Skip to main content
CVE-2022-0492 HIGH POC KEV PATCH THREAT Act Now

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Linux Authentication Bypass
NVD VulDB
CVSS 3.1
7.8
EPSS
5.2%
Threat
4.7
CVE-2022-22909 HIGH POC THREAT This Week

HotelDruid v3.0.3 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via an attacker inserting a crafted payload into the name field under the Create New Room. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Hoteldruid
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
45.4%
CVE-2022-26129 HIGH POC This Week

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the subtlv length in the functions, parse_hello_subtlv, parse_ihu_subtlv, and parse_update_subtlv in. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Frrouting
NVD GitHub
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-26128 HIGH POC This Week

A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babel_packet_examin function in babeld/message.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Frrouting
NVD GitHub
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-26127 HIGH POC This Week

A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the input packet length in the babel_packet_examin function in babeld/message.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Frrouting
NVD GitHub
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-26126 HIGH POC This Week

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Frrouting Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-26125 HIGH POC This Week

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Frrouting
NVD GitHub
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-21716 HIGH POC PATCH This Week

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Python Twisted Debian Linux Http Server +2
NVD GitHub
CVSS 3.1
7.5
EPSS
3.6%
CVE-2022-23648 HIGH POC PATCH THREAT This Week

containerd is a container runtime available as a daemon for Linux and Windows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Kubernetes Microsoft Information Disclosure Containerd Debian Linux +1
NVD GitHub
CVSS 3.1
7.5
EPSS
27.4%
CVE-2022-0528 HIGH POC PATCH This Week

Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SSRF Uppy
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-42950 HIGH This Week

Remote Code Execution (RCE) vulnerability exists in Zepl Notebooks all previous versions before October 25 2021. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Zepl
NVD VulDB
CVSS 3.1
8.8
EPSS
1.7%
CVE-2022-25471 HIGH This Week

An Insecure Direct Object Reference (IDOR) vulnerability in OpenEMR 6.0.0 allows any authenticated attacker to access and modify unauthorized areas via a crafted POST request to. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Openemr
NVD GitHub
CVSS 3.1
8.1
EPSS
0.8%
CVE-2022-25031 HIGH This Week

Remote Desktop Commander Suite Agent before v4.8 contains an unquoted service path which allows attackers to escalate privileges to the system level. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Remote Desktop Commander Suite Agent
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-22706 HIGH POC KEV THREAT This Week

Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Bifrost Gpu Kernel Driver Midgard Gpu Kernel Driver Valhall Gpu Kernel Driver
NVD
CVSS 3.1
7.8
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy