Skip to main content
CVE-2022-22392 HIGH This Week

IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE IBM File Upload Planning Analytics Workspace
NVD
CVSS 3.1
7.8
EPSS
1.9%
CVE-2022-24792 HIGH PATCH This Week

PJSIP is a free and open source multimedia communication library written in C. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Pjsip Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-28871 HIGH This Week

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd component used in certain F-Secure products while scanning larger packages/fuzzed files consume too much. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Atlant
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-29546 HIGH PATCH This Week

HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Htmlunit
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-26597 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Layout module's Open Graph integration in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Digital Experience Platform Liferay Portal
NVD VulDB
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-26596 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Journal module's web content display configuration page in Liferay Portal 7.1.0 through 7.3.3, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Digital Experience Platform Liferay Portal
NVD VulDB
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-24880 MEDIUM PATCH This Month

flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Python Flask Session Captcha
NVD GitHub
CVSS 3.1
5.3
EPSS
1.2%
CVE-2022-0477 MEDIUM This Month

An issue has been discovered in GitLab affecting all versions starting from 11.9 before 14.5.4, all versions starting from 14.6.0 before 14.6.4, all versions starting from 14.7.0 before 14.7.1. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Gitlab
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2022-29418 MEDIUM This Month

Authenticated (admin user role) Persistent Cross-Site Scripting (XSS) in Mark Daniels Night Mode plugin <= 1.0.0 on WordPress via vulnerable parameters: &ntmode_page_setting[enable-me],. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Night Mode
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-29417 MEDIUM This Month

Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adaptive Images plugin <= 3.3.1 at WordPress allows an attacker with a low user role like a subscriber or higher to change the plugin. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Shortpixel Adaptive Images
NVD
CVSS 3.1
4.3
EPSS
0.6%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy