Cacti contains a command injection vulnerability that allows an unauthenticated user to execute code.
// weekly digest
// weekly digest
// weekly digest
2023-02-13 00:00 UTC 2023-02-19 23:59 UTC
// total
0
// critical
0
// high
0
// medium
0
// low
0
// new kev
5
// top critical
No CRITICAL CVEs published this week.
// top high
No HIGH CVEs published this week.
// new kev additions
Cacti contains a command injection vulnerability that allows an unauthenticated user to execute code.
Microsoft Office Publisher contains a security feature bypass vulnerability that allows for a local, authenticated attack on a targeted system.
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
Apple iOS, MacOS, Safari and iPadOS WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation.