Home
» Risk & Exploitation
» Daily threat intelligence
» Nov 16, 2022
Nov 16, 2022 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
CVE-2022-40752
Ibm Infosphere Information Server Command Injection
New critical Ibm Infosphere Information Server Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
CVE-2022-40881
Contec Solarview Compact Firmware Command Injection
New critical Contec Solarview Compact Firmware Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
CVE-2022-42245
Dreamer CMS 4.0.01 is vulnerable to SQL Injection.
New critical Dreamer Cms Project Dreamer Cms SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements.
SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php
Dreamer CMS 4.0.01 is vulnerable to SQL Injection.
There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center.
Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration and subsequ...
An issue was discovered in BACKCLICK Professional 5.9.63.
An issue was discovered in BACKCLICK Professional 5.9.63.
An issue was discovered in BACKCLICK Professional 5.9.63.
An issue was discovered in BACKCLICK Professional 5.9.63.
An issue was discovered in BACKCLICK Professional 5.9.63.
View critical disclosures
cvelogic
Threat Intelligence