Skip to main content
CVE-2022-24488 HIGH This Week

Windows Desktop Bridge Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2016 +1
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-24486 HIGH This Week

Windows Kerberos Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2016 +2
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-24481 HIGH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
17.1%
CVE-2022-24479 HIGH This Week

Connected User Experiences and Telemetry Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Windows 10 Windows 11 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-24474 HIGH This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
6.7%
CVE-2022-22009 HIGH This Week

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8). No vendor patch available.

RCE Microsoft Windows 10 Windows 11 Windows Server 2016 +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-22008 HIGH This Week

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8). No vendor patch available.

Race Condition RCE Microsoft Windows 10 Windows 11 +5
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-20716 HIGH This Week

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Catalyst Sd Wan Manager Sd Wan Solution Sd Wan Vbond Orchestrator +4
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-20681 HIGH This Week

A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Information Disclosure Ios Xe
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-27188 HIGH This Week

OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection B M9000 Vp Centum Vp
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-20679 HIGH This Week

A vulnerability in the IPSec decryption routine of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Apple Ios Xe
NVD
CVSS 3.1
7.7
EPSS
1.3%
CVE-2022-26924 HIGH PATCH This Week

YARP Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Yet Another Reverse Proxy
NVD
CVSS 3.1
7.5
EPSS
3.2%
CVE-2022-26915 HIGH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
3.2%
CVE-2022-26832 HIGH PATCH This Week

.NET Framework Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Framework
NVD
CVSS 3.1
7.5
EPSS
3.3%
CVE-2022-26831 HIGH This Week

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
3.0%
CVE-2022-26830 HIGH This Week

DiskUsage.exe Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Windows 11 Windows Server 2022
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-24534 HIGH This Week

Win32 Stream Enumeration Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Windows 10 Windows 11 Windows 7 Windows 8 1 +6
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-24485 HIGH This Week

Win32 File Enumeration Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Windows 10 Windows 11 Windows 7 Windows 8 1 +6
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-21983 HIGH This Week

Win32 Stream Enumeration Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Windows 10 Windows 11 Windows 7 Windows 8 1 +6
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2022-27257 HIGH PATCH This Week

A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP Information Disclosure Hubzilla
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-20726 HIGH This Week

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Cisco XSS Path Traversal Cgr1000 Compute Module +2
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-20678 HIGH This Week

A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Apple Ios Xe
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-20622 HIGH This Week

A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Aironet Access Point Software
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-26498 HIGH PATCH This Week

An issue was discovered in Asterisk through 19.x. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Asterisk Debian Linux
NVD
CVSS 3.1
7.5
EPSS
16.4%
CVE-2022-27048 HIGH This Week

A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Mgate Mb3170I Firmware Mgate Mb3170I T Firmware Mgate Mb3170 M St Firmware Mgate Mb3170 M Sc T Firmware +16
NVD
CVSS 3.1
7.4
EPSS
0.8%
CVE-2022-26921 HIGH This Week

Visual Studio Code Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Visual Studio Code
NVD
CVSS 3.1
7.3
EPSS
0.6%
CVE-2022-20739 HIGH This Week

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
7.3
EPSS
0.6%
CVE-2022-27421 HIGH PATCH This Week

Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to escalate privileges to Platform Admin. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Chamilo Lms
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-26898 HIGH This Week

Azure Site Recovery Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Azure Site Recovery
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2022-26825 HIGH This Week

Windows DNS Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Windows Server 2016 Windows Server 2019 Windows Server 2022
NVD
CVSS 3.1
7.2
EPSS
3.4%
CVE-2022-26824 HIGH This Week

Windows DNS Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Windows Server 2016 Windows Server 2019 Windows Server 2022
NVD
CVSS 3.1
7.2
EPSS
3.4%
CVE-2022-26823 HIGH This Week

Windows DNS Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Windows Server 2016 Windows Server 2019 Windows Server 2022
NVD
CVSS 3.1
7.2
EPSS
3.4%
CVE-2022-26815 HIGH This Week

Windows DNS Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +2
NVD
CVSS 3.1
7.2
EPSS
3.7%
CVE-2022-26813 HIGH This Week

Windows DNS Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +2
NVD
CVSS 3.1
7.2
EPSS
3.7%
CVE-2022-26812 HIGH This Week

Windows DNS Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +2
NVD
CVSS 3.1
7.2
EPSS
3.7%
CVE-2022-26811 HIGH This Week

Windows DNS Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Windows Server 2016 Windows Server 2019 Windows Server 2022
NVD
CVSS 3.1
7.2
EPSS
3.4%
CVE-2022-24536 HIGH This Week

Windows DNS Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +2
NVD
CVSS 3.1
7.2
EPSS
3.7%
CVE-2022-20720 HIGH This Week

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco XSS Path Traversal Ios Xe
NVD GitHub
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-20693 HIGH This Week

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Code Injection Apple Ios Xe
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2022-26828 HIGH This Week

Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows Server 2016 +2
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-26827 HIGH This Week

Windows File Server Resource Management Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +8
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-26808 HIGH This Week

Windows File Explorer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +6
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-26807 HIGH This Week

Windows Work Folder Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +8
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-24540 HIGH This Week

Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +8
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-24495 HIGH This Week

Windows Direct Show Remote Code Execution Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

RCE Microsoft Windows 10 Windows 11 Windows Server 2016 +2
NVD
CVSS 3.1
7.0
EPSS
1.3%
CVE-2022-24482 HIGH This Week

Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +3
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-20758 MEDIUM This Month

A vulnerability in the implementation of the Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Cisco Apple Ios Xr
NVD
CVSS 3.1
6.8
EPSS
1.2%
CVE-2022-20731 MEDIUM This Month

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Catalyst Digital Building Series Switches Firmware Ios Rommon
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2022-20694 MEDIUM This Month

A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Border Gateway. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Cisco Apple Ios Xe
NVD
CVSS 3.1
6.8
EPSS
1.1%
CVE-2022-20727 MEDIUM This Month

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Cisco XSS Path Traversal Cgr1000 Compute Module +4
NVD
CVSS 3.1
6.7
EPSS
1.0%
Prev Page 3 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy