An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.
// weekly digest
// weekly digest
// weekly digest
2022-03-28 00:00 UTC 2022-04-03 23:59 UTC
// total
0
// critical
0
// high
0
// medium
0
// low
0
// new kev
39
// top critical
No CRITICAL CVEs published this week.
// top high
No HIGH CVEs published this week.
// new kev additions
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.
QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.
An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.
Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service (DoS), or information disclosure.
Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10561, exploitation can allow an attacker to perform remote code execution.
Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10562, exploitation can allow an attacker to perform remote code execution.
Microsoft Office allows remote attackers to execute arbitrary code via a crafted Office document.
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).
The Microsoft JScript nd VBScript engines, as used in Internet Explorer and other products, allow attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.