Skip to main content
CVE-2022-31267 CRITICAL POC PATCH THREAT Act Now

Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext 'attacker@example.com\n\trole =. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Gitblit
NVD GitHub
CVSS 3.1
9.8
EPSS
17.7%
CVE-2022-31259 CRITICAL POC PATCH THREAT Act Now

The route lookup process in beego before 1.12.9 and 2.x before 2.0.3 allows attackers to bypass access control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Beego
NVD GitHub
CVSS 3.1
9.8
EPSS
21.6%
CVE-2022-1752 HIGH POC PATCH This Week

Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

File Upload Trudesk
NVD GitHub
CVSS 3.1
8.0
EPSS
2.2%
CVE-2022-1809 HIGH POC PATCH This Week

Access of Uninitialized Pointer in GitHub repository radareorg/radare2 prior to 5.7.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Information Disclosure Radare2
NVD GitHub
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-29216 HIGH POC PATCH This Week

TensorFlow is an open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

RCE Code Injection Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-31268 HIGH POC This Week

A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Gitblit
NVD GitHub
CVSS 3.1
7.5
EPSS
9.6%
CVE-2022-31264 HIGH POC PATCH This Week

Solana solana_rbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Rbpf
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-29213 MEDIUM POC PATCH This Month

TensorFlow is an open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-29212 MEDIUM POC PATCH This Month

TensorFlow is an open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-29211 MEDIUM POC PATCH This Month

TensorFlow is an open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-29209 MEDIUM POC PATCH This Month

TensorFlow is an open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-29222 HIGH PATCH This Week

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Dtls
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-29215 HIGH PATCH This Week

RegionProtect is a plugin that allows users to manage certain events in certain regions of the world. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Regionprotect
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-29190 HIGH PATCH This Week

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Dtls
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-29188 MEDIUM PATCH This Month

Smokescreen is an HTTP proxy. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Smokescreen
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-29214 MEDIUM PATCH This Month

NextAuth.js (next-auth) is am open source authentication solution for Next.js applications. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Next Auth
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-29210 MEDIUM PATCH This Month

TensorFlow is an open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-29189 MEDIUM PATCH This Month

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Dtls
NVD GitHub
CVSS 3.1
5.3
EPSS
1.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy