AttackerKB
attackerkb
New assessment for topic: CVE-2022-22947
Topic description: "In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/e35b4ffa-fff3-4d1e-a4df-af54aff6dd26
Topic description: "In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/e35b4ffa-fff3-4d1e-a4df-af54aff6dd26
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-22005
Topic description: "Microsoft SharePoint Server Remote Code Execution Vulnerability ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/bb544b28-0e48-40d5-9787-dc00a072d081
Topic description: "Microsoft SharePoint Server Remote Code Execution Vulnerability ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/bb544b28-0e48-40d5-9787-dc00a072d081
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-21882
Topic description: "Win32k Elevation of Privilege Vulnerability ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/759bb95e-f4e9-4379-a578-228f447786cb
Topic description: "Win32k Elevation of Privilege Vulnerability ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/759bb95e-f4e9-4379-a578-228f447786cb
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-24785
Topic description: "Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/0879983d-d4b8-4864-be14-5dae200c3a40
Topic description: "Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/0879983d-d4b8-4864-be14-5dae200c3a40
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-24990
Topic description: "TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/365cd645-8444-4197-af8b-f95c62d0a983
Topic description: "TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/365cd645-8444-4197-af8b-f95c62d0a983
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2021-45837
Topic description: "It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending a specifically crafted input to /tos/index.php?app/del. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/360fdb26-52f1-44b6-8d64-ca9b67e2bfc4
Topic description: "It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending a specifically crafted input to /tos/index.php?app/del. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/360fdb26-52f1-44b6-8d64-ca9b67e2bfc4
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-25064
Topic description: "TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/8fab5317-8dd4-4b46-83f2-dde0ee6d0848
Topic description: "TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/8fab5317-8dd4-4b46-83f2-dde0ee6d0848
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-30190
Topic description: "A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/9e4f2c9a-4bcb-43f0-bcf7-6b98d8d57f85
Topic description: "A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/9e4f2c9a-4bcb-43f0-bcf7-6b98d8d57f85
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-41352
Topic description: "An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0 ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/031d7723-9ba0-42e3-949e-0fd0023a328a
Topic description: "An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0 ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/031d7723-9ba0-42e3-949e-0fd0023a328a
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-27925
Topic description: "Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/ee3b517d-6f8c-4350-b3c4-94d6681a3def
Topic description: "Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/ee3b517d-6f8c-4350-b3c4-94d6681a3def
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-21932
Topic description: "Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: OXI) ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/03ea1594-bd67-4da4-952a-f17c6208f2fe
Topic description: "Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: OXI) ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/03ea1594-bd67-4da4-952a-f17c6208f2fe
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-25690
Topic description: "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/75c9ef37-d85e-4799-8471-f087cc754cd1
Topic description: "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/75c9ef37-d85e-4799-8471-f087cc754cd1
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-27997
Topic description: "A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/b526523b-c8b2-46b2-9bf5-1d69c9534281
Topic description: "A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/b526523b-c8b2-46b2-9bf5-1d69c9534281
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-2868
Topic description: "A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006 ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/f48521ba-fe68-4383-b8df-4a76c6aecd3b
Topic description: "A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006 ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/f48521ba-fe68-4383-b8df-4a76c6aecd3b
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-28771
Topic description: "Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/ba03c205-10cf-4274-bc51-4044b3fd471b
Topic description: "Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/ba03c205-10cf-4274-bc51-4044b3fd471b
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-33010
Topic description: "A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/77f196ee-1ff3-4fa0-90ca-4d8e0ecf55db
Topic description: "A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/77f196ee-1ff3-4fa0-90ca-4d8e0ecf55db
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-3079
Topic description: "Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/de3d77c0-5856-446c-8acc-df8c0f2681cf
Topic description: "Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/de3d77c0-5856-446c-8acc-df8c0f2681cf
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-32315
Topic description: "Openfire is an XMPP server licensed under the Open Source Apache License ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/d1d84de3-4abd-4d3d-bad1-6a9f798a615c
Topic description: "Openfire is an XMPP server licensed under the Open Source Apache License ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/d1d84de3-4abd-4d3d-bad1-6a9f798a615c
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-32784
Topic description: "In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/e6e3b25c-3279-400b-b6b7-397904bb7d27
Topic description: "In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/e6e3b25c-3279-400b-b6b7-397904bb7d27
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-33246
Topic description: "For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/815067a4-8276-44b2-9c1b-41ab19a9fa99
Topic description: "For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/815067a4-8276-44b2-9c1b-41ab19a9fa99
0
0
0