Skip to main content
CVE-2022-28167 MEDIUM This Month

Brocade SANnav before Brocade SANvav v. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sannav
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-31094 MEDIUM PATCH This Month

ScratchTools is a web extension designed to make interacting with the Scratch programming language community (Scratching) easier. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Scratchtools
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2022-31085 MEDIUM PATCH This Month

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP OpenSSL Information Disclosure Ldap Account Manager Debian Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
0.3%
CVE-2022-31065 MEDIUM PATCH This Month

BigBlueButton is an open source web conferencing system. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Bigbluebutton
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-28172 MEDIUM This Month

The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hikvision XSS Ds A71024 Firmware Ds A71048 Firmware Ds A71072R Firmware +8
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-33146 MEDIUM PATCH This Month

Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Open Redirect Web2Py
NVD GitHub
CVSS 3.1
6.1
EPSS
1.4%
CVE-2022-31096 MEDIUM This Month

Discourse is an open source discussion platform. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Discourse
NVD GitHub
CVSS 3.1
5.7
EPSS
0.5%
CVE-2022-31077 MEDIUM PATCH This Month

KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Kubernetes Null Pointer Dereference Kubeedge
NVD GitHub
CVSS 3.1
5.7
EPSS
0.8%
CVE-2022-31057 MEDIUM PATCH This Month

Shopware is an open source e-commerce software made in Germany. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Shopware
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-31035 MEDIUM PATCH This Month

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Kubernetes XSS Argo Cd
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
CVE-2022-31088 MEDIUM PATCH This Month

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Ldap Account Manager Debian Linux
NVD GitHub
CVSS 3.1
5.3
EPSS
1.2%
CVE-2022-31039 MEDIUM PATCH This Month

Greenlight is a simple front-end interface for your BigBlueButton server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Greenlight
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-2088 MEDIUM This Month

An authenticated user with admin privileges may be able to terminate any process on the system running Elcomplus SmartICS v2.3.4.0. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Smartics
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2022-31036 MEDIUM PATCH This Month

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Kubernetes Information Disclosure Argo Cd
NVD GitHub
CVSS 3.1
4.3
EPSS
0.8%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy