Skip to main content
CVE-2022-24760 CRITICAL POC PATCH THREAT Act Now

Parse Server is an open source http web server backend. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Ubuntu RCE Microsoft PostgreSQL Parse Server
NVD GitHub
CVSS 3.1
10.0
EPSS
49.1%
CVE-2022-26967 HIGH POC This Week

GPAC 2.0 allows a heap-based buffer overflow in gf_base64_encode. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gpac
NVD GitHub
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-0929 MEDIUM POC PATCH This Month

XSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Microweber
NVD GitHub
CVSS 3.1
6.1
EPSS
1.1%
CVE-2022-26533 MEDIUM POC PATCH This Month

Alist v2.1.0 and below was discovered to contain a cross-site scripting (XSS) vulnerability via /i/:data/ipa.plist. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Alist
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-0880 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showdoc prior to 2.10.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Showdoc
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-0930 MEDIUM POC PATCH This Month

File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS File Upload Microweber
NVD GitHub
CVSS 3.1
4.8
EPSS
0.9%
CVE-2022-0926 MEDIUM POC PATCH This Month

File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS File Upload Microweber
NVD GitHub
CVSS 3.1
4.8
EPSS
0.8%
CVE-2022-26966 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel before 5.16.12. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel Active Iq Unified Manager H500s Firmware +7
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-26276 MEDIUM This Month

An issue in index.php of OneNav v0.9.14 allows attackers to perform directory traversal. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Path Traversal Onenav
NVD GitHub
CVSS 3.1
5.3
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy