Vulnerability feed
CONTRIBUTE

Vulnerability Feed

Exploitations

Vulnerability IDDescriptionDate of first report of exploitationAll reports that were made to a vulnerability
CVE-2022-4135

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

11/24/2022
11/24/2022
CVE-2021-25003

The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE

11/16/2022
11/16/2022
CVE-2022-1119

The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in versions up to and including 3.2.7.

11/16/2022
11/16/2022
CVE-2022-1609

This vulnerability has not been published at NVD yet. This is normal, it does often take NVD time to publish vulnerabilities as they only publish confirmed ones. If a vulnerability is found in the wild often the report will be much earlier than NVD publishes the vulnerability

11/16/2022
11/16/2022
CVE-2022-2488

A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlist_sync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used.

11/16/2022
11/16/2022
CVE-2022-29303

SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php.

11/16/2022
11/16/2022
CVE-2022-41049

Windows Mark of the Web Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-41091.

11/11/2022
11/11/2022
11/14/2022
CVE-2019-9810

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.

11/09/2022
11/09/2022
CVE-2022-41073

Windows Print Spooler Elevation of Privilege Vulnerability.

11/08/2022
11/08/2022
11/08/2022
11/08/2022
CVE-2022-41091

Windows Mark of the Web Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-41049.

11/08/2022
11/08/2022
11/08/2022
CVE-2022-41125

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability.

11/08/2022
11/08/2022
11/08/2022
11/08/2022
CVE-2022-41128

Windows Scripting Languages Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41118.

11/08/2022
11/08/2022
11/08/2022
11/08/2022
CVE-2022-3723

Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

10/25/2022
10/27/2022
10/25/2022
10/28/2022
CVE-2020-3153

A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.

10/24/2022
10/24/2022
CVE-2020-3433

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system.

10/24/2022
10/24/2022
CVE-2022-42827

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..

10/24/2022
11/01/2022
10/24/2022
10/24/2022
10/25/2022
CVE-2022-41033

Windows COM+ Event System Service Elevation of Privilege Vulnerability.

10/11/2022
10/11/2022
10/11/2022
10/11/2022
CVE-2022-40684

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

10/10/2022
10/11/2022
10/10/2022
CVE-2019-16098

The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code.

10/07/2022
10/07/2022
CVE-2022-41352

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavisd via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also, pax is in the prerequisites of Zimbra on Ubuntu; however, pax is no longer part of a default Red Hat installation after RHEL 6 (or CentOS 6). Once pax is installed, amavisd automatically prefers it over cpio.

10/06/2022
10/20/2022
10/06/2022

Exploits

Vulnerability IDDescriptionDate of publishingLink to exploit
CVE-2022-37720

Orchardproject Orchard CMS 1.10.3 is vulnerable to Cross Site Scripting (XSS). When a low privileged user such as an author or publisher, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation when the malicious blog post is loaded in the victim's browser.

11/29/2022https://labs.integrity.pt/advisories/cve-2022-37720/
CVE-2022-43984

Browsershot version 3.57.3 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the JS content imported from an external source passed to the Browsershot::html method does not contain URLs that use the file:// protocol.

11/29/2022https://fluidattacks.com/advisories/malone/
CVE-2022-43983

Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the HTML content passed to the Browsershot::html method does not contain URL's that use the file:// protocol.

11/29/2022https://fluidattacks.com/advisories/khalid/
CVE-2022-38813

PHPGurukul Blood Donor Management System 1.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, delete the users, add and manage Blood Group, and Submit Report.

11/29/2022https://drive.google.com/file/d/1iMswKzoUvindXUGh1cuAmi-0R84tLDaH/view?usp=sharing
CVE-2022-38813

PHPGurukul Blood Donor Management System 1.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, delete the users, add and manage Blood Group, and Submit Report.

11/29/2022https://github.com/RashidKhanPathan/CVE-2022-38813
CVE-2022-44411

Web Based Quiz System v1.0 transmits user passwords in plaintext during the authentication process, allowing attackers to obtain users' passwords via a bruteforce attack.

11/29/2022https://shimo.im/docs/5xkGMZx0ZeUmpx3X
CVE-2022-45885

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.

11/29/2022https://lore.kernel.org/linux-media/[email protected]/
CVE-2022-45885

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.

11/29/2022https://lore.kernel.org/linux-media/[email protected]/
CVE-2022-45884

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.

11/29/2022https://lore.kernel.org/linux-media/[email protected]/
CVE-2022-45884

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.

11/29/2022https://lore.kernel.org/linux-media/[email protected]/
CVE-2022-45886

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.

11/29/2022https://lore.kernel.org/linux-media/[email protected]/
CVE-2022-45886

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.

11/29/2022https://lore.kernel.org/linux-media/[email protected]/
CVE-2022-45887

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.

11/29/2022https://lore.kernel.org/linux-media/[email protected]/
CVE-2022-45887

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.

11/29/2022https://lore.kernel.org/linux-media/[email protected]/
CVE-2022-45888

An issue was discovered in the Linux kernel through 6.0.9. drivers/char/xillybus/xillyusb.c has a race condition and use-after-free during physical removal of a USB device.

11/29/2022https://lore.kernel.org/all/[email protected]/
CVE-2017-13760

In The Sleuth Kit (TSK) 4.4.2, fls hangs on a corrupt exfat image in tsk_img_read() in tsk/img/img_io.c in libtskimg.a.

11/29/2022https://github.com/sleuthkit/sleuthkit/issues/906
CVE-2017-13755

In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660_proc_dir() in tsk/fs/iso9660_dent.c in libtskfs.a, as demonstrated by fls.

11/29/2022https://github.com/sleuthkit/sleuthkit/issues/913
CVE-2020-5844

index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. This affects v7.0NG.742_FIX_PERL2020.

11/29/2022http://packetstormsecurity.com/files/167503/Pandora-FMS-7.0NG.742-Remote-Code-Execution.html
CVE-2022-31325

There is a SQL Injection vulnerability in ChurchCRM 4.4.5 via the 'PersonID' field in /churchcrm/WhyCameEditor.php.

11/29/2022http://packetstormsecurity.com/files/167483/ChurchCRM-4.4.5-SQL-Injection.html
CVE-2022-37197

IOBit IOTransfer V4 is vulnerable to Unquoted Service Path.

11/29/2022https://www.exploit-db.com/exploits/51029
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2022

Privacy Policy