Skip to main content
CVE-2022-1908 HIGH POC PATCH This Week

Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Libmobi
NVD GitHub
CVSS 3.1
8.1
EPSS
0.7%
CVE-2022-1907 HIGH POC PATCH This Week

Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Libmobi
NVD GitHub
CVSS 3.1
8.1
EPSS
0.7%
CVE-2022-1897 HIGH POC PATCH This Week

Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Vim Fedora macOS +1
NVD GitHub
CVSS 3.1
7.8
EPSS
1.5%
CVE-2022-1898 HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 8.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free Vim Fedora +2
NVD GitHub
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-25878 HIGH POC PATCH This Week

The package protobufjs before 6.11.3 are vulnerable to Prototype Pollution which can allow an attacker to add/modify properties of the Object.prototype. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Protobufjs
NVD GitHub
CVSS 3.1
7.5
EPSS
2.1%
CVE-2022-1909 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository causefx/organizr prior to 2.1.2200. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Organizr
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-20797 CRITICAL Act Now

A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Code Injection Secure Network Analytics
NVD
CVSS 3.1
9.1
EPSS
1.5%
CVE-2022-30701 HIGH This Week

An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to craft a special configuration file to load an untrusted library. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Apex One
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-30700 HIGH This Week

An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Apex One
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-28394 HIGH This Week

EOL Product CVE - Installer of Trend Micro Password Manager (Consumer) versions 3.7.0.1223 and below provided by Trend Micro Incorporated contains an issue with the DLL search path, which may lead to. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Trend Micro Information Disclosure Password Manager
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-20806 HIGH This Week

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Telepresence Video Communication Server
NVD
CVSS 3.1
7.1
EPSS
0.9%
CVE-2022-30687 HIGH This Week

Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the product's secure erase feature to delete arbitrary. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Trend Micro Information Disclosure Maximum Security 2022
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2022-20807 MEDIUM This Month

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Telepresence Video Communication Server
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-20674 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Common Services Platform Collector
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-20673 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Common Services Platform Collector
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-20672 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Common Services Platform Collector
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-20671 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Common Services Platform Collector
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-20670 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Common Services Platform Collector
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-20669 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Common Services Platform Collector
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-20668 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Common Services Platform Collector
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-20667 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Common Services Platform Collector
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-20666 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Common Services Platform Collector
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-20802 MEDIUM This Month

A vulnerability in the web interface of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco XSS Enterprise Chat And Email
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-20765 MEDIUM This Month

A vulnerability in the web applications of Cisco UCS Director could allow an authenticated, remote attacker to conduct a cross-site scripting attack on an affected system. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Ucs Director
NVD
CVSS 3.1
4.8
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy