Skip to main content
CVE-2022-1947 MEDIUM POC PATCH This Month

Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Trudesk
NVD GitHub
CVSS 3.1
6.5
EPSS
1.2%
CVE-2022-31015 MEDIUM POC PATCH This Month

Waitress is a Web Server Gateway Interface server for Python 2 and 3. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Python Information Disclosure Waitress
NVD GitHub
CVSS 3.1
5.9
EPSS
1.3%
CVE-2022-29245 MEDIUM POC PATCH This Month

SSH.NET is a Secure Shell (SSH) library for .NET. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Microsoft Information Disclosure Ssh Net
NVD GitHub
CVSS 3.1
5.9
EPSS
1.4%
CVE-2022-1893 MEDIUM POC PATCH This Month

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Trudesk
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2022-1926 MEDIUM POC PATCH This Month

Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Trudesk
NVD GitHub
CVSS 3.1
4.9
EPSS
0.9%
CVE-2022-29220 MEDIUM PATCH This Month

github-action-merge-dependabot is an action that automatically approves and merges dependabot pull requests (PRs). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Github Action Merge Dependabot
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-22361 MEDIUM PATCH This Month

IBM Business Automation Workflow traditional 21.0.1 through 21.0.3, 20.0.0.1 through 20.0.0.2, 19.0.0.1 through 19.0.0.3, 18.0.0.0 through 18.0.0.1, IBM Business Automation Workflow containers. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

IBM CSRF Business Automation Workflow Business Process Manager
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-29258 MEDIUM PATCH This Month

XWiki Platform Filter UI provides a generic user interface to convert from a XWiki Filter input stream to an output stream with settings for each stream. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Xwiki
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2022-30973 MEDIUM PATCH This Month

We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the 1.28.2 release. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apache Tika
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2022-29243 MEDIUM PATCH This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
4.3
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy