Skip to main content
CVE-2022-30658 HIGH This Week

Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Buffer Overflow Heap Overflow Indesign
NVD
CVSS 3.0
7.8
EPSS
5.9%
CVE-2022-27532 HIGH This Week

A maliciously crafted TIF file in Autodesk 3ds Max 2022 and 2021 can be used to write beyond the allocated buffer while parsing TIF files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow 3ds Max
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-27531 HIGH This Week

A maliciously crafted TIF file can be forced to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing the TIF files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure 3ds Max
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-30549 HIGH This Week

Out-of-bounds read vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure V Server
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-30546 HIGH This Week

Out-of-bounds read vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Monitouch V Sft
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-30538 HIGH This Week

Out-of-bounds write vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Monitouch V Sft
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-33756 HIGH This Week

CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ca Automic Automation
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-33751 HIGH This Week

CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ca Automic Automation
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-33739 HIGH This Week

CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow a remote attacker to potentially view the contents of any file on the system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ca Clarity
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-29866 HIGH PATCH This Week

OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to exhaust the memory resources of a server via a crafted request that triggers Uncontrolled Resource Consumption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Ua Net Standard Stack
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-29864 HIGH PATCH This Week

OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Ua Net Standard Stack
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-29863 HIGH PATCH This Week

OPC UA .NET Standard Stack 1.04.368 allows remote attacker to cause a crash via a crafted message that triggers excessive memory allocation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Ua Net Standard Stack
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-29865 HIGH PATCH This Week

OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Ua Net Standard Stack
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-29862 HIGH PATCH This Week

An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Ua Net Standard Stack
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-1642 HIGH This Week

A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Deserialization Swift
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-31291 HIGH PATCH This Week

An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Diagnostic Log And Trace Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-31372 HIGH PATCH This Week

Wiris Mathtype v7.28.0 was discovered to contain a path traversal vulnerability in the resourceFile parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal Mathtype
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-30328 MEDIUM This Month

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Tew 831Dr Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-22953 MEDIUM This Month

VMware HCX update addresses an information disclosure vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Information Disclosure Vmware Hcx
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-30326 MEDIUM This Month

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Tew 831Dr Firmware
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-31301 MEDIUM This Month

Haraj v3.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Post Ads component. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Haraj
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
CVE-2022-31298 MEDIUM This Month

A cross-site scripting vulnerability in the ads comment section of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Haraj
NVD GitHub
CVSS 3.1
5.4
EPSS
1.1%
CVE-2022-31300 MEDIUM This Month

A cross-site scripting vulnerability in the DM Section component of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Haraj
NVD GitHub
CVSS 3.1
5.4
EPSS
1.1%
CVE-2022-30533 MEDIUM This Month

Cross-site scripting vulnerability in Modern Events Calendar Lite versions prior to 6.3.0 allows remote an authenticated attacker to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Modern Events Calendar Lite
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-33755 MEDIUM This Month

CA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic Agent that could allow a remote attacker to potentially enumerate users. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ca Automic Automation
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2022-27512 MEDIUM This Month

Temporary disruption of the ADM license service. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Information Disclosure Application Delivery Management
NVD
CVSS 3.1
5.3
EPSS
0.9%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy