CVE-2022-2839 (zephyr_project_manager)
The Zephyr Project Manager WordPress plugin before 3.2.55 does not have any authorisation as well as CSRF in all its AJAX actions, allowing unauthenticated users...
CVE-2022-2763 (wp_socializer)
The WP Socializer WordPress plugin before 7.3 does not sanitise and escape some of its Icons settings, which could allow high privilege users such as...
CVE-2022-2628 (dsgvo_all_in_one_for_wp)
The DSGVO All in one for WP WordPress plugin before 4.2 does not sanitise and escape some of its settings, which could allow high privilege...
CVE-2022-1480
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was...
CVE-2022-32173 (orchardcore)
In OrchardCore rc1-11259 to v1.2.2 vulnerable to HTML injection, allow an authenticated user with an editor security role to inject a persistent HTML modal dialog...
rubygem-pdfkit-0.8.7-1.fc35
FEDORA-2022-6da143f1a2 Packages in this update: rubygem-pdfkit-0.8.7-1.fc35 Update description: Update to 0.8.7. This new release fixes CVE-2022-25765. Read More
rubygem-pdfkit-0.8.7-1.fc36
FEDORA-2022-3ec8272e72 Packages in this update: rubygem-pdfkit-0.8.7-1.fc36 Update description: Update to 0.8.7. This new release fixes CVE-2022-25765. Read More
rubygem-pdfkit-0.8.7-1.fc37
FEDORA-2022-c050ca59e8 Packages in this update: rubygem-pdfkit-0.8.7-1.fc37 Update description: Update to 0.8.7. This new release fixes CVE-2022-25765. Read More
Vulnerable Microsoft Exchange Servers Actively Scanned for ProxyShell
FortiGuard Labs is aware of a report that Microsoft Exchange servers are actively being scanned to determine which ones are prone to ProxyShell. ProxyShell is...
Brand New LockFile Ransomware Distributed Through ProxyShell and PetitPotam
FortiGuard Labs is aware of reports that previously unseen ransomware "LockFile" is being distributed using ProxyShell and PetitPotam. The attacker gains a foothold into the...