Jun 27, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

Apple IOS And IPadOS: 5 CVEs added to CISA KEV today.
Wso2 Api Manager: public exploit or PoC linked (cross-site scripting)
WordPress plugin RCE/exploit activity: 2 CVEs flagged today.
9 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2018-4344 Apple Multiple Products Memory Corruption

Actively exploited (CISA KEV)
Listed on CISA KEV

Apple Multiple Products Memory Corruption is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploit activity

CVE-2022-29548 A reflected XSS issue exists in the Management Console of several WSO2 products.

Public exploit or PoC available
Exploit activity linked

Wso2 Api Manager cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2022-1574 Html2wp Project Html2wp CSRF

CVSS 9.8
Internet-facing CMS deployments affected

New critical Html2wp Project Html2wp CSRF (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2022-29499 KEV

Mitel MiVoice Connect Data Validation

CVE-2021-4034 KEV

Red Hat Polkit Out-of-Bounds Read and Write

CVE-2021-30983 KEV

Apple iOS and iPadOS Buffer Overflow

CVE-2021-30533 KEV

Google Chromium PopupBlocker Security Bypass

CVE-2020-9907 KEV

Apple Multiple Products Memory Corruption

CVE-2020-3837 KEV

Apple Multiple Products Memory Corruption

CVE-2019-8605 KEV

Apple Multiple Products Use-After-Free

CVE-2018-4344 KEV

Apple Multiple Products Memory Corruption

View KEV additions

Exploit & PoC activity

CVE-2022-29548 Exploit

A reflected XSS issue exists in the Management Console of several WSO2 products.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-1574 CVSS 9.8

The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks when importing files, and does not validate them,...

CVE-2022-1953 CVSS 9.1

The Product Configurator for WooCommerce WordPress plugin before 1.2.32 suffers from an arbitrary file deletion vulnerability via an AJAX...

CVE-2022-2216 CVSS 9.8

Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 7.0.0.

CVE-2022-31035 CVSS 9

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.

CVE-2022-31098 CVSS 9

Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise.

CVE-2022-32092 CVSS 9.8

D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi.

CVE-2022-32994 CVSS 9.8

Halo CMS v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the component /api/admin/attachments/upload.

CVE-2022-32995 CVSS 9.8

Halo CMS v1.5.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the template remote download function.

CVE-2022-34132 CVSS 9.8

Jorani v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at application/controllers/Leaves.php.

View critical disclosures

cvelogic Threat Intelligence