Skip to main content
CVE-2022-24817 CRITICAL PATCH Act Now

Flux2 is an open and extensible continuous delivery solution for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Privilege Escalation Kubernetes RCE Code Injection Flux2 +2
NVD GitHub
CVSS 3.1
9.9
EPSS
1.0%
CVE-2022-29423 CRITICAL Act Now

Pro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation WordPress Countdown Builder
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-28163 CRITICAL Act Now

In Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated with Zone management are susceptible to SQL injection, allowing an attacker to run arbitrary SQL commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Sannav
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-28005 CRITICAL Act Now

An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Path Traversal 3Cx
NVD
CVSS 3.1
9.8
EPSS
6.1%
CVE-2022-29161 CRITICAL PATCH Act Now

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Xwiki
NVD GitHub
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-1053 CRITICAL PATCH Act Now

Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Keylime Fedora
NVD GitHub
CVSS 3.1
9.1
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy