Skip to main content
CVE-2022-31265 HIGH POC This Week

The replay feature in the client in Wargaming World of Warships 0.11.4 allows remote attackers to execute code when a user launches a replay from an untrusted source. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure World Of Warships
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2022-29685 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/User/level_sort. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-29669 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/lists/zhuan. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-29667 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-29664 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/pl_save. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-22576 HIGH POC This Week

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Bootstrap
NVD VulDB
CVSS 3.1
8.1
EPSS
0.3%
CVE-2022-29637 HIGH POC This Week

An arbitrary file upload vulnerability in Mindoc v2.1-beta.5 allows attackers to execute arbitrary commands via a crafted Zip file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Mindoc
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-1886 HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
1.3%
CVE-2022-30475 HIGH POC This Week

Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/WifiExtraSet request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Memory Corruption Buffer Overflow Ac18 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-30473 HIGH POC This Week

Tenda AC Series Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function form_fast_setting_wifi_set. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Memory Corruption Buffer Overflow Ac18 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-29721 HIGH POC This Week

74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi 74Cmsse
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-29720 HIGH POC This Week

74cmsSE v3.5.1 was discovered to contain an arbitrary file read vulnerability via the component \index\controller\Download.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure 74Cmsse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-29689 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/del. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-29688 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/hy. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-29687 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/level_del. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-29686 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/lists/zhuan. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-29684 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/js_del. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-29683 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/page_del. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-29682 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/vod/admin/topic/del. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-29681 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Links/del. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-29680 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/zu_del. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-29676 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-29670 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/del. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-29666 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-29665 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/topic/save. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.8%
CVE-2022-29663 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/hy. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-29662 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/news/save. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.8%
CVE-2022-29661 HIGH POC This Week

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/save. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cscms Music Portal System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-30584 HIGH This Week

Archer Platform 6.3 before 6.11 (6.11.0.0) contains an Improper Access Control Vulnerability within SSO ADFS functionality that could potentially be exploited by malicious users to compromise the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Archer
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-26748 HIGH This Week

An out-of-bounds write issue was addressed with improved input validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Mac Os X +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2022-1261 HIGH This Week

Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a condition where a low privileged user allowed to connect to the OPC server to use the functions of the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Honeywell Matrikon Opc Server
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-26857 HIGH This Week

Dell OpenManage Enterprise Versions 3.8.3 and prior contain an improper authorization vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Openmanage Enterprise
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-26774 HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Itunes
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-26772 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-26771 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +3
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-26770 HIGH This Week

An out-of-bounds read issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple Information Disclosure Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-26769 HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26768 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2022-26763 HIGH This Week

An out-of-bounds access issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple Ipados Iphone Os +4
NVD
CVSS 3.1
7.8
EPSS
3.5%
CVE-2022-26761 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-26757 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Use After Free Denial Of Service +6
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2022-26756 HIGH This Week

An out-of-bounds write issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26754 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26753 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26752 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26751 HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Microsoft Buffer Overflow Apple +5
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2022-26750 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26749 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26747 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xcode
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-26744 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +1
NVD
CVSS 3.1
7.8
EPSS
1.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy