Skip to main content
CVE-2022-2297 HIGH POC Act Now

A vulnerability, which was classified as critical, was found in SourceCodester Clinics Patient Management System 2.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Clinic S Patient Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
3.3%
CVE-2021-38289 HIGH POC This Week

An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Novaicare
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-1025 HIGH POC PATCH This Week

All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Argo Cd
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-36667 HIGH POC PATCH This Week

Command injection vulnerability in Druva inSync 6.9.0 for MacOS, allows attackers to execute arbitrary commands via crafted payload to the local HTTP server due to un-sanitized call to the python. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Command Injection Python Apple Insync Client
NVD VulDB
CVSS 3.1
7.8
EPSS
1.8%
CVE-2021-36668 HIGH POC This Week

URL injection in Driva inSync 6.9.0 for MacOS, allows attackers to force a visit to an arbitrary url via the port parameter to the Electron App. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apple Code Injection Insync Client
NVD VulDB
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-36665 HIGH POC This Week

An issue was discovered in Druva 6.9.0 for macOS, allows attackers to gain escalated local privileges via the inSyncUpgradeDaemon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apple Deserialization Insync Client
NVD VulDB
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-36666 HIGH POC This Week

An issue was discovered in Druva 6.9.0 for MacOS, allows attackers to gain escalated local privileges via the inSyncDecommission. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Apple Insync Client
NVD VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-2263 HIGH POC This Week

A vulnerability was found in Online Hotel Booking System 1.0 and classified as critical. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Hotel Booking
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.8%
CVE-2022-2262 HIGH POC This Week

A vulnerability has been found in Online Hotel Booking System 1.0 and classified as critical. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Hotel Booking
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.8%
CVE-2022-30221 HIGH This Week

Windows Graphics Component Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Windows 10 Windows 11 Windows 7 +6
NVD
CVSS 3.1
8.8
EPSS
2.0%
CVE-2022-30216 HIGH This Week

Windows Server Service Tampering Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft File Upload Windows 10 Windows 11 Windows Server 2016 +1
NVD
CVSS 3.1
8.8
EPSS
88.6%
CVE-2022-22026 HIGH This Week

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Microsoft Buffer Overflow Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-35228 HIGH This Week

SAP BusinessObjects CMC allows an unauthenticated attacker to retrieve token information over the network which would otherwise be restricted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF SAP Businessobjects Business Intelligence Platform
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-31593 HIGH This Week

SAP Business One client - version 10.0 allows an attacker with low privileges, to inject code that can be executed by the application. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection SAP Business One
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-2385 HIGH PATCH This Week

A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Aws Iam Authenticator
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-34821 HIGH PATCH This Week

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2), SCALANCE M804PB (6GK5804-0AP00-2AA2), SCALANCE M812-1. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Siemens RCE Code Injection Simatic Cp 1242 7 V2 Firmware Simatic Cp 1243 1 Firmware +13
NVD
CVSS 4.0
8.8
EPSS
2.2%
CVE-2022-26647 HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Siemens Information Disclosure Scalance X200 4P Irt Firmware Scalance X201 3P Irt Firmware Scalance X201 3P Irt Pro Firmware +26
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2022-30222 HIGH This Week

Windows Shell Remote Code Execution Vulnerability. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Windows 10 Windows 11 Windows Server 2016 +2
NVD
CVSS 3.1
8.4
EPSS
0.7%
CVE-2022-34820 HIGH PATCH This Week

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Simatic Cp 1242 7 V2 Firmware Simatic Cp 1243 1 Firmware Simatic Cp 1243 7 Lte Eu Firmware +12
NVD
CVSS 3.1
8.4
EPSS
2.0%
CVE-2022-33674 HIGH This Week

Azure Site Recovery Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
8.3
EPSS
1.1%
CVE-2022-26648 HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Siemens Buffer Overflow Scalance X204 2 Firmware Scalance X204 2Fm Firmware Scalance X204 2Ld Firmware +26
NVD
CVSS 3.1
8.2
EPSS
0.9%
CVE-2022-22038 HIGH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Windows 10 Windows 11 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
8.1
EPSS
2.4%
CVE-2022-22029 HIGH This Week

Windows Network File System Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +2
NVD
CVSS 3.1
8.1
EPSS
5.1%
CVE-2022-24800 HIGH PATCH This Week

October/System is the system module for October CMS, a self-hosted CMS platform based on the Laravel PHP Framework. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

PHP Race Condition RCE October
NVD GitHub
CVSS 3.1
8.1
EPSS
1.4%
CVE-2022-34663 HIGH PATCH This Week

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100,. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Ruggedcom Ros
NVD
CVSS 3.1
8.0
EPSS
0.8%
CVE-2022-33137 HIGH PATCH This Week

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3),. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Simatic Mv540 H Firmware Simatic Mv540 S Firmware Simatic Mv550 H Firmware Simatic Mv550 S Firmware +2
NVD
CVSS 3.1
8.0
EPSS
0.8%
CVE-2022-33675 HIGH This Week

Azure Site Recovery Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-30220 HIGH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
5.1%
CVE-2022-30206 HIGH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-22050 HIGH This Week

Windows Fax Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-22049 HIGH This Week

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Microsoft Buffer Overflow Windows 10 Windows 11 +8
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-22047 HIGH KEV PATCH THREAT This Week

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
18.8%
CVE-2022-22045 HIGH This Week

Windows.Devices.Picker.dll Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8). No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2016 +2
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-22043 HIGH This Week

Windows Fast FAT File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-22034 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Microsoft Information Disclosure Windows 10 +9
NVD
CVSS 3.1
7.8
EPSS
6.1%
CVE-2022-22031 HIGH This Week

Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2016 +2
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-22027 HIGH This Week

Windows Fax Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-22024 HIGH This Week

Windows Fax Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2022-31591 HIGH This Week

SAP BusinessObjects BW Publisher Service - versions 420, 430, uses a search path that contains an unquoted element. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Information Disclosure Businessobjects Bw Publisher Service
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-29187 HIGH This Week

Git is a distributed revision control system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Git Fedora Xcode +1
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-33710 HIGH This Week

Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Galaxy Store
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-33709 HIGH This Week

Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Galaxy Store
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-33708 HIGH This Week

Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Galaxy Store
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-33704 HIGH This Week

Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-33703 HIGH This Week

Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-33695 HIGH This Week

Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorized access to the service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-30756 HIGH This Week

Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of Finder. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-30755 HIGH This Week

Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-30754 HIGH This Week

Implicit Intent hijacking vulnerability in AppLinker prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of AppLinker. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-34748 HIGH PATCH This Week

A vulnerability has been identified in Simcenter Femap (All versions < V2022.2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Simcenter Femap
NVD
CVSS 3.1
7.8
EPSS
1.0%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy