Skip to main content
CVE-2020-18326 HIGH POC This Week

Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Subrion Cms
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
2.2%
CVE-2022-23328 HIGH POC This Week

A design flaw in all versions of Go-Ethereum allows an attacker node to send 5120 pending transactions of a high gas price from one account that all fully spend the full balance of the account to a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Go Ethereum
NVD VulDB
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-23327 HIGH POC This Week

A design flaw in Go-Ethereum 1.10.12 and older versions allows an attacker node to send 5120 future transactions with a high gas price in one message, which can purge all of pending transactions in a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Go Ethereum
NVD VulDB
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-21828 HIGH POC This Week

A user with high privilege access to the Incapptic Connect web console can remotely execute code on the Incapptic Connect server using a unspecified attack vector in Incapptic Connect version 1.40.0,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Incapptic Connect
NVD
CVSS 3.1
7.2
EPSS
3.7%
CVE-2022-23915 HIGH PATCH This Week

The package weblate from 0 and before 4.11.1 are vulnerable to Remote Code Execution (RCE) via argument injection when using git or mercurial repositories. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Weblate
NVD GitHub
CVSS 3.1
8.8
EPSS
2.9%
CVE-2022-25623 HIGH This Week

The Symantec Management Agent is susceptible to a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Management Agent
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-23729 HIGH This Week

When the device is in factory state, it can be access the shell without adb authentication process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-23233 HIGH This Week

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS) of the Local. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Storagegrid
NVD
CVSS 3.1
7.5
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy