Skip to main content
CVE-2022-33075 MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in the Add Classification function of Zoo Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via unspecified vectors. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Zoo Management System
NVD VulDB
CVSS 3.1
5.4
EPSS
0.8%
CVE-2022-34879 MEDIUM This Month

Reflected Cross Site Scripting (XSS) vulnerabilities in AST Agent Time Sheet interface (/vicidial/AST_agent_time_sheet.php) of VICIdial via agent, and search_archived_data parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Vicidial
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-31117 MEDIUM PATCH This Month

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Python Information Disclosure Ultrajson Fedora
NVD GitHub
CVSS 3.1
5.9
EPSS
1.7%
CVE-2022-30289 MEDIUM PATCH This Month

A stored Cross-site Scripting (XSS) vulnerability was identified in the Data Import functionality of OpenCTI through 5.2.4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Opencti
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-2097 MEDIUM PATCH This Month

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Fedora Active Iq Unified Manager Clustered Data Ontap Antivirus Connector +7
NVD
CVSS 3.1
5.3
EPSS
4.4%
CVE-2022-31770 MEDIUM This Month

IBM App Connect Enterprise Certified Container 4.2 could allow a user from the administration console to cause a denial of service by creating a specially crafted request. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service IBM App Connect Enterprise Certified Container
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2022-33744 MEDIUM PATCH This Month

Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Kernel Debian Linux
NVD
CVSS 3.1
4.7
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy