Skip to main content
CVE-2022-31138 HIGH POC PATCH This Week

mailcow is a mailserver suite. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Command Injection Mailcow
NVD GitHub
CVSS 3.1
8.8
EPSS
3.1%
CVE-2022-35414 HIGH POC PATCH This Week

softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Qemu Debian Linux
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-31073 HIGH POC PATCH This Week

KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Kubeedge
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-31578 HIGH POC This Week

The piaoyunsoft/bt_lnmp repository through 2019-10-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Python Path Traversal Bt Lnmp
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-31566 HIGH This Week

The DSAB-local/DSAB repository through 2019-02-18 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Python Path Traversal Data Stream Algorithm Benchmark
NVD GitHub
CVSS 3.1
8.6
EPSS
1.1%
CVE-2022-30602 HIGH This Week

Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Garoon
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2022-31139 HIGH PATCH This Week

UnsafeAccessor (UA) is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Unsafe Accessor
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-30792 HIGH This Week

In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Control For Beaglebone Control For Empc A Imx6 Control For Iot2000 Sl Control For Linux Sl +15
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-30791 HIGH This Week

In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Control For Beaglebone Control For Empc A Imx6 Control For Iot2000 Sl Control For Linux Sl +15
NVD
CVSS 3.1
7.5
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy