Skip to main content
CVE-2022-21820 MEDIUM POC PATCH THREAT This Month

NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of error conditions without action, which may lead to limited code execution, some denial of service,. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service RCE Nvidia Data Center Gpu Manager
NVD
CVSS 3.1
6.3
EPSS
16.5%
CVE-2022-25575 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Parking Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via crafted payloads injected into the user name,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Parking Management System
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-1058 MEDIUM POC PATCH THREAT This Month

Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Gitea Open Redirect
NVD GitHub
CVSS 3.1
6.1
EPSS
53.2%
CVE-2022-1052 MEDIUM POC PATCH This Month

Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5.6.6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Radare2
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-0145 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository forkcms/forkcms prior to 5.11.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Fork Cms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-0955 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/data-hub prior to 1.2.4. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Data Hub
NVD GitHub
CVSS 3.1
4.8
EPSS
0.6%
CVE-2022-25576 MEDIUM POC This Month

Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component anchor/routes/posts.php. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Anchor Cms
NVD GitHub
CVSS 3.1
4.5
EPSS
0.4%
CVE-2022-24776 MEDIUM PATCH This Month

Flask-AppBuilder is an application development framework, built on top of the Flask web framework. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Open Redirect Python Flask Appbuilder
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2022-24769 MEDIUM PATCH This Month

Moby is an open-source project created by Docker to enable and accelerate software containerization. Rated medium severity (CVSS 5.9), this vulnerability is no authentication required, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure Docker Moby Fedora Runc +1
NVD GitHub
CVSS 3.1
5.9
EPSS
0.5%
CVE-2022-24782 MEDIUM PATCH This Month

Discourse is an open source discussion platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Discourse
NVD GitHub
CVSS 3.1
4.3
EPSS
0.9%
CVE-2022-27820 MEDIUM This Month

OWASP Zed Attack Proxy (ZAP) through w2022-03-21 does not verify the TLS certificate chain of an HTTPS server. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Zed Attack Proxy
NVD GitHub
CVSS 3.1
4.0
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy