Skip to main content
CVE-2022-24865 MEDIUM POC PATCH This Month

HumHub is an Open Source Enterprise Social Network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Humhub
NVD GitHub
CVSS 3.1
6.5
EPSS
1.2%
CVE-2022-25344 MEDIUM POC This Month

An XSS issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS D Color Mf3555 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2022-29531 MEDIUM POC PATCH This Month

An issue was discovered in MISP before 2.4.158. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Misp
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.8%
CVE-2022-29530 MEDIUM POC PATCH This Month

An issue was discovered in MISP before 2.4.158. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Misp
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.8%
CVE-2022-29529 MEDIUM POC PATCH This Month

An issue was discovered in MISP before 2.4.158. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Misp
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.8%
CVE-2022-29537 MEDIUM POC This Month

gp_rtp_builder_do_hevc in ietf/rtp_pck_mpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.6%
CVE-2022-29532 MEDIUM POC PATCH This Month

An issue was discovered in MISP before 2.4.158. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Misp
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.8%
CVE-2022-27179 MEDIUM This Month

A malicious actor having access to the exported configuration file may obtain the stored credentials and thereby gain access to the protected resource. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Da50N Firmware
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-29533 MEDIUM PATCH This Month

An issue was discovered in MISP before 2.4.158. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Misp
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.8%
CVE-2022-24799 MEDIUM PATCH This Month

wire-webapp is the web application interface for the wire messaging service. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

RCE XSS Docker Wire Webapp
NVD GitHub
CVSS 3.1
6.1
EPSS
1.0%
CVE-2022-1254 MEDIUM This Month

A URL redirection vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.9, 9.x prior to 9.2.20, 8.x prior to 8.2.27, and 7.x prior to 7.8.2.31, and controlled release 11.x prior to 11.1.3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Web Gateway
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2022-24871 MEDIUM PATCH This Month

Shopware is an open commerce platform based on Symfony Framework and Vue. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Shopware
NVD GitHub
CVSS 3.1
5.5
EPSS
1.0%
CVE-2022-26519 MEDIUM This Month

There is no limit to the number of attempts to authenticate for the local configuration pages for the Hills ComNav Version 3002-19 interface, which allows local attackers to brute-force credentials. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Hills Comnav Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-1318 MEDIUM This Month

Hills ComNav version 3002-19 suffers from a weak communication channel. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Hills Comnav Firmware
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-24864 MEDIUM PATCH This Month

Origin Protocol is a blockchain based project. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Origin Website
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy