Skip to main content
CVE-2022-25510 HIGH POC PATCH This Week

FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Python Freetakserver Ui
NVD GitHub
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-25216 HIGH POC THREAT This Week

An absolute path traversal vulnerability allows a remote attacker to download any file on the Windows file system for which the user account running DVDFab 12 Player (recently renamed PlayerFab) has. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Path Traversal 12 Player Playerfab
NVD
CVSS 3.1
7.5
EPSS
13.8%
CVE-2022-0853 HIGH POC This Week

A flaw was found in JBoss-client. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Descision Manager Jboss Enterprise Application Platform Jboss Enterprise Application Platform Expansion Pack Process Automation +1
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2022-0913 HIGH POC PATCH This Week

Integer Overflow or Wraparound in GitHub repository microweber/microweber prior to 1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Microweber
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2022-25512 HIGH POC This Week

FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API and Websocket keys. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Freetakserver Ui
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-25508 HIGH POC PATCH This Week

An access control issue in the component /ManageRoute/postRoute of FreeTAKServer v1.9.8 allows unauthenticated attackers to cause a Denial of Service (DoS) via an unusually large amount of created. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Authentication Bypass Freetakserver Ui
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-25600 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin (versions <= 4.2.3). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google CSRF Wp Maps Fedora
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-22729 HIGH This Week

CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Centum Cs 3000 Firmware Centum Cs 3000 Entry Firmware Centum Vp Firmware Centum Vp Entry Firmware +1
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-21808 HIGH This Week

Path traversal vulnerability exists in CAMS for HIS Server contained in the following Yokogawa Electric products: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Centum Cs 3000 Firmware Centum Cs 3000 Entry Firmware Centum Vp Firmware Centum Vp Entry Firmware +1
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-23934 HIGH This Week

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE HP Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2022-23933 HIGH This Week

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE HP Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2022-23932 HIGH This Week

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE HP Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2022-23931 HIGH This Week

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE HP Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2022-23930 HIGH This Week

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE HP Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2022-23929 HIGH This Week

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE HP Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2022-23928 HIGH This Week

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE HP Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2022-23927 HIGH This Week

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE HP Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2022-23926 HIGH This Week

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE HP Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2022-23925 HIGH This Week

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE HP Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2022-23924 HIGH This Week

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE HP Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.6%
CVE-2022-22151 HIGH This Week

CAMS for HIS Log Server contained in the following Yokogawa Electric products fails to properly neutralize log outputs: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Centum Cs 3000 Firmware Centum Cs 3000 Entry Firmware Centum Vp Firmware Centum Vp Entry Firmware +1
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2022-22145 HIGH This Week

CAMS for HIS Log Server contained in the following Yokogawa Electric products is vulnerable to uncontrolled resource consumption. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Centum Cs 3000 Firmware Centum Cs 3000 Entry Firmware Centum Vp Firmware Centum Vp Entry Firmware +1
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2022-21177 HIGH This Week

There is a path traversal vulnerability in CAMS for HIS Log Server contained in the following Yokogawa Electric products: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Centum Cs 3000 Firmware Centum Cs 3000 Entry Firmware Centum Vp Firmware Centum Vp Entry Firmware +1
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2022-24421 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Buffer Overflow Alienware 13 R3 Firmware Alienware 15 R3 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-24420 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Buffer Overflow Alienware 13 R3 Firmware Alienware 15 R3 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-24419 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Buffer Overflow Alienware 13 R3 Firmware Alienware 15 R3 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-24416 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Buffer Overflow Alienware 13 R3 Firmware Alienware 15 R3 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-24415 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Buffer Overflow Alienware 13 R3 Firmware Alienware 15 R3 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-24097 HIGH PATCH This Week

Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe Memory Corruption RCE Buffer Overflow After Effects
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2022-24096 HIGH PATCH This Week

Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe RCE Buffer Overflow Heap Overflow After Effects
NVD
CVSS 3.1
7.8
EPSS
3.8%
CVE-2022-24095 HIGH PATCH This Week

Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Adobe Stack Overflow Buffer Overflow After Effects
NVD
CVSS 3.1
7.8
EPSS
3.8%
CVE-2022-24094 HIGH PATCH This Week

Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Adobe Stack Overflow Buffer Overflow After Effects
NVD
CVSS 3.1
7.8
EPSS
3.8%
CVE-2022-23731 HIGH This Week

V8 javascript engine (heap vulnerability) can cause privilege escalation ,which can impact on some webOS TV models. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Webos
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-23187 HIGH This Week

Adobe Illustrator version 26.0.3 (and earlier) is affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Buffer Overflow Illustrator
NVD
CVSS 3.1
7.8
EPSS
4.3%
CVE-2022-23401 HIGH This Week

The following Yokogawa Electric products contain insecure DLL loading issues. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Centum Cs 3000 Firmware Centum Cs 3000 Entry Firmware Centum Vp Firmware Centum Vp Entry Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-22148 HIGH This Week

'Root Service' service implemented in the following Yokogawa Electric products creates some named pipe with improper ACL configuration. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Centum Cs 3000 Firmware Centum Cs 3000 Entry Firmware Centum Vp Firmware Centum Vp Entry Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-22141 HIGH This Week

'Long-term Data Archive Package' service implemented in the following Yokogawa Electric products creates some named pipe with imporper ACL configuration. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Centum Cs 3000 Firmware Centum Cs 3000 Entry Firmware Centum Vp Firmware Centum Vp Entry Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-21819 HIGH This Week

NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker with physical access to the board direct read/write access to. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Nvidia Jetson Linux
NVD
CVSS 3.1
7.6
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy