CVE-2022-2628 (dsgvo_all_in_one_for_wp)
The DSGVO All in one for WP WordPress plugin before 4.2 does not sanitise and escape some of its settings, which could allow high privilege...
CVE-2022-1480
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was...
CVE-2022-32173 (orchardcore)
In OrchardCore rc1-11259 to v1.2.2 vulnerable to HTML injection, allow an authenticated user with an editor security role to inject a persistent HTML modal dialog...
rubygem-pdfkit-0.8.7-1.fc35
FEDORA-2022-6da143f1a2 Packages in this update: rubygem-pdfkit-0.8.7-1.fc35 Update description: Update to 0.8.7. This new release fixes CVE-2022-25765. Read More
rubygem-pdfkit-0.8.7-1.fc36
FEDORA-2022-3ec8272e72 Packages in this update: rubygem-pdfkit-0.8.7-1.fc36 Update description: Update to 0.8.7. This new release fixes CVE-2022-25765. Read More
rubygem-pdfkit-0.8.7-1.fc37
FEDORA-2022-c050ca59e8 Packages in this update: rubygem-pdfkit-0.8.7-1.fc37 Update description: Update to 0.8.7. This new release fixes CVE-2022-25765. Read More
Vulnerable Microsoft Exchange Servers Actively Scanned for ProxyShell
FortiGuard Labs is aware of a report that Microsoft Exchange servers are actively being scanned to determine which ones are prone to ProxyShell. ProxyShell is...
Brand New LockFile Ransomware Distributed Through ProxyShell and PetitPotam
FortiGuard Labs is aware of reports that previously unseen ransomware "LockFile" is being distributed using ProxyShell and PetitPotam. The attacker gains a foothold into the...
New Threat Actor Leverages ProxyShell Exploit to Serve Ransomware
FortiGuard Labs is aware of a report that a new threat actor, "Tortillas," is leveraging the ProxyShell exploit to deliver ransomware. Based on the traits,...
ZDI-22-1326: Centreon Poller Resource SQL Injection Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. Read More