Skip to main content
CVE-2022-30190 HIGH POC KEV PATCH THREAT Act Now

Windows MSDT (Microsoft Support Diagnostic Tool) allows remote code execution when called via the ms-msdt URL protocol from Office documents, known as 'Follina', exploited as a zero-day from April 2022 in targeted attacks.

NVD
CVSS 3.1
7.8
EPSS
93.5%
Threat
9.4
CVE-2022-1285 MEDIUM POC PATCH This Month

Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SSRF Gogs
NVD GitHub
CVSS 3.1
6.5
EPSS
1.2%
CVE-2022-29875 CRITICAL Act Now

A vulnerability has been identified in Biograph Horizon PET/CT Systems (All VJ30 versions < VJ30C-UD01), MAGNETOM Family (NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A), MAMMOMAT Revelation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Biograph Horizon Pet Ct Systems Firmware Magnetom Numaris X Firmware Mammomat Revelation Firmware Naeotom Alpha Firmware +14
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2022-24848 HIGH PATCH This Week

DHIS2 is an information system for data capture, management, validation, analytics and visualization. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Dhis 2
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2022-30128 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Race Condition Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.8%
CVE-2022-30127 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Race Condition Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.8%
CVE-2022-31000 MEDIUM POC PATCH This Month

solidus_backend is the admin interface for the Solidus e-commerce framework. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Solidus
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2022-29169 HIGH PATCH This Week

BigBlueButton is an open source web conferencing system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Nginx Bigbluebutton
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2022-29098 HIGH PATCH This Week

Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Brute Force Dell Information Disclosure Powerscale Onefs
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-29232 MEDIUM PATCH This Month

BigBlueButton is an open source web conferencing system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Bigbluebutton
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2022-31022 MEDIUM PATCH This Month

Bleve is a text indexing library for go. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Bleve
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-26905 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
4.3
EPSS
1.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy