Sep 15, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Linux Kernel: 3 CVEs added to CISA KEV today.
  • Gitea: public exploit or PoC linked
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2010-2568 Microsoft Windows Remote Code Execution

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Remote code execution exposure

Microsoft Windows RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploit activity

CVE-2022-30781 Gitea before 1.16.7 does not escape git fetch remote.

  • Public exploit or PoC available
  • Exploit activity linked

Public exploit or PoC linked — exploitation bar is lower than disclosure-only CVEs.

Critical exposure

CVE-2022-26959 Globalnorthstar Northstar Club Management SQL Injection

  • CVSS 10

New critical Globalnorthstar Northstar Club Management SQL Injection (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Trend Micro Apex One and Apex One as a Service Improper Validation

Code Aurora ACDB Audio Driver Stack-based Buffer Overflow

View KEV additions

Exploit & PoC activity

CVE-2022-30781 Exploit

Gitea before 1.16.7 does not escape git fetch remote.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-2471 CVSS 9.9

Stack-based Buffer Overflow vulnerability in the EZVIZ Motion Detection component as used in camera models CS-CV248, CS-C6N-A0-1C2WFR, CS...

CVE-2022-26959 CVSS 10

There are two full (read/write) Blind/Time-based SQL injection vulnerabilities in the Northstar Club Management version 6.3 application.

CVE-2022-36536 CVSS 9.8

An issue in the component post_applogin.php of Super Flexible Software GmbH & Co.

CVE-2022-37257 CVSS 9.8

Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the requestedVersion variable in...

CVE-2022-37264 CVSS 9.8

Prototype pollution vulnerability in stealjs steal 2.2.4 via the optionName variable in main.js.

CVE-2022-37266 CVSS 9.8

Prototype pollution vulnerability in function extend in babel.js in stealjs steal 2.2.4 via the key variable in babel.js.

CVE-2022-37861 CVSS 9.8

There is a remote code execution (RCE) vulnerability in Tenhot TWS-100 V4.0-201809201424 router device.

CVE-2022-38325 CVSS 9.8

Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the fi...

CVE-2022-38326 CVSS 9.8

Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the pa...

CVE-2022-38789 CVSS 9.1

An issue was discovered in Airties Smart Wi-Fi before 2020-08-04.

View critical disclosures

cvelogic Threat Intelligence