Skip to main content
CVE-2022-1031 HIGH POC PATCH This Week

Use After Free in op_is_set_bp in GitHub repository radareorg/radare2 prior to 5.6.6. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free Radare2
NVD GitHub
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-1036 HIGH POC PATCH This Week

Able to create an account with long password leads to memory corruption / Integer Overflow in GitHub repository microweber/microweber prior to 1.2.12. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Microweber
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-1034 HIGH POC PATCH This Week

There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

File Upload Showdoc
NVD GitHub
CVSS 3.1
7.2
EPSS
1.5%
CVE-2022-0386 HIGH This Week

A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Sophos SQLi Unified Threat Management
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2022-24774 HIGH PATCH This Week

CycloneDX BOM Repository Server is a bill of materials (BOM) repository server for distributing CycloneDX BOMs. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Path Traversal Bill Of Materials Repository Server
NVD GitHub
CVSS 3.1
8.1
EPSS
1.4%
CVE-2022-0652 HIGH This Week

Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Sophos Information Disclosure Unified Threat Management
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-24764 HIGH PATCH This Week

PJSIP is a free and open source multimedia communication library written in C. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Pjsip Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
2.3%
CVE-2022-0667 HIGH This Week

When the vulnerability is triggered the BIND process will exit. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Bind H300s Firmware H500s Firmware H700s Firmware +5
NVD
CVSS 3.1
7.5
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy