Skip to main content
CVE-2022-22034 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Microsoft Information Disclosure Windows 10 +9
NVD
CVSS 3.1
7.8
EPSS
6.1%
CVE-2022-22031 HIGH This Week

Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2016 +2
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-22027 HIGH This Week

Windows Fax Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-22024 HIGH This Week

Windows Fax Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2022-31591 HIGH This Week

SAP BusinessObjects BW Publisher Service - versions 420, 430, uses a search path that contains an unquoted element. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Information Disclosure Businessobjects Bw Publisher Service
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-29187 HIGH This Week

Git is a distributed revision control system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Git Fedora Xcode +1
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-33710 HIGH This Week

Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Galaxy Store
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-33709 HIGH This Week

Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Galaxy Store
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-33708 HIGH This Week

Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Galaxy Store
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-33704 HIGH This Week

Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-33703 HIGH This Week

Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-33695 HIGH This Week

Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorized access to the service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-30756 HIGH This Week

Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of Finder. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-30755 HIGH This Week

Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-30754 HIGH This Week

Implicit Intent hijacking vulnerability in AppLinker prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of AppLinker. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-34748 HIGH PATCH This Week

A vulnerability has been identified in Simcenter Femap (All versions < V2022.2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Simcenter Femap
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-34465 HIGH PATCH This Week

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.250), Parasolid V34.1 (All versions < V34.1.233), Simcenter Femap V2022.1 (All. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Parasolid Simcenter Femap
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-34289 HIGH This Week

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Pads Viewer
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-34286 HIGH This Week

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Pads Viewer
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-34284 HIGH This Week

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Pads Viewer
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-34281 HIGH This Week

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Pads Viewer
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-34280 HIGH This Week

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Pads Viewer
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-34279 HIGH This Week

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Pads Viewer
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-34278 HIGH This Week

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Pads Viewer
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-34277 HIGH This Week

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Pads Viewer
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-34276 HIGH This Week

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Pads Viewer
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-34275 HIGH This Week

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Pads Viewer
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-34274 HIGH This Week

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Pads Viewer
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-34273 HIGH This Week

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Pads Viewer
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-34272 HIGH This Week

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Pads Viewer
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-30215 HIGH This Week

Active Directory Federation Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Windows Server 2016 Windows Server 2019 Windows Server 2022
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2022-30211 HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

RCE Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2022-22039 HIGH This Week

Windows Network File System Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

RCE Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +2
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2022-22037 HIGH This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2022-22025 HIGH This Week

Windows Internet Information Services Cachuri Module Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
32.1%
CVE-2022-35403 HIGH PATCH This Week

Zoho ManageEngine ServiceDesk Plus before 13008, ServiceDesk Plus MSP before 10606, and SupportCenter Plus before 11022 are affected by an unauthenticated local file disclosure vulnerability via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Zoho Information Disclosure Manageengine Servicedesk Plus Manageengine Servicedesk Plus Msp Manageengine Supportcenter Plus +1
NVD
CVSS 3.1
7.5
EPSS
5.8%
CVE-2022-35168 HIGH This Week

Due to improper input sanitization of XML input in SAP Business One - version 10.0, an attacker can perform a denial-of-service attack rendering the system temporarily inoperative. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP XXE Business One
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-32249 HIGH This Week

Under special integration scenario of SAP Business one and SAP HANA - version 10.0, an attacker can exploit HANA cockpit�s data volume to gain access to highly sensitive information (e.g., high. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Information Disclosure Business One
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-28771 HIGH This Week

Due to missing authentication check, SAP Business one License service API - version 10.0 allows an unauthenticated attacker to send malicious http requests over the network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass SAP Business One License Service Api
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-22998 HIGH This Week

Implemented protections on AWS credentials that were not properly protected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure My Cloud Home Duo Firmware My Cloud Home Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-1737 HIGH This Week

Pyramid Solutions' affected products, the Developer and DLL kits for EtherNet/IP Adapter and EtherNet/IP Scanner, are vulnerable to an out-of-bounds write, which may allow an unauthorized attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Netstax Ethernet Ip Adapter Development Kit Netstax Ethernet Ip Adapter Dll Kit Netstax Ethernet Ip Scanner Development Kit +1
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-34743 HIGH This Week

The AT commands of the USB port have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-34742 HIGH This Week

The system module has a read/write vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-34739 HIGH This Week

The fingerprint module has a vulnerability of overflow in arithmetic addition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-34738 HIGH This Week

The SystemUI module has a vulnerability in permission control. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-34736 HIGH This Week

The frame scheduling module has a null pointer dereference vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-34735 HIGH This Week

The frame scheduling module has a null pointer dereference vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-33713 HIGH This Week

Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Cloud
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-33173 HIGH This Week

An algorithm-downgrade issue was discovered in Couchbase Server before 7.0.4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Couchbase Server
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-33736 HIGH PATCH This Week

A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Opcenter Quality
NVD
CVSS 3.1
7.5
EPSS
1.2%
Prev Page 2 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy