Jan 9, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 8 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2023-0018 Sap Businessobjects Business Intelligence Platform cross-site scripting

  • CVSS 10

New critical Sap Businessobjects Business Intelligence Platform cross-site scripting (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2023-0016 SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries.

  • CVSS 9.9

New critical Sap Business Planning And Consolidation SQL Injection (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2023-0022 Sap Businessobjects Business Intelligence Platform

  • CVSS 9.9

New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-22088 CVSS 9.8

Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote

CVE-2022-33219 CVSS 9.3

Memory corruption in Automotive due to integer overflow to buffer overflow while registering a new listener with shared buffer.

CVE-2022-47790 CVSS 9.8

Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=.

CVE-2023-0014 CVSS 9

SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 75...

CVE-2023-0016 CVSS 9.9

SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries.

CVE-2023-0017 CVSS 9.4

An unauthenticated attacker in SAP NetWeaver AS for Java - version 7.50, due to improper access control, can attach to an open interface...

CVE-2023-0018 CVSS 10

Due to improper input sanitization of user-controlled input in SAP BusinessObjects Business Intelligence Platform CMC application - versi...

CVE-2023-0022 CVSS 9.9

SAP BusinessObjects Business Intelligence Analysis edition for OLAP allows an authenticated attacker to inject malicious code that can be...

View critical disclosures

cvelogic Threat Intelligence