Skip to main content
CVE-2022-34918 HIGH POC PATCH Act Now

An issue was discovered in the Linux kernel through 5.18.9. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Linux Buffer Overflow Linux Kernel Debian Linux +6
NVD
CVSS 3.1
7.8
EPSS
5.5%
CVE-2022-2268 HIGH POC This Week

The Import any XML or CSV File to WordPress plugin before 3.6.8 accepts all zip files and automatically extracts the zip file without validating the extracted file type. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress File Upload Wp All Import
NVD WPScan
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-33948 HIGH This Week

HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of data received from DHCP server. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Home Spot Cube 2 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-34151 HIGH This Week

Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Nx701 1600 Firmware Nx701 1700 Firmware Nx701 Z700 Firmware Nx701 Z600 Firmware +53
NVD VulDB
CVSS 3.1
8.1
EPSS
1.1%
CVE-2022-31600 HIGH This Week

NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmmCore, where a user with high privileges can chain another vulnerability to this vulnerability, causing an integer overflow, possibly. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Integer Overflow Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2022-31599 HIGH This Week

NVIDIA DGX A100 contains a vulnerability in SBIOS in the Ofbd, where a local user with elevated privileges can cause access to an uninitialized pointer, which may lead to code execution, escalation. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Nvidia Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2022-29484 HIGH This Week

Operation restriction bypass vulnerability in Space of Cybozu Garoon 4.0.0 to 5.9.0 allows a remote authenticated attacker to delete the data of Space. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Garoon
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2022-33208 HIGH This Week

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Nx701 1600 Firmware Nx701 1700 Firmware Nx701 Z700 Firmware Nx701 Z600 Firmware +53
NVD
CVSS 3.1
8.1
EPSS
1.8%
CVE-2022-33971 HIGH This Week

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Nx701 1600 Firmware Nx701 1700 Firmware Nx701 Z700 Firmware Nx701 Z600 Firmware +48
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-34829 HIGH PATCH This Week

Zoho ManageEngine ADSelfService Plus before 6203 allows a denial of service (application restart) via a crafted payload to the Mobile App Deployment API. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Zoho Manageengine Adselfservice Plus
NVD
CVSS 3.1
7.5
EPSS
3.9%
CVE-2022-32284 HIGH This Week

Use of insufficiently random values vulnerability exists in Vnet/IP communication module VI461 of YOKOGAWA Wide Area Communication Router (WAC Router) AW810D, which may allow a remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Aw810D Firmware
NVD
CVSS 3.1
7.5
EPSS
3.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy