Skip to main content
CVE-2022-30992 MEDIUM PATCH This Month

Open redirect via user-controlled query parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Open Redirect Microsoft Cyber Protect
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-30991 MEDIUM PATCH This Month

HTML injection via report name. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Code Injection Cyber Protect
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-25617 MEDIUM This Month

Reflected Cross-Site Scripting (XSS) vulnerability in Code Snippets plugin <= 2.14.3 at WordPress via &orderby vulnerable parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Code Snippets
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2022-22777 MEDIUM This Month

The Web Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Trading Community Management contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow an. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Businessconnect Trading Community Management
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-1110 MEDIUM PATCH This Month

A buffer overflow vulnerability in Lenovo Smart Standby Driver prior to version 4.1.50.0 could allow a local attacker to cause denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Denial Of Service Buffer Overflow Lenovo Smart Standby Driver
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-29230 MEDIUM PATCH This Month

Hydrogen is a React-based framework for building dynamic, Shopify-powered custom storefronts. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Hydrogen
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
CVE-2022-30596 MEDIUM PATCH This Month

A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Moodle Enterprise Linux Fedora
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2022-22776 MEDIUM This Month

The Web Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Trading Community Management contains easily exploitable vulnerabilities that allows a low privileged attacker with network. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Businessconnect Trading Community Management
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-30597 MEDIUM PATCH This Month

A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Moodle Enterprise Linux Fedora
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2022-25162 MEDIUM This Month

Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later and versions prior to 1.270,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Melsec Iq Fx5U 32Mt Es Firmware Melsec Iq Fx5U 32Mt Ds Firmware Melsec Iq Fx5U 32Mt Ess Firmware Melsec Iq Fx5U 32Mt Dss Firmware +69
NVD
CVSS 3.1
5.3
EPSS
2.6%
CVE-2022-28717 MEDIUM PATCH This Month

Cross-site scripting vulnerability in Rebooter(WATCH BOOT nino RPC-M2C [End of Sale] all firmware versions, WATCH BOOT light RPC-M5C [End of Sale] all firmware versions, WATCH BOOT L-zero RPC-M4L. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Watch Boot Nino Rpc M2C Firmware Watch Boot Light Rpc M5C Firmware Watch Boot L Zero Rpc M4L Firmware Watch Boot Mini Rpc M4H Firmware +11
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-30598 MEDIUM PATCH This Month

A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Moodle Enterprise Linux Fedora
NVD
CVSS 3.1
4.3
EPSS
1.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy