Skip to main content
CVE-2022-32230 HIGH POC PATCH This Week

Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Microsoft Null Pointer Dereference Windows 10 Windows 11 +1
NVD GitHub
CVSS 3.1
7.5
EPSS
7.0%
CVE-2022-31847 HIGH POC This Week

A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wn579X3 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
5.5%
CVE-2022-31846 HIGH POC This Week

A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wn535G3 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
7.1%
CVE-2022-31845 HIGH POC This Week

A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wn535G3 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
8.4%
CVE-2022-31309 HIGH POC This Week

A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to obtain sensitive router information via execution of the exec cmd function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Aerial X 1200M Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-31308 HIGH POC This Week

A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows attackers to obtain sensitive router information via execution of the exec cmd function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Aerial X 1200M Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-31447 HIGH POC This Week

An XML external entity (XXE) injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE Magicpin
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-32363 HIGH POC This Week

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/view_category.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Product Show Room Site
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32362 HIGH POC This Week

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_category.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Product Show Room Site
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32359 HIGH POC This Week

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_category. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Product Show Room Site
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32358 HIGH POC This Week

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_inquiry. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Product Show Room Site
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32355 HIGH POC This Week

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/view_product&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Product Show Room Site
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32354 HIGH POC This Week

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=user/manage_user&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Product Show Room Site
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32353 HIGH POC This Week

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_field_order.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Product Show Room Site
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-32367 HIGH POC This Week

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=inquiries/view_inquiry&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Product Show Room Site
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32366 HIGH POC This Week

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/view_field.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Product Show Room Site
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32365 HIGH POC This Week

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/manage_field.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Product Show Room Site
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32364 HIGH POC This Week

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/manage_product&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Product Show Room Site
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32351 HIGH POC This Week

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_message. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital S Patient Records Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32350 HIGH POC This Week

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_room_type. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital S Patient Records Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32349 HIGH POC This Week

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient_history. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital S Patient Records Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32348 HIGH POC This Week

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_doctor. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital S Patient Records Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32347 HIGH POC This Week

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_room. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital S Patient Records Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32345 HIGH POC This Week

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/manage_room.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital S Patient Records Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32344 HIGH POC This Week

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital S Patient Records Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32343 HIGH POC This Week

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via hprms/admin/room_types/manage_room_type.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital S Patient Records Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32342 HIGH POC This Week

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/room_types/view_room_type.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital S Patient Records Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32341 HIGH POC This Week

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/?page=user/manage_user&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Hospital S Patient Records Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32340 HIGH POC This Week

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/?page=patients/view_patient&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Hospital S Patient Records Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32339 HIGH POC This Week

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/doctors/view_doctor.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital S Patient Records Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32338 HIGH POC This Week

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/doctors/manage_doctor.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital S Patient Records Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32335 HIGH POC This Week

Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/manage_menu.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Fast Food Ordering System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32334 HIGH POC This Week

Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/manage_category.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Fast Food Ordering System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32333 HIGH POC This Week

Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/sales/receipt.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Fast Food Ordering System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32332 HIGH POC This Week

Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_category. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Fast Food Ordering System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32331 HIGH POC This Week

Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/view_category.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Fast Food Ordering System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32330 HIGH POC This Week

Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_menu. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Fast Food Ordering System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-29241 HIGH PATCH This Week

Jupyter Server provides the backend (i.e. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Information Disclosure Jupyter Server
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-31595 HIGH This Week

SAP Financial Consolidation - version 1010,�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP Adaptive Server Enterprise
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-31619 HIGH PATCH This Week

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions < V13.1.0.9), Teamcenter V13.2 (All. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass RCE Java Teamcenter
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2022-26476 HIGH This Week

A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum Power 7 (All versions using Shared HIS), Spectrum Power MGMS (All versions using Shared HIS). Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Spectrum Power 4 Spectrum Power 7 Spectrum Power Microgrid Management System
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-30229 HIGH PATCH This Week

A vulnerability has been identified in SICAM GridEdge (Classic) (All versions < V2.6.6). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Sicam Gridedge Essential
NVD
CVSS 4.0
8.6
EPSS
0.7%
CVE-2022-30228 HIGH PATCH This Week

A vulnerability has been identified in SICAM GridEdge (Classic) (All versions < V2.6.6). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Sicam Gridedge Essential
NVD
CVSS 4.0
8.6
EPSS
0.4%
CVE-2022-31590 HIGH This Week

SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Information Disclosure Powerdesigner Proxy
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-32252 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Sinema Remote Connect Server
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-31465 HIGH This Week

A vulnerability has been identified in Xpedition Designer VX.2.10 (All versions < VX.2.10 Update 13), Xpedition Designer VX.2.11 (All versions < VX.2.11 Update 11), Xpedition Designer VX.2.12 (All. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Xpedition Designer
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-22103 HIGH This Week

Memory corruption in multimedia driver due to double free while processing data from user in Snapdragon Auto. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sa8540p Firmware Sa9000p Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-22090 HIGH This Week

Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Qualcomm Buffer Overflow Use After Free Denial Of Service +23
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-22085 HIGH This Week

Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware +153
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-22084 HIGH This Week

Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware +151
NVD
CVSS 3.1
7.8
EPSS
0.2%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy