Customer portal
CVE Top 10

The SOS Intelligence CVE Chatter Weekly Top Ten – 09 January 2023

by Amir Hadzipasic
January 9, 2023

 

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

 

 

1.  CVE-2012-2459

Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.6, 0.5.x before 0.5.5, 0.6.0.x before 0.6.0.7, and 0.6.x before 0.6.2 allows remote attackers to cause a denial of service (block-processing outage and incorrect block count) via unknown behavior on a Bitcoin network.

https://nvd.nist.gov/vuln/detail/CVE-2012-2459

 

 

2. CVE-2022-46490

GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_box_read function at box_code_adobe.c.

https://nvd.nist.gov/vuln/detail/CVE-2022-46490

 

 

3. CVE-2022-46489

GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the gf_isom_box_parse_ex function at box_funcs.c.

https://nvd.nist.gov/vuln/detail/CVE-2022-46489

 

 

4. CVE-2021-38003

Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

https://nvd.nist.gov/vuln/detail/CVE-2021-38003

 

 

5. CVE-2022-41080

Microsoft Exchange Server Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41123.

https://nvd.nist.gov/vuln/detail/CVE-2022-41080

 

 

6. CVE-2018-17144

Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash.

https://nvd.nist.gov/vuln/detail/CVE-2018-17144

 

 

7. CVE-2022-41082

Microsoft Exchange Server Remote Code Execution Vulnerability.

https://nvd.nist.gov/vuln/detail/CVE-2022-41082

 

 

8. CVE-2022-23087

N/A

https://nvd.nist.gov/vuln/detail/CVE-2022-23087

 

 

9. CVE-2022-4025

Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. (Chrome security severity: Low)

https://nvd.nist.gov/vuln/detail/CVE-2022-4025

 

 

10. CVE-2022-46164

N/A

https://nvd.nist.gov/vuln/detail/CVE-2022-46164

 

cve chatter weekly top tenCVE intelligenceSOS Intelligence
Previous
The SOS Intelligence CVE Chatter Weekly Top Ten – 16 January 2023
Next
Our webinar schedule
Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from - Youtube
Vimeo
Consent to display content from - Vimeo
Google Maps
Consent to display content from - Google
Spotify
Consent to display content from - Spotify
Sound Cloud
Consent to display content from - Sound
Save