Skip to main content
CVE-2022-32981 HIGH POC PATCH This Week

An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Linux Buffer Overflow Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-24429 HIGH POC PATCH This Week

The package convert-svg-core before 0.6.3 are vulnerable to Arbitrary Code Injection when using a specially crafted SVG file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Code Injection Convert Svg Core
NVD GitHub
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-2042 HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 8.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free Vim macOS
NVD GitHub
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-27502 HIGH POC This Week

RealVNC VNC Server 6.9.0 through 5.1.0 for Windows allows local privilege escalation because an installer repair operation executes %TEMP% files as SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Vnc Server
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-25851 HIGH POC PATCH This Week

The package jpeg-js before 0.4.4 are vulnerable to Denial of Service (DoS) where a particular piece of input will cause to enter an infinite loop and never return. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Jpeg Js
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-21211 HIGH POC This Week

This affects all versions of package posix. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Posix
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-22479 HIGH PATCH This Week

IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

IBM CSRF Spectrum Copy Data Management
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-29092 HIGH This Week

Dell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versions prior) contain a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Supportassist For Business Pcs Supportassist For Home Pcs
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-31043 HIGH PATCH This Week

Guzzle is an open source PHP HTTP client. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

PHP Information Disclosure Guzzle Drupal Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-31042 HIGH PATCH This Week

Guzzle is an open source PHP HTTP client. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

PHP Information Disclosure Guzzle Drupal Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-29094 HIGH This Week

Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion/overwrite. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Dell Path Traversal Supportassist For Business Pcs Supportassist For Home Pcs
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2022-29093 HIGH This Week

Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Dell Path Traversal Supportassist For Business Pcs Supportassist For Home Pcs
NVD
CVSS 3.1
7.1
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy