SolarView Compact contains a command injection vulnerability due to improper validation of input values on the send test mail console of the product's web server.
// weekly digest
// weekly digest
// weekly digest
2023-07-10 00:00 UTC 2023-07-16 23:59 UTC
// total
0
// critical
0
// high
0
// medium
0
// low
0
// new kev
7
// top critical
No CRITICAL CVEs published this week.
// top high
No HIGH CVEs published this week.
// new kev additions
SolarView Compact contains a command injection vulnerability due to improper validation of input values on the send test mail console of the product's web server.
Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for privilege escalation.
Microsoft Windows Defender SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Open File - Security Warning prompt.
Microsoft Outlook contains a security feature bypass vulnerability that allows an attacker to bypass the Microsoft Outlook Security Notice prompt.
Microsoft Windows Error Reporting Service contains an unspecified vulnerability that allows for privilege escalation.
Netwrix Auditor User Activity Video Recording component contains an insecure objection deserialization vulnerability that allows an unauthenticated, remote attacker to execute code as the NT AUTHORITY\SYSTEM user. Successful exploitation requires that the attacker is able to reach port 9004/TCP, which is commonly blocked by standard enterprise firewalling.