Dec 16, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 6 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2021-31650 Online Grading System Project Online Grading System SQL Injection

  • CVSS 9.8

New critical Online Grading System Project Online Grading System SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2021-38241 Ruoyi Deserialization

  • CVSS 9.8

New critical Ruoyi Deserialization (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-47377 Sick Sim2000 Firmware privilege escalation

  • CVSS 9.8
  • Potential privilege escalation to admin/root

New critical Sick Sim2000 Firmware privilege escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-31650 CVSS 9.8

A SQL injection vulnerability in Sourcecodester Online Grading System 1.0 allows remote attackers to execute arbitrary SQL commands via t...

CVE-2021-38241 CVSS 9.8

Deserialization issue discovered in Ruoyi before 4.6.1 allows remote attackers to run arbitrary code via weak cipher in Shiro framework.

CVE-2022-37832 CVSS 9.8

Mutiny 7.2.0-10788 suffers from Hardcoded root password.

CVE-2022-42529 CVSS 9.8

Product: AndroidVersions: Android kernelAndroid ID: A-235292841References: N/A

CVE-2022-45796 CVSS 9.1

Command injection vulnerability in nw_interface.html in SHARP multifunction printers (MFPs)'s Digital Full-color Multifunctional System 2...

CVE-2022-47377 CVSS 9.8

Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13.4 allows an unprivileged remote attacker...

View critical disclosures

cvelogic Threat Intelligence