Skip to main content
CVE-2022-1191 HIGH POC PATCH This Week

SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP SSRF Live Helper Chat
NVD GitHub
CVSS 3.1
8.1
EPSS
0.9%
CVE-2022-27052 HIGH POC This Week

FreeFtpd version 1.0.13 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Freeftpd
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-27050 HIGH POC This Week

BitComet Service for Windows before version 1.8.6 contains an unquoted service path vulnerability which allows attackers to escalate privileges to the system level. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Bitcomet
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-1176 HIGH POC PATCH This Week

Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Information Disclosure Live Helper Chat
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-25915 HIGH PATCH This Week

Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Wrc 1167Gst2 Firmware Wrc 1167Gst2A Firmware Wrc 1167Gst2H Firmware Wrc 2533Gs2 B Firmware +19
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-26019 HIGH PATCH This Week

Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Pfsense Pfsense Plus
NVD
CVSS 3.1
8.8
EPSS
4.2%
CVE-2022-24299 HIGH PATCH This Week

Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Pfsense Pfsense Plus
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2022-22986 HIGH This Week

Netcommunity OG410X and OG810X series (Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi firmware Ver.2.28 and earlier) allow an attacker on the adjacent network to execute an arbitrary OS command. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Og410Xa Firmware Og410Xi Firmware Og810Xa Firmware Og810Xi Firmware
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-28128 HIGH This Week

Untrusted search path vulnerability in AttacheCase ver.3.6.1.0 and earlier allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Attachecase
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-25348 HIGH This Week

Untrusted search path vulnerability in AttacheCase ver.4.0.2.7 and earlier allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Attachecase
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-24798 HIGH PATCH This Week

Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Internet Routing Registry Daemon
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2022-24758 HIGH PATCH This Week

The Jupyter notebook is a web-based notebook environment for interactive computing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Notebook
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy