Critical exposure
CVE-2022-43931 Synology Vpn Plus Server Out-of-Bounds Write
- CVSS 10
New critical Synology Vpn Plus Server Out-of-Bounds Write (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Synology Vpn Plus Server Out-of-Bounds Write (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Aenrich A\+hrd SSRF (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Aenrich A\+hrd SQL injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
aEnrich’s a+HRD has inadequate filtering for specific URL parameter.
aEnrich a+HRD has insufficient user input validation for specific API parameter.
aEnrich a+HRD has improper validation for login function.
The Cryptocurrency Widgets Pack WordPress plugin before 2.0 does not sanitise and escape some parameter before using it in a SQL statemen...
The Joy Of Text Lite WordPress plugin before 2.3.1 does not properly sanitise and escape some parameters before using them in SQL stateme...
The WP AutoComplete Search WordPress plugin through 1.0.4 does not sanitise and escape a parameter before using it in a SQL statement via...
The Wholesale Market WordPress plugin before 2.2.1 does not have authorisation check, as well as does not validate user input used to gen...
The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an...
Out-of-bounds write vulnerability in Remote Desktop Functionality in Synology VPN Plus Server before 1.4.3-0534 and 1.4.4-0635 allows rem...
Merit LILIN AH55B04 & AH55B08 DVR firm has hard-coded administrator credentials.