Skip to main content
CVE-2022-30790 HIGH POC CISA Act Now

Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow U Boot
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
Threat
5.1
CVE-2022-1683 HIGH POC This Week

The amtyThumb WordPress plugin through 4.2.0 does not sanitise and escape a parameter before using it in a SQL statement via its shortcode, leading to an SQL injection and is exploitable by any. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi WordPress Amtythumb
NVD WPScan
CVSS 3.1
8.8
EPSS
1.5%
CVE-2022-28382 HIGH POC This Week

An issue was discovered in certain Verbatim drives through 2022-03-31. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Keypad Secure Usb 3 2 Gen 1 Firmware Store N Go Secure Portable Hdd Firmware Executive Fingerprint Secure Ssd Firmware Fingerprint Secure Portable Hard Drive Firmware
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-31325 HIGH POC This Week

There is a SQL Injection vulnerability in ChurchCRM 4.4.5 via the 'PersonID' field in /churchcrm/WhyCameEditor.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Churchcrm
NVD GitHub Exploit-DB
CVSS 3.1
7.2
EPSS
5.0%
CVE-2022-1703 HIGH This Week

Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Commands which potentially leads to remote. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Command Injection Sonicwall Sma 210 Firmware Sma 410 Firmware +1
NVD
CVSS 3.1
8.8
EPSS
11.1%
CVE-2022-24296 HIGH This Week

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD Ver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ae 200A Firmware Ae 200E Firmware Ae 200J Firmware Ae 50A Firmware +16
NVD
CVSS 3.1
7.5
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy