Skip to main content
CVE-2022-24735 HIGH POC PATCH This Week

Redis is an in-memory database that persists on disk. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Code Injection Redis Fedora Management Services For Element Software +2
NVD GitHub
CVSS 3.1
7.8
EPSS
2.2%
CVE-2022-28085 HIGH POC PATCH This Week

A flaw was found in htmldoc commit 31f7804. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption RCE Buffer Overflow Htmldoc
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-22521 HIGH POC PATCH This Week

In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated by attackers are unknowingly executed with users privileges. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Benchmark Programming Tool
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2022-22315 HIGH PATCH This Week

IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated user with special permissions to obtain elevated privileges due to improper handling of permissions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Urbancode Deploy
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-29505 HIGH This Week

Due to build misconfiguration in openssl dependency, LINE for Windows before 7.8 is vulnerable to DLL injection that could lead to privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft OpenSSL Line
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-27239 HIGH PATCH This Week

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Cifs Utils Debian Linux Caas Platform +16
NVD GitHub
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-22278 HIGH This Week

A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Tz300P Firmware Tz300W Firmware Tz350 Firmware Tz350W Firmware +45
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-22275 HIGH This Week

Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Sonicos
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-29701 HIGH PATCH This Week

A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Zammad
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-29700 HIGH PATCH This Week

A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of Service (DoS) during password verification. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Brute Force Zammad
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-27905 HIGH PATCH This Week

In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Controlup
NVD
CVSS 3.1
7.2
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy