Exploitations
| Vulnerability ID | Description | Date of first report of exploitation | All reports that were made to a vulnerability |
|---|---|---|---|
| CVE-2022-26925 | Windows LSA Spoofing Vulnerability. | 05/10/2022 | |
| CVE-2022-1364 | This vulnerability has not been published at NVD yet. This is normal, it does often take NVD time to publish vulnerabilities as they only publish confirmed ones. If a vulnerability is found in the wild often the report will be much earlier than NVD publishes the vulnerability | 04/13/2022 | |
| CVE-2022-24521 | Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24481. | 04/12/2022 | |
| CVE-2022-22674 | This vulnerability has not been published at NVD yet. This is normal, it does often take NVD time to publish vulnerabilities as they only publish confirmed ones. If a vulnerability is found in the wild often the report will be much earlier than NVD publishes the vulnerability | 03/31/2022 | |
| CVE-2022-22675 | This vulnerability has not been published at NVD yet. This is normal, it does often take NVD time to publish vulnerabilities as they only publish confirmed ones. If a vulnerability is found in the wild often the report will be much earlier than NVD publishes the vulnerability | 03/31/2022 | |
| CVE-2022-26871 | An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution. | 03/31/2022 | |
| CVE-2022-1096 | This vulnerability has not been published at NVD yet. This is normal, it does often take NVD time to publish vulnerabilities as they only publish confirmed ones. If a vulnerability is found in the wild often the report will be much earlier than NVD publishes the vulnerability | 03/23/2022 | |
| CVE-2022-26143 | The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). This was exploited in the wild in February and March 2022 for the TP240PhoneHome DDoS attack. | 03/10/2022 | |
| CVE-2021-22600 | A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 | 03/07/2022 | |
| CVE-2021-39793 | In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210470189References: N/A | 03/07/2022 | |
| CVE-2022-26485 | This vulnerability has not been published at NVD yet. This is normal, it does often take NVD time to publish vulnerabilities as they only publish confirmed ones. If a vulnerability is found in the wild often the report will be much earlier than NVD publishes the vulnerability | 03/07/2022 | |
| CVE-2022-26486 | This vulnerability has not been published at NVD yet. This is normal, it does often take NVD time to publish vulnerabilities as they only publish confirmed ones. If a vulnerability is found in the wild often the report will be much earlier than NVD publishes the vulnerability | 03/05/2022 | |
| CVE-2022-25335 | RigoBlock Dragos through 2022-02-17 lacks the onlyOwner modifier for setMultipleAllowances. This enables token manipulation, as exploited in the wild in February 2022. NOTE: although 2022-02-17 is the vendor's vulnerability announcement date, the vulnerability will not be remediated until a major protocol upgrade occurs. | 02/18/2022 | |
| CVE-2022-24086 | Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution. | 02/14/2022 | |
| CVE-2022-0609 | Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 02/10/2022 | |
| CVE-2022-22620 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. | 02/10/2022 | |
| CVE-2022-24682 | An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 (update 1), as exploited in the wild starting in December 2021. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing arbitrary markup to be injected into the document. | 02/09/2022 | |
| CVE-2022-22587 | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. | 01/26/2022 | |
| CVE-2013-3900 | The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability." | 01/21/2022 | |
| CVE-2021-35247 | Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U. | 01/20/2022 |
Exploits
| Vulnerability ID | Description | Date of publishing | Link to exploit |
|---|---|---|---|
| CVE-2022-28806 | An issue was discovered on certain Fujitsu LIEFBOOK devices (A3510, U9310, U7511/U7411/U7311, U9311, E5510/E5410, U7510/U7410/U7310, E459/E449) with BIOS versions before v1.09 (A3510), v2.17 (U9310), v2.30 (U7511/U7411/U7311), v2.33 (U9311), v2.23 (E5510), v2.19 (U7510/U7410), v2.13 (U7310), and v1.09 (E459/E449). The FjGabiFlashCoreAbstractionSmm driver registers a Software System Management Interrupt (SWSMI) handler that is not sufficiently validated to ensure that the CommBuffer (or any other communication buffer's nested contents) are not pointing to SMRAM contents. A potential attacker can therefore write fixed data to SMRAM, which could lead to data corruption inside this memory (e.g., change the SMI handler's code or modify SMRAM map structures to break input pointer validation for other SMI handlers). Thus, the attacker could elevate privileges from ring 0 to ring -2 and execute arbitrary code in SMM. | 05/18/2022 | https://www.binarly.io/advisories |
| CVE-2022-28986 | LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references (IDOR) vulnerability, which allows remote attackers to update sensitive records such as email, password and phone number of other user accounts. | 05/18/2022 | https://github.com/FlaviuPopescu/CVE-2022-28986 |
| CVE-2022-1463 | The Booking Calendar plugin for WordPress is vulnerable to PHP Object Injection via the [bookingflextimeline] shortcode in versions up to, and including, 9.1. This could be exploited by subscriber-level users and above to call arbitrary PHP objects on a vulnerable site. | 05/17/2022 | https://www.wordfence.com/blog/2022/04/php-object-injection-in-booking-calendar-plugin/ |
| CVE-2022-29318 | An arbitrary file upload vulnerability in the New Entry module of Car Rental Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | 05/17/2022 | https://hackmd.io/ITi4yd2-RgmDZh8FW-KTlA |
| CVE-2022-29655 | An arbitrary file upload vulnerability in the Upload Photos module of Wedding Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | 05/17/2022 | https://hackmd.io/HcH7QdEdRu67yfTJsKKFKA |
| CVE-2022-29009 | Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication. | 05/17/2022 | https://www.exploit-db.com/exploits/50355 |
| CVE-2022-29008 | An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information. | 05/17/2022 | https://www.exploit-db.com/exploits/50263 |
| CVE-2022-29007 | Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication. | 05/17/2022 | https://www.exploit-db.com/exploits/50365 |
| CVE-2022-29006 | Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication. | 05/17/2022 | https://www.exploit-db.com/exploits/50370 |
| CVE-2022-1567 | The WP-JS plugin for WordPress contains a script called wp-js.php with the function wp_js_admin, that accepts unvalidated user input and echoes it back to the user. This can be used for reflected Cross-Site Scripting in versions up to, and including, 2.0.6. | 05/17/2022 | https://plugins.trac.wordpress.org/browser/wp-js/trunk/wp-js.php?rev=100281#L140 |
| CVE-2021-43712 | Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field. | 05/17/2022 | https://patelvarshil.medium.com/cve-2021-43712-stored-xss-how-i-got-my-first-cve-5381370482d4 |
| CVE-2022-23066 | In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to transfer tokens or not. The vulnerability affects both integrity and may cause serious availability problems. | 05/17/2022 | https://www.whitesourcesoftware.com/vulnerability-database/CVE-2022-23066 |
| CVE-2022-28470 | marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor. | 05/17/2022 | https://github.com/joajfreitas/marcador/issues/5 |
| CVE-2022-1616 | Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution | 05/17/2022 | https://huntr.dev/bounties/40f1d75f-fb2f-4281-b585-a41017f217e2 |
| CVE-2018-25033 | ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (called from stl_remove_degenerate) in connect.c in libadmesh.a. | 05/17/2022 | https://github.com/admesh/admesh/issues/28 |
| CVE-2022-28463 | ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. | 05/17/2022 | https://github.com/ImageMagick/ImageMagick/issues/4988 |
| CVE-2022-30334 | Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser." | 05/17/2022 | https://github.com/brave/brave-core/pull/10760 |
| CVE-2022-30334 | Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser." | 05/17/2022 | https://hackerone.com/reports/1337624 |
| CVE-2022-27412 | Explore CMS v1.0 was discovered to contain a SQL injection vulnerability via a /page.php?id= request. | 05/17/2022 | http://packetstormsecurity.com/files/166694/Explore-CMS-1.0-SQL-Injection.html |
| CVE-2022-27308 | A stored cross-site scripting (XSS) vulnerability in PHProjekt PhpSimplyGest v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a project title. | 05/17/2022 | http://packetstormsecurity.com/files/166966/PHProjekt-PhpSimplyGest-MyProjects-1.3.0-Cross-Site-Scripting.html |