Skip to main content
CVE-2022-34878 HIGH POC PATCH This Week

SQL Injection vulnerability in User Stats interface (/vicidial/user_stats.php) of VICIdial via the file_download parameter allows attacker to spoof identity, tamper with existing data, allow the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP SQLi Vicidial
NVD GitHub
CVSS 3.1
8.8
EPSS
3.4%
CVE-2022-34877 HIGH POC PATCH This Week

SQL Injection vulnerability in AST Agent Time Sheet interface ((/vicidial/AST_agent_time_sheet.php) of VICIdial via the agent parameter allows attacker to spoof identity, tamper with existing data,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP SQLi Vicidial
NVD GitHub
CVSS 3.1
8.8
EPSS
3.1%
CVE-2022-34876 HIGH POC PATCH This Week

SQL Injection vulnerability in admin interface (/vicidial/admin.php) of VICIdial via modify_email_accounts, access_recordings, and agentcall_email parameters allows attacker to spoof identity, tamper. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP SQLi Vicidial
NVD GitHub
CVSS 3.1
8.8
EPSS
3.2%
CVE-2022-2304 HIGH POC PATCH This Week

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Stack Overflow Buffer Overflow Vim Fedora Debian Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-31116 HIGH POC PATCH This Week

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Python Information Disclosure Ultrajson Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
2.3%
CVE-2022-2309 HIGH POC PATCH This Week

NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Lxml Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
2.5%
CVE-2022-2306 HIGH POC PATCH This Week

Old session tokens can be used to authenticate to the application and send authenticated requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Nakama
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-33743 HIGH PATCH This Week

network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Linux Kernel Xen Debian Linux
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-30290 HIGH PATCH This Week

In OpenCTI through 5.2.4, a broken access control vulnerability has been identified in the profile endpoint. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Opencti
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-33742 HIGH PATCH This Week

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Fedora Debian Linux Linux Kernel Xen
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2022-33741 HIGH PATCH This Week

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Fedora Debian Linux Linux Kernel Xen
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2022-33740 HIGH PATCH This Week

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Fedora Debian Linux Linux Kernel Xen
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2022-26365 HIGH PATCH This Week

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Linux Kernel Xen Debian Linux Fedora
NVD
CVSS 3.1
7.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy