Skip to main content
CVE-2022-21219 HIGH This Week

Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Cx Programmer
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-21124 HIGH This Week

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Information Disclosure Cx Programmer
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2022-20054 HIGH This Week

In ims service, there is a possible AT command injection due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Authentication Bypass Command Injection Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-20053 HIGH This Week

In ims service, there is a possible escalation of privilege due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20048 HIGH This Week

In video decoder, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Memory Corruption Buffer Overflow Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20047 HIGH This Week

In video decoder, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Memory Corruption Buffer Overflow Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-0516 HIGH PATCH This Week

A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Linux Information Disclosure Linux Kernel Fedora Debian Linux +20
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-24726 HIGH PATCH This Week

Istio is an open platform to connect, manage, and secure microservices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Istio
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-26662 HIGH PATCH This Week

An XML Entity Expansion (XEE) issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Proteus Trytond Debian Linux
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2022-26311 HIGH This Week

Couchbase Operator 2.2.x before 2.2.3 exposes Sensitive Information to an Unauthorized Actor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Kubernetes Information Disclosure Cloud Native Operator
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-0903 HIGH This Week

A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Mattermost Buffer Overflow Mattermost Server
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-0813 HIGH PATCH This Week

PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Phpmyadmin
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-0725 HIGH This Week

A flaw was found in keepass. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Keepass Extra Packages For Enterprise Linux Fedora
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2022-0618 HIGH This Week

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Swiftnio Http 2
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-0815 HIGH This Week

Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up to 8.1.0.1895 allows a remote attacker to gain access to McAfee WebAdvisor settings and other details. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Webadvisor
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2022-25821 HIGH This Week

Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2022-0280 HIGH This Week

A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Microsoft Windows
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-23042 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-23041 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-23040 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-23039 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-23038 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-23037 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-23036 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-26488 HIGH This Week

In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Python Information Disclosure Active Iq Unified Manager Ontap Select Deploy Administration Utility
NVD
CVSS 3.1
7.0
EPSS
1.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy