Skip to main content
CVE-2022-0717 CRITICAL POC PATCH Act Now

Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Mruby
NVD GitHub
CVSS 3.1
9.1
EPSS
0.9%
CVE-2022-0729 HIGH POC PATCH This Week

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Memory Corruption Information Disclosure Vim Fedora Debian Linux +1
NVD GitHub
CVSS 3.1
8.8
EPSS
1.6%
CVE-2022-0736 HIGH POC PATCH This Week

Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Mlflow
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-0654 HIGH POC PATCH This Week

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository fgribreau/node-request-retry prior to 7.0.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Node Request Retry
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2022-21705 HIGH POC PATCH This Week

Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP RCE October
NVD GitHub
CVSS 3.1
7.2
EPSS
8.7%
CVE-2022-0731 MEDIUM POC PATCH This Month

Improper Access Control (IDOR) in GitHub repository dolibarr/dolibarr prior to 16.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Dolibarr Erp Crm
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2022-0724 MEDIUM POC PATCH This Month

Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Microweber
NVD GitHub
CVSS 3.1
6.5
EPSS
1.3%
CVE-2022-0721 MEDIUM POC PATCH This Month

Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Microweber
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2022-0476 MEDIUM POC PATCH This Month

Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Radare2 Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
1.0%
CVE-2022-0727 MEDIUM POC PATCH This Month

Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Peertube
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-0726 MEDIUM POC PATCH This Month

Missing Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Peertube
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-0719 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Microweber
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
CVE-2022-20650 HIGH This Week

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
8.8
EPSS
14.5%
CVE-2022-24409 HIGH This Week

Dell BSAFE SSL-J contains remediation for a covert timing channel vulnerability that may be exploited by malicious users to compromise the affected system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Dell Information Disclosure Bsafe Ssl J
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-22336 HIGH This Week

IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service IBM Sterling External Authentication Server Sterling Secure Proxy
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2022-20624 HIGH This Week

A vulnerability in the Cisco Fabric Services over IP (CFSoIP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 3.1
7.5
EPSS
12.4%
CVE-2022-20623 HIGH This Week

A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 3.1
7.5
EPSS
12.3%
CVE-2022-22333 MEDIUM PATCH This Month

IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow, due to the Jetty based GUI in the Secure Zone not properly. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

IBM Buffer Overflow Sterling External Authentication Server Sterling Secure Proxy
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-23653 MEDIUM PATCH This Month

B2 Command Line Tool is the official command line tool for the backblaze cloud storage service. Rated medium severity (CVSS 4.7).

Information Disclosure B2 Command Line Tool
NVD GitHub
CVSS 3.1
4.7
EPSS
0.2%
CVE-2022-23651 MEDIUM PATCH This Month

b2-sdk-python is a python library to access cloud storage provided by backblaze. Rated medium severity (CVSS 4.7).

Python Information Disclosure B2 Python Software Development Kit
NVD GitHub
CVSS 3.1
4.7
EPSS
0.2%
CVE-2022-20625 MEDIUM This Month

A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Extensible Operating System Nx Os
NVD
CVSS 3.1
4.3
EPSS
3.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy