Skip to main content
CVE-2021-46700 MEDIUM POC This Month

In libsixel 1.8.6, sixel_encoder_output_without_macro (called from sixel_encoder_encode_frame in encoder.c) has a double free. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libsixel
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-0690 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Microweber
NVD GitHub
CVSS 3.1
6.1
EPSS
1.1%
CVE-2022-0678 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Microweber
NVD GitHub
CVSS 3.1
6.1
EPSS
2.3%
CVE-2022-0632 MEDIUM POC PATCH This Month

NULL Pointer Dereference in Homebrew mruby prior to 3.2. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Mruby
NVD GitHub
CVSS 3.1
5.5
EPSS
0.8%
CVE-2022-0689 MEDIUM POC PATCH This Month

Use multiple time the one-time coupon in Packagist microweber/microweber prior to 1.2.11. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Microweber
NVD GitHub
CVSS 3.1
5.3
EPSS
1.0%
CVE-2022-23376 MEDIUM This Month

WikiDocs version 0.1.18 has multiple reflected XSS vulnerabilities on different pages. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Wikidocs
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2022-25256 MEDIUM This Month

SAS Web Report Studio 4.4 allows XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Web Report Studio
NVD GitHub
CVSS 3.1
6.1
EPSS
1.2%
CVE-2022-24979 MEDIUM PATCH This Month

An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Varnishcache
NVD
CVSS 3.1
5.3
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy