Skip to main content
CVE-2022-30451 HIGH POC This Week

An authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version 9.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Waimairencms
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2022-30060 HIGH POC This Week

ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Ftcms
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2022-30040 HIGH POC This Week

Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Memory Corruption Denial Of Service Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.9%
CVE-2022-29847 HIGH POC THREAT This Week

In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Whatsup Gold
NVD GitHub
CVSS 3.1
7.5
EPSS
55.9%
CVE-2022-29932 HIGH POC This Week

The HTTP Server in PRIMEUR SPAZIO 2.5.1.954 (File Transfer) allows an unauthenticated attacker to obtain sensitive data (related to the content of transferred files) via a crafted HTTP request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Spazio
NVD GitHub
CVSS 3.1
7.5
EPSS
2.6%
CVE-2020-19228 HIGH POC This Week

An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers to upload arbitrary files. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Bludit
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
1.2%
CVE-2022-30452 HIGH POC This Week

ShopWind <= v3.4.2 has a Sql injection vulnerability in Database.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Shopwind
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-29655 HIGH POC This Week

An arbitrary file upload vulnerability in the Upload Photos module of Wedding Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE File Upload Wedding Management System
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2022-29318 HIGH POC This Week

An arbitrary file upload vulnerability in the New Entry module of Car Rental Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE File Upload Car Rental Management System
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2022-29611 HIGH This Week

SAP NetWeaver Application Server for ABAP and ABAP Platform do not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP Netweaver Application Server Abap
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-26116 HIGH This Week

Multiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerability [CWE-89] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Fortinac
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-28838 HIGH This Week

Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2022-28243 HIGH This Week

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Buffer Overflow Information Disclosure Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
7.8
EPSS
11.0%
CVE-2022-28242 HIGH This Week

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2022-28241 HIGH This Week

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Buffer Overflow Information Disclosure Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2022-28240 HIGH This Week

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
12.5%
CVE-2022-28239 HIGH This Week

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Buffer Overflow Information Disclosure Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2022-28238 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
11.9%
CVE-2022-28237 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-28236 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Memory Corruption RCE Buffer Overflow Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
11.6%
CVE-2022-28235 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-28234 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a heap-based buffer overflow vulnerability due to insecure handling of. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Buffer Overflow Heap Overflow Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
4.9%
CVE-2022-28233 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.5%
CVE-2022-28232 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the collab object. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.5%
CVE-2022-28231 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by an out-of-bounds read vulnerability when processing a doc object, which. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Buffer Overflow Information Disclosure Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.0
7.8
EPSS
3.3%
CVE-2022-28230 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.5%
CVE-2022-27802 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-27801 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-27800 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-27799 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
17.2%
CVE-2022-27798 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Memory Corruption RCE Buffer Overflow Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
2.9%
CVE-2022-27797 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-27796 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.5%
CVE-2022-27795 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-27794 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by the use of a variable that has not been initialized when processing of. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Adobe Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
7.8
EPSS
14.3%
CVE-2022-27793 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Memory Corruption RCE Buffer Overflow Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
9.8%
CVE-2022-27792 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Memory Corruption RCE Buffer Overflow Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
9.8%
CVE-2022-27791 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a stack-based buffer overflow vulnerability due to insecure processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Adobe Stack Overflow Buffer Overflow Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
17.8%
CVE-2022-27790 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
11.9%
CVE-2022-27789 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.6%
CVE-2022-27788 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Memory Corruption RCE Buffer Overflow Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
2.9%
CVE-2022-27787 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Memory Corruption RCE Buffer Overflow Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
10.3%
CVE-2022-27786 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.1%
CVE-2022-27785 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.5%
CVE-2022-24104 HIGH This Week

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
11.1%
CVE-2022-24103 HIGH This Week

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.4%
CVE-2022-24102 HIGH This Week

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
12.6%
CVE-2022-23743 HIGH This Week

Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Checkpoint Zonealarm
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-28214 HIGH This Week

During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) - versions 420, 430, authentication credentials are being exposed in Sysmon event logs. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Information Disclosure Businessobjects Businessobjects Business Intelligence
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-30557 HIGH PATCH This Week

Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash because of Unsigned32 mishandling during JavaScript execution. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Denial Of Service Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.5
EPSS
4.2%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy