Oct 7, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2022-37885 Arubanetworks Arubaos RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Arubanetworks Arubaos RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-37886 Arubanetworks Arubaos RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Arubanetworks Arubaos RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-37887 Arubanetworks Arubaos RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Arubanetworks Arubaos RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-31680 CVSS 9.1

The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller).

CVE-2022-37885 CVSS 9.8

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sen...

CVE-2022-37886 CVSS 9.8

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sen...

CVE-2022-37887 CVSS 9.8

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sen...

CVE-2022-37889 CVSS 9.8

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sen...

CVE-2022-37890 CVSS 9.8

Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface.

CVE-2022-37891 CVSS 9.8

Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface.

CVE-2022-39289 CVSS 9.1

ZoneMinder is a free, open source Closed-circuit television software application.

CVE-2022-40872 CVSS 9.8

An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, cl...

CVE-2022-42075 CVSS 9.8

Wedding Planner v1.0 is vulnerable to arbitrary code execution.

View critical disclosures

cvelogic Threat Intelligence