Weekly Threat & Vulnerabilities Report

Information DisclosureVulnerability in ownCloud graphapi.

Command injectionvulnerability in LB-LINK devices.

Command  Injection Vulnerability in TP-Link Archer AX-21.

Server-Side RequestForgery Vulnerability in Microsoft Exchange Server.

Command injectionvulnerability via the Ping function in Tenda Products.

Hardcodedencryption/decryption key vulnerability in Wavlink.

cross-site scriptingvulnerability in Wavlink Devices.

Command injectionvulnerability in Hadoop.

Improper inputvalidation vulnerability in GeoServer.

Code InjectionVulnerability in VMware Spring Cloud Gateway.

An unauthenticated command injection vulnerabilityfound in the TP-Link Archer AX21 WiFi router.

Command injection vulnerability in LB-LINK

Remote code execution vulnerability in MVPower CCTVDVR models

Elevation of Privilege (EoP) vulnerability in theDesktop Window Manager (DWM) Core Library of Microsoft Windows.

Authentication bypass vulnerability in the webcomponent of Ivanti ICS 9.x, 22.x