Threatless Technology-TVD Daily Vulnerability Intelligence-2022-7-20

Vulnerability Name: AWS IAM Authenticator for Kubernetes Authentication Bypass Vulnerability
Vulnerability Level: None
Vulnerability Number: CVE-2022-2385;CNNVD-202207-871
Related Involvement: Kubernetes SIGs AWS IAMAuthenticator 0.5.2/0.5.8
Vulnerability status: None
Reference link: https://tvd.wuthreat.com/#/listDetail?TVD_ID=TVD-2022-14271

Vulnerability Name: Zyxel Firewall Privilege Escalation Vulnerability
Vulnerability Level: None
Vulnerability Number: CVE-2022-30526
Related: Zyxel USG, USG FLEX series firmware, ATP series firmware, VPN series firmware
Vulnerability status: None
Reference link: https://tvd.wuthreat.com/#/listDetail?TVD_ID=TVD-2022-14720

Vulnerability Name: Microweber Cross-Site Scripting Vulnerability
Vulnerability Level: Moderate Critical
Vulnerability ID: CVE-2022-2280;CNNVD-202207-240
Related: Schneider Electric EcoStruxure Power Monitoring Expert 2020
Vulnerability status: EXP
Reference link: https://tvd.wuthreat.com/#/listDetail?TVD_ID=TVD-2022-13501

Vulnerability Name: RealVNC VNC Server Privilege Escalation Vulnerability
Vulnerability Level: High Risk
Vulnerability Number: CVE-2022-27502;CNNVD-202204-2920
Related: RealVNC VNC Server
Vulnerability Status:Automated utilization
Reference link: https://tvd.wuthreat.com/#/listDetail?TVD_ID=TVD-2022-11866

Vulnerability name: quic-go resource management error vulnerability
Vulnerability level: high risk
Vulnerability number: CVE-2022-30591;CNNVD-202207-505
Related: quic-go version 0.27.0and previous versions
Vulnerability status: EXP
Reference link: https://tvd.wuthreat.com/#/listDetail?TVD_ID=TVD-2022-13784