latest vulnerabilities

 

Windows MSHTML Platform Elevation of Privilege Vulnerability

Windows MSHTML Platform Elevation of Privilege VulnerabilityCVE nameCVE-2023-32046Severity/CVSS ScoreHighCVSS:7.8Exploitation StatusExploited in the Wild as Zero-DayDescriptionallows a remote attacker to escalate…
Read More

Potential XML External Entity Injection in ArcSight Logger

Potential XML External Entity Injection in ArcSight LoggerCVE nameCVE-2023-24470Severity/CVSS ScoreCriticalCVSS:9.1Exploitation Status___________________________DescriptionThe vulnerability could be remotely exploited resulting in Self/Stored Cross-Site…
Read More

Pre-Authenticated Command Injection in Sophos Web Appliance

Pre-Authenticated Command Injection in Sophos Web ApplianceCVE nameCVE-2023-1671Severity/CVSS ScoreCriticalCVSS: 9.8Exploitation Status____________________DescriptionA command injection vulnerability exists within the warn-proceed handler in Sophos…
Read More

Elevation of Privilege Vulnerability

Elevation of Privilege VulnerabilityCVE nameCVE-2022-21882Severity/CVSS ScoreHighCVSS: 7.8Exploitation StatusExploited in the Wild as Zero-DayDescriptionThis vulnerability associated with a threat actor named…
Read More

F5  BIG-IP vulnerability

F5  BIG-IP vulnerabilityCVE nameCVE-2023-28742Severity/CVSS ScoreHighCVSS: 8.8Exploitation Status________________DescriptionDNS iQuery mesh vulnerability allows an attacker to execute remote commands confer gain access to…
Read More

Input Validation Vulnerability

Input Validation VulnerabilityCVE nameCVE-2023-2868Severity/CVSS Scorecritical zero-day vulnerabilityCVSS: 8.8 Exploitation Status_________________________________DescriptionA command injection vulnerability used by many threat actors  (UNC2286 , UNC4841)…
Read More

An Out-of-Bounds Read Vulnerability

An Out-of-Bounds Read VulnerabilityCVE nameCVE-2022-35937Severity/CVSS ScoreHigh7.0Exploitation Status_____________DescriptionThis issue affects the function GatherNd. The manipulation with an unknown input leads to…
Read More

Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF)CVE nameCVE-2022-47174Severity/CVSS ScoreHighCVSS: 8.8Exploitation Status_______________Description The web application does not, or can not, sufficiently verify whether a well-formed,…
Read More

Weak Password Requirements Vulnerability

Weak Password Requirements VulnerabilityCVE nameCVE-2023-31098Severity/CVSS ScoreCriticalCVSS: 9.8Exploitation Status___________________DescriptionRemote exploitation of the vulnerability affects the confidentiality, integrity, and availability of affected…
Read More

Vulnerability in F5 BIG-IP

Vulnerability in F5 BIG-IPCVE nameCVE-2022-1388Severity/CVSS ScoreCriticalCVSS:  9.8Exploitation StatusExploited in the WildDescription The vulnerability allows an unauthenticated attacker to access the system…
Read More