Skip to main content
CVE-2022-0833 MEDIUM POC This Month

The Church Admin WordPress plugin before 3.4.135 does not have authorisation and CSRF in some of its action as well as requested files, allowing unauthenticated attackers to repeatedly request the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress Church Admin
NVD WPScan
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-0136 HIGH This Week

A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Gitlab
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2022-24789 HIGH PATCH This Week

C1 CMS is an open-source, .NET based Content Management System (CMS). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service SSRF C1 Cms
NVD GitHub
CVSS 3.1
7.6
EPSS
0.7%
CVE-2022-27658 HIGH This Week

Under certain conditions, SAP Innovation management - version 2.0, allows an attacker to access information which could lead to information gathering for further exploits and attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass SAP Innovation Management
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-0738 HIGH This Week

An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Gitlab Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-0123 MEDIUM This Month

An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Gitlab Information Disclosure
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2022-0283 MEDIUM This Month

An issue has been discovered affecting GitLab versions prior to 13.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Gitlab Open Redirect Atlassian
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-27950 MEDIUM PATCH This Month

In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hid_parse error condition. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-0488 MEDIUM This Month

An issue has been discovered in GitLab CE/EE affecting all versions starting with version 8.10. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Gitlab
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2022-0371 MEDIUM This Month

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 before 14.5.4, all versions starting from 14.6 before 14.6.4, all versions starting from 14.7 before 14.7.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Information Disclosure
NVD
CVSS 3.1
4.3
EPSS
0.9%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy