Skip to main content
CVE-2021-41715 HIGH POC This Week

libsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither.c:379. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Denial Of Service Libsixel
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2021-40656 HIGH POC This Week

libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Libsixel
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-27044 HIGH POC This Week

libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Libsixel
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-27046 HIGH POC This Week

libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Memory Corruption Use After Free Libsixel
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-26180 HIGH POC This Week

qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Qdpm
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
3.8%
CVE-2022-28000 HIGH POC This Week

Car Rental System v1.0 was discovered to contain a SQL injection vulnerability at /Car_Rental/booking.php via the id parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Car Rental System
NVD GitHub
CVSS 3.1
8.8
EPSS
1.5%
CVE-2022-27992 HIGH POC This Week

Zoo Management System v1.0 was discovered to contain a SQL injection vulnerability at /public_html/animals via the class_id parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Zoo Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
1.5%
CVE-2022-27352 HIGH POC This Week

Simple House Rental System v1 was discovered to contain an arbitrary file upload vulnerability via /app/register.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE File Upload Simple House Rental System
NVD GitHub
CVSS 3.1
8.8
EPSS
2.5%
CVE-2022-27346 HIGH POC This Week

Ecommece-Website v1.1.0 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?slides. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE File Upload Ecommerce Website
NVD GitHub
CVSS 3.1
8.8
EPSS
2.5%
CVE-2022-27064 HIGH POC This Week

Musical World v1 was discovered to contain an arbitrary file upload vulnerability via uploaded_songs.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE File Upload Musical World
NVD GitHub
CVSS 3.1
8.8
EPSS
2.5%
CVE-2022-24821 HIGH POC PATCH This Week

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Xwiki
NVD GitHub
CVSS 3.1
8.1
EPSS
0.8%
CVE-2022-28002 HIGH POC This Week

Movie Seat Reservation v1 was discovered to contain an unauthenticated file disclosure vulnerability via /index.php?page=home. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure Movie Seat Reservation
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2022-1219 HIGH POC PATCH This Week

SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore prior to 10.3.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP SQLi Pimcore
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2022-27349 HIGH POC This Week

Social Codia SMS v1 was discovered to contain an arbitrary file upload vulnerability via addteacher.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE File Upload Social Codia Sms
NVD GitHub
CVSS 3.1
7.2
EPSS
2.4%
CVE-2022-27061 HIGH POC This Week

AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the Post Image function under the Admin panel. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE File Upload Aerocms
NVD GitHub
CVSS 3.1
7.2
EPSS
2.5%
CVE-2022-24428 HIGH This Week

Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-22339 HIGH PATCH This Week

IBM Planning Analytics 2.0 is vulnerable to server-side request forgery (SSRF). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SSRF IBM Planning Analytics
NVD
CVSS 3.1
7.3
EPSS
0.6%
CVE-2022-28796 HIGH PATCH This Week

jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. Rated high severity (CVSS 7.0).

Race Condition Linux Information Disclosure Linux Kernel Enterprise Linux +13
NVD GitHub
CVSS 3.1
7.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy