Millions of Attacks Target Tatsu Builder Plugin
The Wordfence Threat Intelligence team has been tracking a large-scale attack against a Remote Code Execution vulnerability in Tatsu Builder,
Read moreMonth: May 2022
CVE-2021-27444
The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely
Read moreCVE-2022-30695
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Snap Deploy (Windows)
Read moreCVE-2021-27442
The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to
Read moreCVE-2021-33001
xArrow SCADA versions 7.2 and prior is vulnerable to cross-site scripting due to parameter ‘bdate’ of the resource xhisvalue.htm, which
Read moreCVE-2022-30696
Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build
Read moreCVE-2022-30697
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 3640National
Read moreCVE-2021-33025
xArrow SCADA versions 7.2 and prior permits unvalidated registry keys to be run with application-level privileges.National Vulnerability DatabaseRead More
Read moreCVE-2021-33021
xArrow SCADA versions 7.2 and prior is vulnerable to cross-site scripting due to parameter ‘edate’ of the resource xhisalarm.htm, which
Read moreCVE-2022-1731
Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0 is vulnerable to a SQL injection attack in the username field. SSO
Read more