Aug 3, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 8 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2022-2272 Santesoft Sante Pacs Server SQL injection

  • CVSS 9.8

New critical Santesoft Sante Pacs Server SQL injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-32292 Debian Connman Buffer Overflow

  • CVSS 9.8

New critical Debian Connman Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-34974 Dlink Dir-810l Firmware Command Injection

  • CVSS 9.8

New critical Dlink Dir-810l Firmware Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-2272 CVSS 9.8

This vulnerability allows remote attackers to bypass authentication on affected installations of Sante PACS Server 3.0.4.

CVE-2022-32292 CVSS 9.8

In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overfl...

CVE-2022-34974 CVSS 9.8

D-Link DIR810LA1_FW102B22 was discovered to contain a command injection vulnerability via the Ping_addr function.

CVE-2022-35161 CVSS 9.8

GVRET Stable Release as of Aug 15, 2015 was discovered to contain a buffer overflow via the handleConfigCmd function at SerialConsole.cpp.

CVE-2022-35619 CVSS 9.8

D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnerability via the function ssdpcgi_main.

CVE-2022-35620 CVSS 9.8

D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnerability via the function binary.soapcg...

CVE-2022-35865 CVSS 9.8

This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It!

CVE-2022-35866 CVSS 9.8

This vulnerability allows remote attackers to bypass authentication on affected installations of Vinchin Backup and Recovery 6.5.0.17561.

View critical disclosures

cvelogic Threat Intelligence