Skip to main content
CVE-2022-30277 MEDIUM This Month

BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Synapsys
NVD
CVSS 3.1
5.7
EPSS
0.2%
CVE-2022-26866 MEDIUM This Month

Dell PowerStore Versions before v2.1.1.0. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dell Information Disclosure Powerstoreos
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-30503 MEDIUM PATCH This Month

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_set_number at src/njs_value.h. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Nginx Information Disclosure Njs
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-28702 MEDIUM PATCH This Month

Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Privilege Escalation Abb E Design
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-29734 MEDIUM This Month

A cross-site scripting (XSS) vulnerability in ICT Protege GX/WX v2.08 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Protege Gx Protege Wx
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-26976 MEDIUM This Month

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS File Upload Control Room Management Suite
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-24967 MEDIUM This Month

Black Rainbow NIMBUS before 3.7.0 allows stored Cross-site Scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Nimbus
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-26973 MEDIUM This Month

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Information Disclosure Control Room Management Suite
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-26971 MEDIUM This Month

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass File Upload Control Room Management Suite
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-29235 MEDIUM PATCH This Month

BigBlueButton is an open source web conferencing system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Bigbluebutton
NVD GitHub
CVSS 3.1
5.3
EPSS
1.0%
CVE-2022-1980 MEDIUM This Month

A vulnerability was found in SourceCodester Product Show Room Site 1.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Product Show Room Site
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2022-1979 MEDIUM This Month

A vulnerability was found in SourceCodester Product Show Room Site 1.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Product Show Room Site
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2022-23236 MEDIUM This Month

E-Series SANtricity OS Controller Software versions 11.40 through 11.70.2 store the LDAP BIND password in plaintext within a file accessible only to privileged users. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure E Series Santricity Os Controller
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-29731 MEDIUM This Month

An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes of other users. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Protege Gx Firmware Protege Wx Firmware
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2022-29236 MEDIUM PATCH This Month

BigBlueButton is an open source web conferencing system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Bigbluebutton
NVD GitHub
CVSS 3.1
4.3
EPSS
0.8%
CVE-2022-29234 MEDIUM PATCH This Month

BigBlueButton is an open source web conferencing system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Bigbluebutton
NVD GitHub
CVSS 3.1
4.3
EPSS
0.8%
CVE-2022-29233 MEDIUM PATCH This Month

BigBlueButton is an open source web conferencing system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Bigbluebutton
NVD GitHub
CVSS 3.1
4.3
EPSS
1.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy