Skip to main content
CVE-2022-20120 CRITICAL Act Now

Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-23676 CRITICAL Act Now

A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions;. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Aruba 5406R Firmware +10
NVD
CVSS 3.1
9.8
EPSS
21.9%
CVE-2022-0947 CRITICAL Act Now

A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the vulnerability by remotely connecting to the serial port gateway, and/or protocol converter, depending. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Abb Information Disclosure Arg600A1220Na Firmware Arg600A1230Na Firmware Arg600A1240Na Firmware +21
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-29591 CRITICAL Act Now

Tenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Tenda Buffer Overflow Tx9 Pro Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-28110 CRITICAL Act Now

Hotel Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at the login page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Hotel Management System
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-1649 MEDIUM POC PATCH This Month

Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Null Pointer Dereference Radare2
NVD GitHub
CVSS 3.1
5.5
EPSS
0.7%
CVE-2022-22774 CRITICAL Act Now

The DOM XML parser and SAX XML parser components of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Internet. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Managed File Transfer Command Center Managed File Transfer Internet Server
NVD
CVSS 3.1
9.1
EPSS
0.9%
CVE-2022-24042 CRITICAL Act Now

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Desigo Pxc5 Firmware Desigo Pxc4 Firmware Desigo Pxc3 Firmware Desigo Dxr2 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.9%
CVE-2022-24039 CRITICAL Act Now

A vulnerability has been identified in Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Desigo Pxc5 Firmware Desigo Pxc4 Firmware
NVD
CVSS 3.1
9.0
EPSS
1.9%
CVE-2022-29141 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Windows 10 Windows 11 Windows 7 +8
NVD
CVSS 3.1
8.8
EPSS
2.6%
CVE-2022-29139 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 11 Windows 7 +8
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2022-29137 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Windows 10 Windows 11 Windows 7 +8
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2022-29133 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 11
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-29131 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Windows 10 Windows 11 Windows 7 +8
NVD
CVSS 3.1
8.8
EPSS
2.7%
CVE-2022-29129 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Windows 10 Windows 11 Windows 7 +8
NVD
CVSS 3.1
8.8
EPSS
2.7%
CVE-2022-29128 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Windows 10 Windows 11 Windows 7 +8
NVD
CVSS 3.1
8.8
EPSS
2.7%
CVE-2022-29108 HIGH PATCH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Sharepoint Enterprise Server Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
8.8
EPSS
11.6%
CVE-2022-26927 HIGH PATCH This Week

Windows Graphics Component Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 11 Windows Server +1
NVD
CVSS 3.1
8.8
EPSS
4.5%
CVE-2022-22019 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Windows 10 Windows 11 Windows 7 Windows 8 1 +6
NVD
CVSS 3.1
8.8
EPSS
2.5%
CVE-2022-22017 HIGH PATCH This Week

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Remote Desktop Client Windows 11 Windows Server 2022
NVD
CVSS 3.1
8.8
EPSS
37.1%
CVE-2022-22014 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Windows 10 Windows 11 Windows 7 +6
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2022-22013 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Windows 10 Windows 11 Windows 7 +6
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2022-29145 HIGH PATCH This Week

.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Net Net Core Visual Studio 2019 Visual Studio 2022 +1
NVD VulDB
CVSS 3.1
7.5
EPSS
4.8%
CVE-2022-1209 MEDIUM POC This Month

The Ultimate Member plugin for WordPress is vulnerable to arbitrary redirects due to insufficient validation on supplied URLs in the social fields of the Profile Page, which makes it possible for. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Open Redirect Ultimate Member
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-29109 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Office Long Term Servicing Channel +1
NVD VulDB
CVSS 3.1
7.8
EPSS
2.4%
CVE-2022-26926 HIGH PATCH This Week

Windows Address Book Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass RCE Microsoft Windows 10 Windows 11 +8
NVD VulDB
CVSS 3.1
7.8
EPSS
2.0%
CVE-2022-26932 HIGH PATCH This Week

Storage Spaces Direct Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Windows Server Windows Server 2016 Windows Server 2019 Windows Server 2022
NVD
CVSS 3.1
8.2
EPSS
0.7%
CVE-2022-21978 HIGH PATCH This Week

Microsoft Exchange Server Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Microsoft Information Disclosure Exchange Server
NVD
CVSS 3.1
8.2
EPSS
0.8%
CVE-2022-23270 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 Windows 11 Windows 7 +6
NVD
CVSS 3.1
8.1
EPSS
73.1%
CVE-2022-21972 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 Windows 11 Windows 7 +8
NVD
CVSS 3.1
8.1
EPSS
80.9%
CVE-2022-23677 HIGH This Week

A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions;. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Memory Corruption RCE Buffer Overflow Aruba 5406R Firmware +10
NVD
CVSS 3.1
8.1
EPSS
19.5%
CVE-2022-29117 HIGH PATCH This Week

.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Net Net Core Visual Studio 2019 Visual Studio 2022 +1
NVD VulDB
CVSS 3.1
7.5
EPSS
2.2%
CVE-2022-29148 HIGH PATCH This Week

Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Visual Studio 2017
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2022-29132 HIGH PATCH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +8
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-29115 HIGH PATCH This Week

Windows Fax Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2022-29113 HIGH PATCH This Week

Windows Digital Media Receiver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8).

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +2
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-29110 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Excel Office Web Apps Server
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2022-29105 HIGH PATCH This Week

Microsoft Windows Media Foundation Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2022-29104 HIGH PATCH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
12.1%
CVE-2022-29103 HIGH PATCH This Week

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-20116 HIGH PATCH This Week

In onEntryUpdated of OngoingCallController.kt, it is possible to launch non-exported activities due to intent redirection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20114 HIGH PATCH This Week

In placeCall of TelecomManager.java, there is a possible way for an application to keep itself running with foreground service importance due to a permissions bypass. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20113 HIGH PATCH This Week

In mPreference of DefaultUsbConfigurationPreferenceController.java, there is a possible way to enable file transfer mode due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-20005 HIGH PATCH This Week

In validateApkInstallLocked of PackageInstallerSession.java, there is a way to force a mismatch between running code and a parsed APK . Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-20004 HIGH PATCH This Week

In checkSlicePermission of SliceManagerService.java, it is possible to access any slice URI due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Google Authentication Bypass Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-22454 HIGH PATCH This Week

IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

IBM Command Injection Infosphere Information Server On Cloud
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-26931 HIGH PATCH This Week

Windows Kerberos Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2022-23267 HIGH PATCH This Week

.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Net Core Powershell Visual Studio 2019 +2
NVD
CVSS 3.1
7.5
EPSS
5.0%
CVE-2022-26913 HIGH PATCH This Week

Windows Authentication Information Disclosure Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server +2
NVD
CVSS 3.1
7.4
EPSS
2.3%
CVE-2022-27167 HIGH This Week

Privilege escalation vulnerability in Windows products of ESET, spol. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

IBM Privilege Escalation Microsoft Eset Endpoint Antivirus +8
NVD
CVSS 3.1
7.1
EPSS
0.2%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy