Sep 30, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Microsoft Exchange Server: 2 CVEs added to CISA KEV today.
  • 7 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2022-36804 Atlassian Bitbucket Server and Data Center Command Injection

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Atlassian Bitbucket Server And Data Center Command Injection is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2022-35156 Phpgurukul Bus Pass Management System SQL Injection

  • CVSS 9.8

New critical Phpgurukul Bus Pass Management System SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-40314 A remote code execution risk when restoring backup files originating from Moodle 1.9 was identified.

  • CVSS 9.8
  • Remote code execution exposure

New critical Moodle RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Microsoft Exchange Server Server-Side Request Forgery

Atlassian Bitbucket Server and Data Center Command Injection

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-2778 CVSS 9.8

In affected versions of Octopus Deploy it is possible to bypass rate limiting on login using null bytes.

CVE-2022-35156 CVSS 9.8

Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/downloa...

CVE-2022-40314 CVSS 9.8

A remote code execution risk when restoring backup files originating from Moodle 1.9 was identified.

CVE-2022-40315 CVSS 9.8

A limited SQL injection risk was identified in the "browse list of users" site administration page.

CVE-2022-40943 CVSS 9.8

Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via bwdate-report-ds.php file.

CVE-2022-40944 CVSS 9.8

Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via sales-report-ds.php file.

CVE-2022-42002 CVSS 9.1

SonicJS through 0.6.0 allows file overwrite.

View critical disclosures

cvelogic Threat Intelligence