Skip to main content
CVE-2022-20001 HIGH PATCH This Week

fish is a command line shell. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Fish Fedora Debian Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-24740 HIGH PATCH This Week

Volto is a ReactJS-based frontend for the Plone Content Management System. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Volto
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-22354 HIGH This Week

IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.2 and IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 do not limit the length of a connection which could allow for a Slowloris HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service IBM Spectrum Copy Data Management Spectrum Protect Plus
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-22719 HIGH PATCH This Week

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash.4.52 and earlier. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Apache Http Server Debian Linux Fedora +3
NVD
CVSS 3.1
7.5
EPSS
69.8%
CVE-2022-24387 HIGH This Week

With administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Smartertrack
NVD
CVSS 3.1
7.2
EPSS
2.0%
CVE-2022-22353 MEDIUM This Month

IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 could allow an authenticated user with appropriate permissions to obtain sensitive information by bypassing data masking rules. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Big Sql
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-24385 MEDIUM This Month

A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Smartertrack
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-24733 MEDIUM PATCH This Month

Sylius is an open source eCommerce platform. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Sylius
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2022-22344 MEDIUM This Month

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM XSS Spectrum Copy Data Management
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-24386 MEDIUM This Month

Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Smartertrack
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-24742 MEDIUM PATCH This Month

Sylius is an open source eCommerce platform. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sylius
NVD GitHub
CVSS 3.1
5.5
EPSS
0.8%
CVE-2022-22348 LOW Monitor

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM CSRF Spectrum Protect Operations Center
NVD
CVSS 3.1
2.4
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy