Skip to main content
CVE-2022-0877 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository bookstackapp/bookstack prior to v22.02.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Bookstack
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
CVE-2022-26319 MEDIUM PATCH This Month

An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Trend Micro Information Disclosure Portable Security
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-26317 MEDIUM This Month

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.29). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Mendix
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-24739 MEDIUM PATCH This Month

alltube is an html front end for youtube-dl. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

SSRF Open Redirect Alltube
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2022-24714 MEDIUM PATCH This Month

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Icinga Web 2
NVD GitHub
CVSS 3.1
5.3
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy