Skip to main content
CVE-2022-29450 HIGH PATCH This Week

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Admin Management Xtended plugin <= 2.4.4 at WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

CSRF WordPress Admin Management Xtended
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-29437 HIGH This Week

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Image Slider by NextCode plugin <= 1.1.2 at WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress Image Slider By Nextcode
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-33140 HIGH PATCH This Week

The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Command Injection Apple Nifi Nifi Registry
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2022-2087 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in SourceCodester Bank Management System 1.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bank Management System
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2022-30163 HIGH PATCH This Week

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable.

Race Condition RCE Microsoft Windows 10 Windows 11 +7
NVD
CVSS 3.1
8.5
EPSS
1.8%
CVE-2022-22021 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google RCE Microsoft Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
2.8%
CVE-2022-30141 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
8.1
EPSS
2.3%
CVE-2022-32156 HIGH This Week

In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface (CLI) did not validate TLS certificates while connecting to a remote Splunk platform instance by. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Splunk Information Disclosure Universal Forwarder
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2022-32154 HIGH This Week

Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Splunk Splunk Cloud Platform
NVD
CVSS 3.1
8.1
EPSS
1.3%
CVE-2022-32153 HIGH This Week

Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Splunk Information Disclosure Splunk Cloud Platform
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2022-30193 HIGH PATCH This Week

AV1 Video Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Av1 Video Extension
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-30188 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Hevc Video Extensions
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2022-30180 HIGH PATCH This Week

Azure RTOS GUIX Studio Information Disclosure Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Azure Real Time Operating System Guix Studio
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-30179 HIGH PATCH This Week

Azure RTOS GUIX Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Azure Real Time Operating System Guix Studio
NVD
CVSS 3.1
7.8
EPSS
2.4%
CVE-2022-30178 HIGH PATCH This Week

Azure RTOS GUIX Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Azure Real Time Operating System Guix Studio
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-30177 HIGH PATCH This Week

Azure RTOS GUIX Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Azure Real Time Operating System Guix Studio
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-30174 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office Long Term Servicing Channel
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2022-30173 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Excel Office Web Apps Server
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2022-30168 HIGH PATCH This Week

Microsoft Photos App Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Photos
NVD
CVSS 3.1
7.8
EPSS
2.5%
CVE-2022-30167 HIGH PATCH This Week

AV1 Video Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Av1 Video Extension
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-30166 HIGH PATCH This Week

Local Security Authority Subsystem Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 Windows 11 Windows 7 Windows 8 1 +6
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-30164 HIGH PATCH This Week

Kerberos AppContainer Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Windows 10 Windows 11 Windows 7 Windows 8 1 +6
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2022-30160 HIGH PATCH This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
6.3%
CVE-2022-30147 HIGH PATCH This Week

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
4.5%
CVE-2022-30135 HIGH PATCH This Week

Windows Media Center Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 7 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-30132 HIGH PATCH This Week

Windows Container Manager Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2019 +1
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-30131 HIGH PATCH This Week

Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows Server 2016 Windows Server 2019 Windows Server 2022
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-29149 HIGH PATCH This Week

Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Azure Automation State Configuration Azure Automation Update Management Azure Diagnostics Azure Security Center +6
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-29119 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Hevc Video Extensions
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-29111 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Hevc Video Extensions
NVD
CVSS 3.1
7.8
EPSS
2.4%
CVE-2022-22018 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Hevc Video Extensions
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-20203 HIGH This Week

In multiple locations of the nanopb library, there is a possible way to corrupt memory when decoding untrusted protobuf files. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Memory Corruption Buffer Overflow Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-30649 HIGH PATCH This Week

Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe Memory Corruption RCE Buffer Overflow Illustrator
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-30648 HIGH PATCH This Week

Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Adobe Illustrator
NVD
CVSS 3.0
7.8
EPSS
2.4%
CVE-2022-30647 HIGH PATCH This Week

Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Adobe Illustrator
NVD
CVSS 3.0
7.8
EPSS
2.4%
CVE-2022-22788 HIGH This Week

The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Meetings Rooms
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-28849 HIGH PATCH This Week

Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2022-28848 HIGH PATCH This Week

Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe Memory Corruption RCE Buffer Overflow Bridge
NVD
CVSS 3.0
7.8
EPSS
2.0%
CVE-2022-28847 HIGH PATCH This Week

Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe Memory Corruption RCE Buffer Overflow Bridge
NVD
CVSS 3.0
7.8
EPSS
2.0%
CVE-2022-28846 HIGH PATCH This Week

Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe Memory Corruption RCE Buffer Overflow Bridge
NVD
CVSS 3.0
7.8
EPSS
2.0%
CVE-2022-28845 HIGH PATCH This Week

Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe Memory Corruption RCE Buffer Overflow Bridge
NVD
CVSS 3.0
7.8
EPSS
2.1%
CVE-2022-28844 HIGH PATCH This Week

Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe Memory Corruption RCE Buffer Overflow Bridge
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-28843 HIGH PATCH This Week

Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe Memory Corruption RCE Buffer Overflow Bridge
NVD
CVSS 3.0
7.8
EPSS
2.1%
CVE-2022-28842 HIGH PATCH This Week

Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Adobe Bridge
NVD
CVSS 3.0
7.8
EPSS
2.9%
CVE-2022-28841 HIGH PATCH This Week

Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe Memory Corruption RCE Buffer Overflow Bridge
NVD
CVSS 3.0
7.8
EPSS
2.2%
CVE-2022-28840 HIGH PATCH This Week

Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe Memory Corruption RCE Buffer Overflow Bridge
NVD
CVSS 3.0
7.8
EPSS
2.2%
CVE-2022-28839 HIGH PATCH This Week

Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe Memory Corruption RCE Buffer Overflow Bridge
NVD
CVSS 3.0
7.8
EPSS
2.1%
CVE-2022-28226 HIGH This Week

Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Yandex Browser
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-28225 HIGH This Week

Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Yandex Browser
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-31219 HIGH This Week

Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Automation Builder Drive Composer Mint Workbench
NVD
CVSS 3.1
7.8
EPSS
0.3%
Prev Page 2 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy