Skip to main content
CVE-2022-30143 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-30142 HIGH PATCH This Week

Windows File History Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2022-30140 HIGH PATCH This Week

Windows iSCSI Discovery Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-30139 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

RCE Microsoft Windows 10 Windows 11 Windows Server 2016 +2
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2022-29143 HIGH PATCH This Week

Microsoft SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

RCE Microsoft Sql Server
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2022-21935 HIGH This Week

A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Metasys Application And Data Server Metasys Extended Application And Data Server Metasys Open Application Server
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-31070 HIGH PATCH This Week

NestJS Proxy is a NestJS module to decorate and proxy calls. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Nestjs Proxy
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-31069 HIGH PATCH This Week

NestJS Proxy is a NestJS module to decorate and proxy calls. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Node.js Information Disclosure Nestjs Proxy
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-31044 HIGH PATCH This Week

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rundeck
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-32157 HIGH This Week

Splunk Enterprise deployment servers in versions before 9.0 allow unauthenticated downloading of forwarder bundles. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Splunk
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-32155 HIGH This Week

In universal forwarder versions before 9.0, management services are available remotely by default. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Splunk Information Disclosure Splunk Cloud Platform
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-20209 HIGH This Week

In hme_add_new_node_to_a_sorted_array of hme_utils.c, there is a possible out of bounds read due to a heap buffer overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Memory Corruption Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-20190 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-208744915References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-20188 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-207254598References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-20184 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-209153114References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-20181 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-210936609References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-20179 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-211683760References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-20177 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-209906686References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-20175 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-209252491References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-20169 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-211162353References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-20168 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-210594998References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-20151 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-210712565References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-20149 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-211685939References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-20131 HIGH This Week

In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-20123 HIGH This Week

In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-20817 HIGH This Week

A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to impersonate another user's phone if the Cisco Unified Communications Manager (CUCM) is in secure mode. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Information Disclosure Unified Ip Phone 6911 Firmware Unified Ip Phone 6921 Firmware Unified Ip Phone 6941 Firmware +8
NVD
CVSS 3.1
7.4
EPSS
1.1%
CVE-2022-20193 HIGH This Week

In getUniqueUsagesWithLabels of PermissionUsageHelper.java, there is a possible incorrect permission attribution due to a logic error in the code. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2022-20137 HIGH PATCH This Week

In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Google Authentication Bypass Privilege Escalation Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2022-20126 HIGH This Week

In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Privilege Escalation Android
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2022-32152 HIGH This Week

Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Splunk Information Disclosure Splunk Cloud Platform
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-30151 HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2022-20155 HIGH This Week

In ipu_core_jqs_msg_transport_kernel_write_sync of ipu-core-jqs-msg-transport.c, there is a possible use-after-free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Race Condition Privilege Escalation Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2022-20141 HIGH This Week

In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. Rated high severity (CVSS 7.0). No vendor patch available.

Google Race Condition Privilege Escalation Denial Of Service Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy