Skip to main content
CVE-2022-23652 HIGH POC PATCH This Week

capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Authentication Bypass Kubernetes Capsule Proxy
NVD GitHub
CVSS 3.1
8.8
EPSS
1.4%
CVE-2022-0676 HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Radare2 Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
1.2%
CVE-2022-23612 HIGH POC PATCH This Week

OpenMRS is a patient-based medical record system focusing on giving providers a free customizable electronic medical record system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Tomcat Path Traversal Openmrs
NVD GitHub
CVSS 3.1
7.5
EPSS
1.9%
CVE-2022-0713 HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Radare2 Fedora
NVD GitHub
CVSS 3.1
7.1
EPSS
1.0%
CVE-2022-0665 MEDIUM POC PATCH This Month

Path Traversal in GitHub repository pimcore/pimcore prior to 10.3.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Pimcore
NVD GitHub
CVSS 3.1
6.5
EPSS
1.5%
CVE-2022-21654 CRITICAL PATCH Act Now

Envoy is an open source edge and service proxy, designed for cloud-native applications. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Envoy
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-23608 CRITICAL PATCH Act Now

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Information Disclosure Pjsip Certified Asterisk +2
NVD GitHub
CVSS 3.1
9.8
EPSS
4.0%
CVE-2022-0714 MEDIUM POC PATCH THREAT This Month

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim Fedora Debian Linux +1
NVD GitHub
CVSS 3.1
5.5
EPSS
12.3%
CVE-2022-0712 MEDIUM POC PATCH This Month

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Radare2 Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2022-21655 HIGH PATCH This Week

Envoy is an open source edge and service proxy, designed for cloud-native applications. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Envoy
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-23635 HIGH PATCH This Week

Istio is an open platform to connect, manage, and secure microservices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Istio
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-23606 MEDIUM PATCH This Month

Envoy is an open source edge and service proxy, designed for cloud-native applications. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Envoy
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2022-21657 MEDIUM PATCH This Month

Envoy is an open source edge and service proxy, designed for cloud-native applications. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Envoy
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-23654 MEDIUM PATCH This Month

Wiki.js is a wiki app built on Node.js. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Node.js Wiki Js
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-21656 MEDIUM PATCH This Month

Envoy is an open source edge and service proxy, designed for cloud-native applications. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass OpenSSL Envoy
NVD GitHub
CVSS 3.1
5.9
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy