Apple iOS contains a type confusion vulnerability when processing maliciously crafted web content leading to code execution.
// weekly digest
// weekly digest
// weekly digest
2022-12-12 00:00 UTC 2022-12-18 23:59 UTC
// total
0
// critical
0
// high
0
// medium
0
// low
0
// new kev
6
// top critical
No CRITICAL CVEs published this week.
// top high
No HIGH CVEs published this week.
// new kev additions
Apple iOS contains a type confusion vulnerability when processing maliciously crafted web content leading to code execution.
Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.
Microsoft Defender SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.
Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability that allows an attacker to execute code as administrator.
The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.
The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.