20, 2022 Polonel Trudesk Link
McAfee Consumer Product Removal Tool Configuration File permission (8.2) June 20, 2022 McAfee Link
McAfee Consumer Product Removal Tool uncontrolled search path (8.2) June 20, 2022 McAfee Link
Phoenix Contact Product data authenticity (9.6) June 21, 2022 Phoenix Link
Comodo Antivirus Quarantine access control (8.8) June 22, 2022 Comodo Antivirus Link
Red Hat Enterprise Linux Kernel hard-coded key (8.4) June 22, 2022 RedHat Enterprise Linux Link
Tenable Nessus PowerShell cmdlet Check access control (8.4) June 22, 2022 Tenable Nessus Link
SiHAS SGW-300/ACM-300/GCM-300 Firmware improper authentication (9.2) June 23, 2022 SiHAS SGW-300/ACM-300/GCM-300 Firmware Link
Pure Storage Purity FA/Purity FB Management Interface hard-coded credentials (8.4) June 23, 2022 Pure Storage Link
Pure Storage Purity FA/Purity FB Restricted Shell access control (7.6) June 23, 2022 Pure Storage Link
CODESYS Products Request unexpected sign extension (9.8) June 24, 2022 CODESYS Products Link
CODESYS PLCWinNT and Runtime Toolkit 32 Password Protection insecure default initialization of resource (9.6) June 24, 2022 CODESYS PLCWinNT Link
CODESYS Products Request heap-based overflow (8.8) June 24, 2022 CODESYS Products Link
CODESYS Products Local File out-of-range pointer offset (8.8) June 24, 2022 CODESYS Products Link
MELAG FTP Server unnecessary privileges (8.1) June 24, 2022 Melag FTP Link
Illumina Local Run Manager unrestricted upload (9.7) June 25, 2022 Illumina Link
Secheron SEPCOS behavioral workflow (9.4) June 25, 2022 Secheron SEPCOS Link
EagleGet Downloader luminati_net_updater_win_eagleget_com Privilege Escalation (8.8) June 25, 2022 EagleGet Link
Illumina Local Run Manager path traversal (8.5) June 25, 2022 Illumina Link
Secheron SEPCOS FTP Server access control (8.4) June 25, 2022 Secheron SEPCOS Link
Illumina Local Run Manager improper authorization (8.0) June 25, 2022 Illumina Link
ionicabizau parse-url server-side request forgery (8.2) June 27, 2022 İonicabizau Link
Douzone NeoRS ActiveX Module origin validation (8.1) June 28, 2022 Douzone NeoRS Link
LDAP Account Manager injection (7.6) June 28, 2022 LDAP Link
Clever underscore.deep deepFromFlat prototype pollution (7.6) June 28, 2022 Clever DeepFromFlat Link
Vulnerability CVSSv3 Release Date Products References
Bender CC612 SSH hard-coded password (CVE-2021-34601) (9.8) Apr 28, 2022 Bender CC612 Link
Bender CC612/CC613/ICC15xx/ICC16xx ifplugd unnecessary privileges (CVE-2021-34591) (7.6) Apr 28, 2022 Bender CC612/CC613/ICC15xx/ICC16xx Link
cifs-utils mount.cifs stack-based overflow (CVE-2022-27239) (7.5) Apr 28, 2022 cifs-utils Link
Bender CC612/CC613/ICC15xx/ICC16xx Web Interface os command injection (CVE-2021-34602) (8.6) Apr 28, 2022 Bender CC612/CC613/ICC15xx/ICC16xx Link
FreeRDP NTLM Authentication improper authentication ( CVE-2022-24882) (9.3) Apr 26, 2022 FreeRDP up to 2.6.x Link
Solana rBPF sdiv Instruction calculation (CVE-2022-23066) (9.3) May 9, 2022 SOLANA RBPF Link
Tecson Tankspion Endpoint improper authentication (CVE-2019-12254) (8.4) May 7, 2022 TECSON TANKSPION ENDPOINT Link
Splunk Enterprise Search Parameter injection (CVE-2022-26889) (7.9) May 7, 2022 Splunk Enterprise Link
QNAP QVR command injection (CVE-2022-27588) (9.6) May 6, 2022 QNAP QVR PRIOR 5.1.6 Link
ecdsautils CLI Command ecdsa_verify_list_legacy signature verification (CVE-2022-24884) (8.5) May 6, 2022 ECDSAUTILS Link
Flux/kustomize-controller kustomization.yaml path traversal (CVE-2022-24887) (7.9) May 6, 2022 FLUX/KUSTOMIZE-CONTROLLER Link
python-libnmap Remote Code Execution (CVE-2022-30284) (8.5) May 5, 2022 Python Link
clinical-genomics scout server-side request forgery (CVE-2022-1592) (8.2) May 5, 2022 CLINICAL-GENOMICS SCOUT Link
YetiForce CRM unrestricted upload (CVE-2022-1411) (7.5) May 5, 2022 YETIFORCE CRM Link
TIBCO Managed File Transfer Command Center DOM XML Parser/SAX XML Parser xml external entity reference (CVE-2022-22774) (7.9) May 10, 2022 TIBCO Link
D-Link DIR-882 Blink command injection (CVE-2022-28901) (8.0) May 10, 2022 D-Link Link
D-Link DIR-882 SubnetMask command injection (CVE-2022-28896) (8.0) May 10, 2022 D-Link Link
D-Link DIR-882 IPAddress command injection (CVE-2022-28895) (7.7) May 10, 2022 D-Link Link
alextselegidis easyappointments API privileges management (CVE-2022-1397) (8.6) May 10, 2022 alextselegidis Link
InHand InRouter302 Console Factory stack-based overflow (CVE-2022-26002) (8.1) May 12, 2022 InHand Link
InHand InRouter302 httpd libnvram.so nvram_import input validation (CVE-2022-26782) (9.3) May 12, 2022 InHand Link
InHand InRouter302 Network Request infactory_net os command injection (CVE-2022-26518) (9.3) May 12, 2022 InHand Link
InHand InRouter302 Console infactory_port os command injection (CVE-2022-26420) (9.3) May 12, 2022 InHand Link
InHand InRouter302 Console infactory_wlan os command injection (CVE-2022-26075) (9.3) May 12, 2022 InHand Link
Weintek cMT code injection (CVE-2021-27446) (9.7) May 17, 2022 Weintek Link
Trend Micro Password Manager link following (CVE-2022-30523) (8.8) May 17, 2022 Trend Micro Link
Weintek cMT access control (CVE-2021-27444) (8.4) May 17, 2022 Weintek Link
Linux Kernel sched Privilege Escalation (CVE-2022-29581) (8.1) May 17, 2022 Linux kernel Link
Linux Kernel io_uring integer overflow (CVE-2022-1116) (8.1) May 17, 2022 Linux kernel Link
Fidelis Network and Deception Web Interface os command injection (CVE-) (8.6) May 18, 2022 Fidelis Link
Fidelis Network and Deception CLI cert_utils os command injection (8.6) May 18, 2022 Fidelis Link
Fidelis Network and Deception CLI remote_text_file os command injection (8.6) May 18, 2022 Fidelis Link
Fidelis Network and Deception Web Interface os command injection (8.6) May 18, 2022 Fidelis Link
NVIDIA GPU Display Driver Kernel Mode Layer out-of-bounds read (8.1) May 18, 2022 NVIDIA Link
FlyteConsole Web User Interface server-side request forgery (8.0) May 18, 2022 FlyteConsole Link
Lenovo System Interface Foundation IMController toctou (7.5) May 20, 2022 Lenova Link
Lenovo System Interface Foundation IMController toctou (7.5) May 20, 2022 Lenova Link
Snow License Manager unquoted search path (7.5) May 20, 2022 Snow Link
Mitsubishi Electric Factory Automation Engineering permission (7.7) May 20, 2022 Mitsubishi Electric Link
Vmware Workspace ONE Access access control (8.4) May 21, 2022 Vmware Workspace Link
Vmware Workspace ONE Access improper authentication (9.4) May 21, 2022 Vmware Workspace Link
Nokogiri XML Parser/HTML4 SAX Parser #to_s memory corruption (7.6) May 21, 2022 Nokogiri Link
Rundeck hard-coded key (8.0) May 21, 2022 Rundeck Link
Argo CD improper authentication (8.5) May 21, 2022 Argo CD Link
Cilium default permission (8.6) May 21, 2022 Cilium Link
SOOTEWAY Wi-Fi Range Extender Telnet Service hard-coded credentials (9.8) May 21, 2022 SOOTEWAY Wifi Link
publify access control (7.9) May 22, 2022 Publify Link
publify unrestricted upload (7.5) May 24, 2022 Publify Link
Zyxel USG/ZyWALL packet-trace argument injection (7.8) May 24, 2022 Zyxel Link
Cognex In-Sight OPC Server deserialization (8.4) May 24, 2022 Cognex Link
Annke N48PBB stack-based overflow (9.4) May 24, 2022 Annke Link
Microsoft Azure RTOS USBX ux_device_class_dfu_control_request buffer overflow (9.6) May 25, 2022 Microsoft Azure Link
Open Automation OAS SecureTransferFiles missing authentication (8.2) May 26, 2022 Open Automation Link
Open Automation OAS REST API missing authentication (8.1) May 26, 2022 Open Automation Link
Archer Platform SSO ADFS access control (9.5) May 27, 2022 Archer Platform Link
protobufjs code injection (7.6) May 28, 2022 Protobufjs Link
VulnerabilityExploitation StatusCVSSv3Release DateProductsReferences

Zero-Day Remote code Execution Vulnerability in Palo Alto Firewalls Utilising the GlobalProtect VPN Component

CVE-2021-3064

Unknown9.8Nov 10, 2021Palo Alto Firewall Operating System PAN-OS 8.1 prior to 8.1.17Link

Microsoft Exchange Server Remote Code Execution (RCE) Vulnerability discovered by MSTIC

CVE-2021-42321

Exploited in the Tianfu Cup8.8Nov 9, 2021Microsoft Exchange ServerLink

Microsoft Excel Security Feature Bypass Vulnerability discovered by MSTIC

CVE-2021-42292

In-the-wild7.8Nov 9, 2021Microsoft OfficeLink

Critical Citrix Unauthenticated Denial of Service (DDoS) Bug Shuting Down Network, Cloud App Access

CVE-2021-22955

Ongoing exploitationN/ANov 9, 2021Citrix ADC | Citrix GatewayLink

Critical Remote Code Execution (RCE) in the Transparent Inter Process Communication (TIPC) Module of the Linux Kernel

CVE-2021-43267

Unknown9.8Nov 2, 2021Linux Kernel Versions between 5.10 and 5.15Link

Google Android Zero-Day Use-After-Free (UAF) Bug Leading to a Local Escalation of Privilege in the Kernel

CVE-2021-1048

In-the-wild7.8Nov 1, 2021Android KernelLink

‘Trojan Source’ Bugs of Unicode Bidirectional Algorithm (BiDi)

CVE-2021-42574 | CVE-2021-42694

POC Exploit Code Available9.8Nov 1, 2021Unicode Bidirectional Algorithm (BiDi) through Version 14.0Link
Vulnerability Exploitation Status CVSSv3 Release Date Products References
Cisco SD-WAN High-Severity Privilege Escalation Vulnerability Leading to Arbitrary Code Execution in the IOS IE Operating System
CVE-2021-1529 		Unknown 7.8 Oct 20, 2021 Cisco IOS XE Software | Cisco IOS XE SD-WAN Software Link
RCE Vulnerability in The Trial Version of WinRAR
CVE-2021-35052 		Unknown N/A Oct 20, 2021 WinRAR Version 5.70 Link
Google Chrome Critical Heap-Buffer-Overflow and Use-After-Free (UAF) Vulnerabilities
CVE-2021-37981 | CVE-2021-37984 | CVE-2021-37982 | CVE-2021-37983 | CVE-2021-37985 		Unknown N/A Oct 19, 2021 Google Chrome Link
Microsoft Exchange Server Remote Code (RCE) Vulnerability found by NSA
CVE-2021-26427 		Unknown 9.0 Oct 12, 2021 Microsoft Exchange Server Link
Windows Win32k Elevation of Privilege Zero-Day Vulnerability Used By MysterySnail RAT
CVE-2021-40449 		In-the-wild 7.8 Oct 12, 2021 All Supported Versions of Windows Link
RCE Vulnerabilities on Microsoft SharePoint and Windows DNS Servers
CVE-2021-40487 | CVE-2021-40469 		Unknown 8.1 Oct 12, 2021 Microsoft SharePoint Versions | Windows DNS Server Versions Link
Link
Apple iOS Remote Code Execution (RCE) Zero-Day Bug
CVE-2021-30883 		In-the-wild N/A Oct 11, 2021 iOS 15.0.2 and iPadOS 15.0.2 Link
Path Traversal Zero Day and File Disclosure Vulnerability in Apache HTTP Server
CVE-2021-41773 | CVE-2021-42013 		In-the-wild 7.5 Oct 4, 2021 Apache HTTP Server 2.4.49 Link
Vulnerability Exploitation Status CVSSv3 Release Date Products References
Second Pair of Google Chrome Use-after-free Zero Day Bugs in September CVE-2021-37975 | CVE-2021-37976 In-the-wild N/A Sep 30, 2021 Google Chrome Link
Unpatched Stored XSS Zero-Day Vulnerability in Apple AirTag N/A Unknown N/A Sep 29, 2021 Apple AirTag Link
Cisco Unauthenticated Remote-code-execution (RCE) and Denial-of-service (DoS) Vulnerability CVE-2021-34770 Unknown 10 Sep 22, 2021 Cisco Catalyst 9000 Family of Wireless Controllers Link
Critical Software-buffer-overflow and Authentication-bypass Bugs in Cisco CVE-2021-34727 | CVE-2021-1619 Unknown 9.8 Sep 22, 2021 Cisco SD-WAN Software | Cisco IOS XE Software Link Link
VMware Ransomware-Friendly Arbitrary File Upload Bug in vCenter Server CVE-2021-22005 POC exploit code available 9.8 Sep 21, 2021 VMware vCenter Server Link
Zero-day Security Vulnerability in Apple’s macOS Finder System No CVE assigned Unknown N/A Sep 21, 2021 macOS Big Sur and Prior Link
Netgear SOHO Security Bug allowing RCE via A Man-in-the-middle (MiTM) Attack CVE-2021-40847 POC exploit code available 8.1 Sep 20, 2021 Netgear Small Office/Home Office (SOHO) Routers Link
Adobe Arbitrary Code Execution Vulnerability Affecting Its Core Products CVE-2021-39863 Unknown 8.8 Sep 14, 2021 Adobe Reader DC | Adobe Acrobat Reader DC Link
OMIGOD Microsoft Zero-day RCE Vulnerability in the Azure Cloud Platform CVE-2021-38647 POC exploit code available 9.8 Sep 14, 2021 Microsoft Azure Cloud Link
ForcedEntry Apple Zero-day Bugs Exploited by NSO Group CVE-2021-30858 | CVE-2021-30860 Zero-click exploit available 8.8 Sep 13, 2021 iPhone | iPad | Mac | Apple Watch Link
Google Chrome Use-After-Free (UAF) Zero-Day Bugs CVE-2021-30632 | CVE-2021-30633 In-the-wild N/A Sep 13, 2021 Google Chrome Link
Zero-Day RCE Vulnerability in Microsoft MSHTML CVE-2021-40444 Ongoing exploitation 8.8 Sep 7, 2021 Microsoft Windows Link
An Authentication Bypass Bug in the ManageEngine ADSelfService Plus Platform CVE-2021-40539 Ongoing exploitation N/A Sep 7, 2021 Zoho ManageEngine ADSelfService Plus Link
Cisco Enterprise NFV Infrastructure Software Authentication Bypass Vulnerability CVE-2021-34746 POC exploit code available 9.8 Sep 1, 2021 Cisco Enterprise NFVIS Link
Vulnerability Exploitation Status CVSSv3 Release Date Products References
Critical Microsoft Azure Cosmos DB Bug
No CVE assigned 		Unknown N/A Aug 26, 2021 Microsoft Azure Cosmos DB | Jupyter Notebook Link
Critical Vulnerability in the Atlassian Confluence Server Platform
CVE-2021-26084 		Ongoing exploitation 9.8 Aug 25, 2021 Atlassian Confluence Server and Data Center Link
Sudo Bug Privilege Escalation Vulnerability for HPE Aruba
CVE-2021-3156 		POC exploit code available 7.8 Aug 25, 2021 HPE Aruba AirWave Management Platform Link
Parallels Desktop Privilege Escalation Bug
CVE-2021-34864 		Unknown 8.8 Aug 25, 2021 Parallels Desktop Link
A Consensus Vulnerability in Go-Ethereum (Geth) EVM Causing a Node to Reject the Canonical Chain
CVE-2021-39137 		In-the-wild 7.5 Aug 24, 2021 All Geth Versions Supporting the London Hard Fork Link
OpenSSL Bug in the Implementation of the SM2 Decryption Code Leading to a Buffer Overflow when Calling the API Function to Decrypt SM2 Encrypted Data
CVE-2021-3711 		Unknown 9.8 Aug 24, 2021 OpenSSL versions 1.1.1k and earlier 1.1.1x Link
ThroughTek Critical Bug Allowing Remote Compromise, Control of Millions of IoT devices
CVE-2021-28372 		Unknown 8.3 Aug 17, 2021 ThroughTek’s Kalay Platform 2.0 Link
Windows Print Spooler Remote Code Execution Vulnerability
CVE-2021-36958 		Unknown 7.8 Aug 11, 2021 Windows Server Link
Realtek Jungle SDK Buffer Overflow Arbitrary Code Execution (ACE) Vulnerability
CVE-2021-35395 		Ongoing exploitation 9.8 Aug 11, 2021 Realtek SDK | Realtek “Jungle” SDK | Realtek “Luna” SDK Link
Pulse Connect Secure Vulnerability Allowing an Authenticated Administrator to Perform a File Write via a Maliciously Crafted Archive Uploaded in the Administrator Web Interface
CVE-2021-22937 		Unknown 9.1 Aug 5, 2021 Pulse Connect Secure before 9.1R12 Link
Vulnerability Exploitation Status CVSSv3 Release Date Products References
Apple Zero-Day Local Privilege Escalation Vulnerability in the IOMobileFrameBuffer
CVE-2021-30807 		In-the-wild 7.8 Jul 26, 2021 iOS 14.7.1 | iPadOS 14.7.1 | macOS Big Sur 11.5.1 | watchOS 7.6.1 Link Link Link
Jira Remote Code Execution (RCE) Missing Authentication Bug in Atlassian
CVE-2020-36239 		Unknown 9.8 Jul 21, 2021 Jira Data Center | Jira Service Management Data Center Link
Windows Print Spooler Remote Code Execution Vulnerability
CVE-2021-34481 		Unknown 8.8 Jul 15, 2021 Windows Server Link
Type Confusion Bug in V8 in Google Chrome
CVE-2021-30563 		In-the-wild 8.8 Jul 15, 2021 Google Chrome prior to 91.0.4472.164 Link
Remote Code Execution (RCE) Vulnerability in the SolarWinds Serv-U Product
CVE-2021-35211 		Zero-Day Exploit 10.0 Jul 13, 2021 SolarWinds Serv-U Managed File Transfer | Serv-U Secure FTP for Windows before 15.2.3 HF2 Link
Microsoft Exchange Information Disclosure Vulnerability
CVE-2021-33766 		Unknown 7.5 Jul 13, 2021 Microsoft Exchange Server Link
Linux Kernel Netfilter Heap Out-Of-Bounds Write Denial-of-Service (DoS) Bug
CVE-2021-22555 		POC Exploit Code Available 8.3 Jul 7, 2021 Linux since v2.6.19-rc1 Link
Microsoft Exchange Server Remote Code Execution ProxyShell Vulnerability
CVE-2021-34473 		Unknown 9.1 Jul 2, 2021 Microsoft Exchange Server Link
Windows Print Spooler Remote Code Execution PrintNightmare Vulnerability Leading System Privileges and Running Commands on PCs
CVE-2021-34527 		POC Exploit Code Available 8.8 Jul 1, 2021 Windows Server Link
Vulnerability Exploitation Status CVSSv3 Release Date Products References
ForgeRock AM Pre-Auth Remote Code Execution (RCE) Vulnerability via the Java Deserialization in the Jato Framework
CVE-2021-35464 		POC Exploit Code Available 9.8 Jun 29, 2021 ForgeRock AM server before 7.0 Link
NVIDIA Trusty Driver Buffer Overflow Vulnerability
CVE‑2021‑34372 		Unknown 8.2 Jun 22, 2021 NVIDIA Jetson Link
Google Chrome Use After Free Bug in BFCache
CVE-2021-30544 		Unknown 9.8 Jun 9, 2021 Google Chrome prior to 91.0.4472.101 Link
Windows NTFS Elevation of Privilege Vulnerability
CVE-2021-31956 		In-the-wild 7.8 Jun 8, 2021 Windows Server Link
Windows MSHTML Platform Remote Code Execution (RCE) Vulnerability
CVE-2021-33742 		In-the-wild 8.8 Jun 8, 2021 Windows Server Link
Local Privilege Escalation vulnerability in Intel Virtualization Technology for Directed I/O (VT-d)
CVE-2021-24489 		Unknown 8.8 Jun 8, 2021 Intel Core Processors | Intel Pentium Processors | Intel Celeron Processors | Intel Atom Processors Link
Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2021-33739 		In-the-wild 8.4 Jun 8, 2021 Windows 10 Link
Windows NTLM Elevation of Privilege Vulnerability
CVE-2021-31958 		Unknown 8.8 Jun 8, 2021 Windows Server Link
Android System Out of Bounds Read and Write due to a Use After Free Elevation-of-Privilege (EoP) Bug
CVE-2021-0516 		Unknown 9.8 Jun 2, 2021 AOSP versions 8.1, 9, 10, 11 Link
Windows Print Spooler Remote Code Execution (RCE) Vulnerability
CVE-2021-1675 		Unknown 8.8 Jun 1, 2021 Windows Server Link
Vulnerability Exploitation Status CVSSv3 Release Date Products References
Apache Dubbo Pre-Auth Remote Code Execution (RCE) Bug via Java Deserialization in the Generic filter
CVE-2021-30179 		POC Exploit Code Available 9.8 May 31, 2021 Dubbo all 2.5.x, 2.6.x and 2.7.x versions Link
Privilege Escalation Vulnerability in Dell DBUtil Driver
CVE-2021-21551 		In-the-wild 7.8 May 31, 2021 DBUtil: 2.3 Link
VMware vCenter Server Remote Code Execution and Authentication Vulnerabilities in vSphere Client (HTML5)
CVE-2021-21985 | CVE-2021-21986 		POC Exploit Code Available 9.8 May 26, 2021 VMware vCenter Server | VMware Cloud Foundation Link
Apple Multiple Memory Corruption Vulnerability
CVE-2021-30734 		POC Exploit Code Available 8.8 May 24, 2021 iOS 14.6 | iPadOS 14.6 | macOS Big Sur 11.5.1 | Safari 14.1.1 Link Link Link
Pulse Connect Secure Buffer Overflow Arbitrary Code Execution (ACE) Bug in Windows File Resource Profiles in 9.X
CVE-2021-22908 		Unknown 8.8 May 24, 2021 Pulse Connect Secure versions 9.0Rx and 9.1Rx Link
McAfee Arbitrary Process Execution Privilege Escalation Bugs
CVE-2021-23873 | CVE-2021-23874 | CVE-2021-23875 | CVE-2021-23876 		POC Exploit Code Available 7.8 May 24, 2021 McAfee Total Protection Prior to 16.0.30 Link
Microsoft Critical Hyper-V Remote Code Execution Vulnerability
CVE-2021-28476 		Unknown 9.9 May 11, 2021 Windows Server Link
Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability
CVE-2021-31166 		Unknown 9.8 May 11, 2021 Windows 10 Link
Adobe Critical Use After Free Arbitrary code execution Vulnerabilities
CVE-2021-28562 | CVE-2021-28550 | CVE-2021-28553 		In-the-wild 8.8 May 11, 2021 Acrobat Reader DC Link
Privilege Escalation Vulnerability in Linux kernel
CVE-2021-3490 		POC Exploit Code Available 7.8 May 10, 2021 Linux kernel Operating System Link
Critical Authentication Bypass Vulnerability on Python
CVE-2021-29921 		Unknown 9.8 May 6, 2021 Python 3.10 | Python 3.9 | Python 3.8 Link
Vulnerability Exploitation Status CVSSv3 Release Date Products References
Buffalo Path Traversal Vulnerability in the Web Interfaces Leading to Bypass Authentication
CVE-2021-20090 		In-the-wild 9.8 Apr 29, 2021 Buffalo WSR-2533DHPL2 firmware version <= 1.02 | WSR-2533DHP3 firmware version <= 1.24 Link
Unauthenticated Arbitrary Remote Code Execution Use After Free Bug via License Services in Pulse Connect Secure
CVE-2021-22893 | CVE-2021-22894 | CVE-2021-22899 | CVE-2021-22900 		In-the-wild 10.0 Apr 23, 2021 Pulse Connect Secure before 9.1R11.4 Link
Google Out of Bounds Memory Access Vulnerability Allowing a Remote Attacker to Exploit Heap Corruption via a Crafted HTML Page
CVE-2021-22893 | CVE-2021-22894 | CVE-2021-22899 | CVE-2021-22900 		Unknown 8.8 Apr 22, 2021 V8 in Google Chrome prior to 90.0.4430.85 Link
Critical Unauthenticated Remote Code Execution (RCE) Bug in Apache Tapestry Bypass of the Fix for CVE-2019-0195
CVE-2021-27850 		POC Exploit Code Available 9.8 Apr 15, 2021 Apache Tapestry versions 5.4.5, 5.5.0, 5.6.2 and 5.7.0 Link
Denial of Service (DoS) Arbitrary Code Execution (ACE) Bugs in Ubuntu Linux Kernels
CVE-2021-3492 | CVE-2021-3493 		Unknown 7.8 Apr 15, 2021 Linux Link
Multiple Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-28480 | CVE-2021-28481 | CVE-2021-28482 | CVE-2021-28483 		POC Exploit Code Available 9.8 Apr 13, 2021 Microsoft Exchange Server Link
Windows Zero-Day Win32k Elevation of Privilege Vulnerability in Desktop Window Manager
CVE-2021-28310 		In-the-wild 7.8 Apr 13, 2021 Windows 10 Link
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-26415 		POC Exploit Code Available 7.8 Apr 13, 2021 Windows Server Link
Arbitrary File Write Vulnerability in vRealize Operations Manager API
CVE-2021-21975 		POC Exploit Code Available 7.5 Apr 13, 2021 VMware vRealize Operations Link
WhatsApp Cache Configuration Vulnerability
CVE-2021-24027 		POC Exploit Code Available 7.5 Apr 6, 2021 WhatsApp for Android v2.21.4.18 | WhatsApp Business for Android v2.21.4.18 Link
Vulnerability Exploitation Status CVSSv3 Release Date Products References
Remote Code Execution Vulnerability in Apache OFBiz via Java Deserialization
CVE-2021-26295 		POC Exploit Code Available 9.8 Mar 22, 2021 Apache OFBiz Link
Google Chrome Use After Free and Heap Buffer Overflow Bugs in WebRTC and in Blink
CVE-2021-21191 | CVE-2021-21192 | CVE-2021-21193 		In-the-wild 8.8 Mar 12, 2021 Google Chrome prior to 89.0.4389.90 Link
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2021-26868 		Unknown 7.8 Mar 9, 2021 Windows 10 Link
Internet Explorer Memory Corruption Vulnerability
CVE-2021-26411 		In-the-wild 8.8 Mar 9, 2021 Internet Explorer | Microsoft Edge Link
Microsoft ProxyLogon Exchange Server Remote Code Execution Vulnerabilities
CVE-2021-26855 | CVE-2021-26857 | CVE-2021-26858 | CVE-2021-27065 		In-the-wild 9.8 Mar 2, 2021 Microsoft Exchange Server Link Link Link Link
VMware Remote Code Execution (RCE) Vulnerability Leading to Arbitrary File Upload in Logupload Web Application
CVE-2021-22987 		Unknown 9.9 Mar 2, 2021 BIG-IP Link
BIG-IP Appliance Mode TMUI Authenticated Remote Command Execution Bug
CVE-2021-22987 		Unknown 9.9 Mar 2, 2021 BIG-IP Link
Vulnerability Exploitation Status CVSSv3 Release Date Products References
Windows TCP/IP Denial of Service (DoS) Vulnerability
CVE-2021-24086 		POC Exploit Code Available 7.5 Feb 29, 2021 Windows 10 Link
Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability
CVE-2021- 1361 		Unknown 9.1 Feb 24, 2021 Cisco NX-OS Software 9.3(5) and 9.3(6) Link
Accellion Zero-Day SQL Injection, Server-Side Request Forgery and OS Command Execution Vulnerabilities
CVE-2021-21972 | CVE-2021-21973 | CVE-2021-21974 		POC Exploit Code Available 9.8 Feb 23, 2021 VMware ESXi | VMware vCenter Server | VMware Cloud Foundation Link
Accellion Zero-Day SQL Injection, Server-Side Request Forgery and OS Command Execution Vulnerabilities
CVE-2021-27101 | CVE-2021-27102 | CVE-2021-27103 | CVE-2021-27104 		Unknown 9.8 Feb 16, 2021 Accellion FTA 9_12_370 and earlier Link
Adobe Heap-Based Buffer Overflow Arbitrary Code Execution (ACE) Vulnerability
CVE-2021-21017 		In-the-wild 8.8 Feb 11, 2021 Acrobat Reader DC Link
VMware Post-Authentication OS Command Injection Remote Code execution (RCE) Bug
CVE-2021-21976 		Unknown 7.2 Feb 11, 2021 vSphere Replication Link
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2021-24074 | CVE-2021-24094 		POC Exploit Code Available 9.8 Feb 9, 2021 Windows 10 Link Link
Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-1732 		In-the-wild 7.8 Feb 9, 2021 Windows 10 Link
Google Chrome Heap Buffer Overflow Remote Code execution (RCE) Vulnerability
CVE-2021-21148 		In-the-wild 8.8 Feb 9, 2021 Google Chrome prior to 88.0.4324.150 Link
Remote Code Execution (RCE) Bug in SAP Commerce
CVE-2021-21477 		Unknown 9.9 Feb 9, 2021 SAP Commerce Cloud 1808, 1811, 1905, 2005, 2011 Link
Vulnerability Exploitation Status CVSSv3 Release Date Products References
Sudo Off-by-One Heap-Based Buffer Overflow Privilege Escalation Bug
CVE-2021-3156 		In-the-wild 7.8 Jan 29, 2021 Sudo before 1.9.5p2 Link
Apache Druid Arbitrary User-Provided JavaScript Code Execution Bug
CVE-2021-25646 		POC Exploit Code Available 8.8 Jan 29, 2021 Apache Druid Link
Oracle Fusion Middleware Easily Exploitable Bug Leading Network Access via HTTP to Compromise Oracle WebLogic Server
CVE-2021-2109 		POC Exploit Code Available 7.2 Jan 20, 2021 Oracle WebLogic Server Link
Python 3 Heap Buffer Overflow Remote Code execution (RCE) Bug
CVE-2021-3177 		Unknown 8.8 Jan 19, 2021 Python 3.10, 3.9, 3.8, 3.7, 3.6 Link
Cisco Connected Mobile Experiences (CMX) Privilege Escalation Vulnerability
CVE-2021-1144 		Unknown 8.8 Jan 13, 2021 Cisco CMX releases 10.6.0, 10.6.1, and 10.6.2 Link
Microsoft Defender Remote Code Execution Vulnerability
CVE-2021-1647 		In-the-wild 7.8 Jan 12, 2021 Windows Defender Link
Lavarel Ignition Unauthenticated Arbitrary Remote Code Execution Vulnerability
CVE-2021-3129 		POC Exploit Code Available 9.8 Jan 12, 2021 Laravel before 8.4.2 Link
Android Out of Bounds Write Remote Code Execution Vulnerability
CVE-2021-3007 		Unknown 9.8 Jan 4, 2021 AOSP 8.0, 8.1, 9, 10, 11 Link