Skip to main content
CVE-2022-33128 CRITICAL Act Now

RG-EG series gateway EG350 EG_RGOS 11.1(6) was discovered to contain a SQL injection vulnerability via the function get_alarmAction at /alarm_pi/alarmService.php. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Rg Eg350 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2022-24893 HIGH PATCH This Week

ESP-IDF is the official development framework for Espressif SoCs. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Esp Idf
NVD GitHub
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-31016 MEDIUM PATCH This Month

Argo CD is a declarative continuous deployment for Kubernetes. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Kubernetes Argo Cd
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-29931 MEDIUM This Month

The administration interface of the Raytion Custom Security Manager (Raytion CSM) in Version 7.2.0 allows reflected Cross-site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Custom Security Manager
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-29168 MEDIUM This Month

Wire is a secure messaging application. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE XSS Docker Wire Webapp
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2022-31017 LOW Monitor

Zulip is an open-source team collaboration tool. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Zulip
NVD GitHub
CVSS 3.1
2.6
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy