Skip to main content
CVE-2022-22149 HIGH POC THREAT This Week

A SQL injection vulnerability exists in the HelpdeskEmailActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Lansweeper
NVD
CVSS 3.1
8.8
EPSS
72.6%
CVE-2022-21234 HIGH POC THREAT This Week

An SQL injection vulnerability exists in the EchoAssets.aspx functionality of Lansweeper lansweeper 9.1.20.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Lansweeper
NVD
CVSS 3.1
8.8
EPSS
72.6%
CVE-2022-21210 HIGH POC THREAT This Week

An SQL injection vulnerability exists in the AssetActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Lansweeper
NVD
CVSS 3.1
8.8
EPSS
71.2%
CVE-2022-21154 HIGH POC This Week

An integer overflow vulnerability exists in the fltSaveCMP functionality of Leadtools 22. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Leadtools
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-22188 HIGH POC This Week

An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Juniper Buffer Overflow Heap Overflow Junos
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-27008 HIGH POC PATCH This Week

nginx njs 0.7.2 is vulnerable to Buffer Overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Nginx Buffer Overflow Njs
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2022-27457 HIGH POC This Week

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure MariaDB
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2022-27456 HIGH POC This Week

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component VDec::VDec at /sql/sql_type.cc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure MariaDB Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2022-27455 HIGH POC This Week

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure MariaDB
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-27452 HIGH POC This Week

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.cc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure MariaDB Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2022-27451 HIGH POC This Week

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/field_conv.cc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure MariaDB
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2022-27449 HIGH POC This Week

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_func.cc:148. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure MariaDB Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2022-27448 HIGH POC This Week

There is an Assertion failure in MariaDB Server v10.9 and below via 'node->pcur->rel_pos == BTR_PCUR_ON' at /row/row0mysql.cc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service MariaDB Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2022-27447 HIGH POC This Week

MariaDB Server v10.9 and below was discovered to contain a use-after-free via the component Binary_string::free_buffer() at /sql/sql_string.h. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure MariaDB Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2022-27446 HIGH POC This Week

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.h. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure MariaDB
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-27445 HIGH POC This Week

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/sql_window.cc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure MariaDB Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2022-27444 HIGH POC This Week

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_subselect.cc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure MariaDB
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-25165 HIGH POC This Week

An issue was discovered in Amazon AWS VPN Client 2.0.0. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Denial Of Service Aws Client Vpn
NVD GitHub
CVSS 3.1
7.0
EPSS
0.5%
CVE-2022-24854 HIGH This Week

Metabase is an open source business intelligence and analytics application. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Metabase
NVD GitHub
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-1304 HIGH This Week

An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure E2Fsprogs Enterprise Linux +1
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-22189 HIGH This Week

An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration (CSO) allows a locally authenticated user to have their permissions elevated without authentication. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Juniper Information Disclosure Contrail Service Orchestration
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-22187 HIGH This Week

An Improper Privilege Management vulnerability in the Windows Installer framework used in the Juniper Networks Juniper Identity Management Service (JIMS) allows an unprivileged user to trigger a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Juniper Microsoft Identity Management Service
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-1256 HIGH This Week

A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Agent
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-1350 HIGH This Week

A vulnerability classified as problematic was found in GhostPCL 9.55.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ghostpcl
NVD VulDB
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-22198 HIGH This Week

An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Juniper Junos
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-22197 HIGH This Week

An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos Os Evolved Junos
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-22195 HIGH This Week

An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos Os Evolved
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-22194 HIGH This Week

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packetIO daemon of Juniper Networks Junos OS Evolved on PTX10003, PTX10004, and PTX10008 allows an unauthenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos Os Evolved
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-22190 HIGH This Week

An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control Center allows an unauthenticated attacker to leverage a crafted URL to generate PDF reports,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Juniper Paragon Active Assurance Control Center
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-22185 HIGH This Week

A vulnerability in Juniper Networks Junos OS on SRX Series, allows a network-based unauthenticated attacker to cause a Denial of Service (DoS) by sending a specific fragmented packet to the device,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-22183 HIGH This Week

An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos Os Evolved
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-1279 HIGH PATCH This Week

A vulnerability in the encryption implementation of EBICS messages in the open source librairy ebics-java/ebics-java-client allows an attacker sniffing network traffic to decrypt EBICS payloads. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Information Disclosure Ebics Java
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-24846 HIGH This Week

GeoWebCache is a tile caching server implemented in Java. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization RCE Geowebcache
NVD GitHub
CVSS 3.1
7.2
EPSS
1.2%
CVE-2022-22966 HIGH PATCH This Week

An authenticated, high privileged malicious actor with network access to the VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

VMware RCE Vcloud Director
NVD
CVSS 3.1
7.2
EPSS
6.4%
CVE-2022-1258 HIGH This Week

A blind SQL injection vulnerability in the ePolicy Orchestrator (ePO) extension of MA prior to 5.7.6 can be exploited by an authenticated administrator on ePO to perform arbitrary SQL queries in the. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Agent
NVD
CVSS 3.1
7.2
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy