Skip to main content
CVE-2022-28651 MEDIUM This Month

In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intellij Idea
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-28650 MEDIUM This Month

In JetBrains YouTrack before 2022.1.43700 it was possible to inject JavaScript into Markdown in the YouTrack Classic UI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Youtrack
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-28649 MEDIUM This Month

In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue description. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Youtrack
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-28648 MEDIUM This Month

In JetBrains YouTrack before 2022.1.43563 HTML code from the issue description was being rendered. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Youtrack
NVD
CVSS 3.1
5.4
EPSS
1.3%
CVE-2022-25245 MEDIUM PATCH This Month

Zoho ManageEngine ServiceDesk Plus before 13001 allows anyone to know the organisation's default currency name. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Zoho Manageengine Servicedesk Plus
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2022-22355 MEDIUM PATCH This Month

IBM MQ Appliance 9.2 CD and 9.2 LTS are vulnerable to a denial of service in the Login component of the application which could allow an attacker to cause a drop in performance. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service IBM Mq Appliance
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2022-24523 MEDIUM This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
4.3
EPSS
1.3%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy