Vulnerability feed
CONTRIBUTE

Vulnerability Feed

Exploitations

Vulnerability IDDescriptionDate of first report of exploitationAll reports that were made to a vulnerability
CVE-2022-3236

A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.

09/23/2022
09/23/2022
CVE-2022-35405

Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with authentication.)

09/22/2022
09/22/2022
CVE-2022-31446

Tenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.

09/16/2022
09/16/2022
CVE-2022-40734

UniSharp laravel-filemanager (aka Laravel Filemanager) through 2.5.1 allows download?working_dir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022.

09/14/2022
09/14/2022
CVE-2022-37969

Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35803.

09/13/2022
09/13/2022
09/14/2022
CVE-2022-40139

Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct affected clients to download an unverified rollback package, which could lead to remote code execution. Please note: an attacker must first obtain Apex One server administration console access in order to exploit this vulnerability.

09/13/2022
09/13/2022
09/15/2022
CVE-2022-32917

The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..

09/12/2022
09/20/2022
09/12/2022
09/12/2022
09/14/2022
CVE-2022-3180

This vulnerability has not been published at NVD yet. This is normal, it does often take NVD time to publish vulnerabilities as they only publish confirmed ones. If a vulnerability is found in the wild often the report will be much earlier than NVD publishes the vulnerability

09/08/2022
09/08/2022
CVE-2022-31474

This vulnerability has not been published at NVD yet. This is normal, it does often take NVD time to publish vulnerabilities as they only publish confirmed ones. If a vulnerability is found in the wild often the report will be much earlier than NVD publishes the vulnerability

09/07/2022
09/07/2022
CVE-2018-6530

OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.

09/06/2022
09/06/2022
09/08/2022
CVE-2021-3493

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.

09/06/2022
09/06/2022
CVE-2022-26258

D-Link DIR-820L 1.05B03 was discovered to contain a remote command execution (RCE) vulnerability via the Device Name parameter in /lan.asp.

09/06/2022
09/06/2022
09/08/2022
CVE-2022-28958

D-Link DIR816L_FW206b01 was discovered to contain a remote code execution (RCE) vulnerability via the value parameter at shareport.php.

09/06/2022
09/06/2022
09/08/2022
CVE-2022-27593

An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. We have already fixed the vulnerability in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later QTS 4.3.6: Photo Station 5.7.18 and later QTS 4.3.3: Photo Station 5.4.15 and later QTS 4.2.6: Photo Station 5.2.14 and later

09/03/2022
09/08/2022
09/03/2022
CVE-2022-3075

This vulnerability has not been published at NVD yet. This is normal, it does often take NVD time to publish vulnerabilities as they only publish confirmed ones. If a vulnerability is found in the wild often the report will be much earlier than NVD publishes the vulnerability

09/02/2022
09/02/2022
09/08/2022
CVE-2020-28949

Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.

08/25/2022
08/25/2022
CVE-2022-24112

An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.

08/25/2022
08/25/2022
CVE-2022-24706

In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front of all CouchDB installations.

08/25/2022
08/25/2022
CVE-2022-26352

An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Attackers can craft a multipart form request to post a file whose filename is not initially sanitized. This allows directory traversal, in which the file is saved outside of the intended storage location. If anonymous content creation is enabled, this allows an unauthenticated attacker to upload an executable file, such as a .jsp file, that can lead to remote code execution.

08/25/2022
08/25/2022
CVE-2020-36193

Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.

08/19/2022
08/19/2022
08/25/2022

Exploits

Vulnerability IDDescriptionDate of publishingLink to exploit
CVE-2022-28282

This vulnerability has not been published at NVD yet. This is normal, it does often take NVD time to publish vulnerabilities as they only publish confirmed ones. If a vulnerability is found in the wild often the report will be much earlier than NVD publishes the vulnerability

09/25/2022https://github.com/Pwnrin/CVE-2022-28282
CVE-2022-39197

An XSS (Cross Site Scripting) vulnerability was found in HelpSystems Cobalt Strike through 4.7 that allowed a remote attacker to execute HTML on the Cobalt Strike teamserver. To exploit the vulnerability, one must first inspect a Cobalt Strike payload, and then modify the username field in the payload (or create a new payload with the extracted information and then modify that username field to be malformed).

09/24/2022https://github.com/yqcs/CSPOC
CVE-2022-40250

An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. Running arbitrary code in SMM additionally bypasses SMM-based SPI flash protections against modifications, which can help an attacker to install a firmware backdoor/implant into BIOS. Such a malicious firmware code in BIOS could persist across operating system re-installs. Additionally, this vulnerability potentially could be used by malicious actors to bypass security mechanisms provided by UEFI firmware (for example, Secure Boot and some types of memory isolation for hypervisors). This issue affects: Module name: SmmSmbiosElog SHA256: 3a8acb4f9bddccb19ec3b22b22ad97963711550f76b27b606461cd5073a93b59 Module GUID: 8e61fd6b-7a8b-404f-b83f-aa90a47cabdf This issue affects: AMI Aptio 5.x. This issue affects: AMI Aptio 5.x.

09/24/2022https://www.binarly.io/advisories/BRLY-2022-016
CVE-2022-34026

ICEcoder v8.1 allows attackers to execute a directory traversal.

09/24/2022https://gist.github.com/enferas/85cdbadf5cba32ec7c8db6ea9e6833bf
CVE-2022-34026

ICEcoder v8.1 allows attackers to execute a directory traversal.

09/24/2022https://github.com/icecoder/ICEcoder/blob/master/classes/Settings.php
CVE-2022-34026

ICEcoder v8.1 allows attackers to execute a directory traversal.

09/24/2022https://github.com/icecoder/ICEcoder/blob/master/lib/settings.php
CVE-2022-23458

Toast UI Grid is a component to display and edit data. Versions prior to 4.21.3 are vulnerable to cross-site scripting attacks when pasting specially crafted content into editable cells. This issue was fixed in version 4.21.3. There are no known workarounds.

09/24/2022https://securitylab.github.com/advisories/GHSL-2022-029_nhn_tui_grid/
CVE-2022-38573

10-Strike Network Inventory Explorer v9.3 was discovered to contain a buffer overflow via the Add Computers function.

09/24/2022https://packetstormsecurity.com/files/168133/10-Strike-Network-Inventory-Explorer-9.3-Buffer-Overflow.html
CVE-2022-40851

Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat.

09/23/2022https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/addressNat.md
CVE-2022-40860

Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList

09/23/2022https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/formSetQosBand.md
CVE-2022-40853

Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set

09/23/2022https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/form_fast_setting_wifi_set.md
CVE-2022-40862

Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting

09/23/2022https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC18/fromNatStaticSetting.md
CVE-2022-40862

Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting

09/23/2022https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/fromNatStaticSetting.md
CVE-2022-40864

Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet

09/23/2022https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC18/setSmartPowerManagement.md
CVE-2022-40864

Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet

09/23/2022https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/setSmartPowerManagement.md
CVE-2022-40865

Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/

09/23/2022https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/setSchedWifi.md
CVE-2022-40865

Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/

09/23/2022https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC18/setSchedWifi.md
CVE-2022-40869

Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list").

09/23/2022https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC18/fromDhcpListClient-list.md
CVE-2022-40869

Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list").

09/23/2022https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/fromDhcpListClient-list.md
CVE-2022-40932

In Zoo Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of the "gallery" file of the "Gallery" module in the background management system.

09/23/2022https://github.com/lime-10010/Bug_report/blob/main/vendors/pushpam02/zoo-management-system/RCE-1.md
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2022

Privacy Policy