Skip to main content
CVE-2022-30223 MEDIUM This Month

Windows Hyper-V Information Disclosure Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +6
NVD
CVSS 3.1
5.7
EPSS
0.8%
CVE-2022-22711 MEDIUM This Month

Windows BitLocker Information Disclosure Vulnerability. Rated medium severity (CVSS 5.7). No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2012 +3
NVD
CVSS 3.1
5.7
EPSS
0.5%
CVE-2022-30213 MEDIUM This Month

Windows GDI+ Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2022-35171 MEDIUM This Month

When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service SAP 3D Visual Enterprise Viewer
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2022-33711 MEDIUM This Month

Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mobile Phones prior to version 1.7.56.0 allows local attackers to delete arbitrary directory using. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Microsoft Information Disclosure Android Usb Driver
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-33702 MEDIUM This Month

Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local attacker to disable keyguard and bypass Knoxguard lock by factory reset. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-33685 MEDIUM This Month

Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-30758 MEDIUM This Month

Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to access some protected information with privilege of Finder. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-34291 MEDIUM This Month

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Pads Viewer
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2022-34290 MEDIUM This Month

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Pads Viewer
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2022-34288 MEDIUM This Month

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Pads Viewer
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2022-34287 MEDIUM This Month

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Pads Viewer
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2022-34285 MEDIUM This Month

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Pads Viewer
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2022-34283 MEDIUM This Month

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Pads Viewer
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2022-34282 MEDIUM This Month

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Pads Viewer
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2022-29602 MEDIUM PATCH This Month

The gridelements (aka Grid Elements) extension through 7.6.1, 8.x through 8.7.0, 9.x through 9.7.0, and 10.x through 10.2.0 extension for TYPO3 allows XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Grid Elements
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-33155 MEDIUM PATCH This Month

The ameos_tarteaucitron (aka AMEOS - TarteAuCitron GDPR cookie banner and tracking management / French RGPD compatible) extension before 1.2.23 for TYPO3 allows XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Ameos Tarteaucitron
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-33154 MEDIUM PATCH This Month

The schema (aka Embedding schema.org vocabulary) extension before 1.13.1 and 2.x before 2.5.1 for TYPO3 allows XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Schema
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-31655 MEDIUM PATCH This Month

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

VMware XSS Vrealize Log Insight
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-31654 MEDIUM PATCH This Month

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

VMware XSS Vrealize Log Insight
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-31598 MEDIUM This Month

Due to insufficient input validation, SAP Business Objects - version 420, allows an authenticated attacker to submit a malicious request through an allowed operation. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure Business Objects Business Intelligence Platform
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2022-31597 MEDIUM This Month

Within SAP S/4HANA - versions S4CORE 101, 102, 103, 104, 105, 106, SAPSCORE 127, the application business partner extension for Spain/Slovakia does not perform necessary authorization checks for a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP S 4Hana Sapscore
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-22682 MEDIUM This Month

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Event Management in Synology Calendar before 2.4.5-10930 allows remote authenticated users to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Synology XSS Calendar
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-32248 MEDIUM This Month

Due to missing input validation in the Manage Checkbooks component of SAP S/4HANA - version 101, 102, 103, 104, 105, 106, an attacker could insert or edit the value of an existing field in the. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Information Disclosure S 4Hana
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-33911 MEDIUM This Month

An issue was discovered in Couchbase Server 7.x before 7.0.4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Couchbase Server
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2022-33712 MEDIUM This Month

Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Camera
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-33707 MEDIUM This Month

Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Find My Mobile
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2022-2366 MEDIUM This Month

Incorrect default configuration for trusted IP header in Mattermost version 6.7.0 and earlier allows attacker to bypass some of the rate limitations in place or use manipulated IPs for audit logging. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Mattermost Mattermost Server
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-34464 MEDIUM PATCH This Month

A vulnerability has been identified in SICAM GridEdge (Classic) (All versions < V2.7.3). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity.

Path Traversal Information Disclosure Sicam Gridedge Essential Arm Sicam Gridedge Essential Gds Arm Sicam Gridedge Essential Gds Intel +1
NVD
CVSS 4.0
5.3
EPSS
0.4%
CVE-2022-33671 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2022-33669 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2022-33668 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2022-33664 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2022-33660 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2022-33659 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2022-33658 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2022-33654 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2022-33653 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2022-33652 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2022-33651 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2022-33650 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2022-33642 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2022-31134 MEDIUM This Month

Zulip is an open-source team collaboration tool. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zulip Server
NVD GitHub
CVSS 3.1
4.9
EPSS
0.9%
CVE-2022-33632 MEDIUM This Month

Microsoft Office Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Microsoft 365 Apps Office Office Long Term Servicing Channel
NVD
CVSS 3.1
4.7
EPSS
1.1%
CVE-2022-30212 MEDIUM This Month

Windows Connected Devices Platform Service Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +3
NVD
CVSS 3.1
4.7
EPSS
0.5%
CVE-2022-30187 MEDIUM PATCH This Month

Azure Storage Library Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7). No vendor patch available.

Microsoft Information Disclosure Azure Storage Blobs Azure Storage Queue
NVD
CVSS 3.1
4.7
EPSS
0.5%
CVE-2022-21845 MEDIUM This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7). No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
4.7
EPSS
0.7%
CVE-2022-33691 MEDIUM This Month

A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2022-32246 MEDIUM This Month

SAP Busines Objects Business Intelligence Platform (Visual Difference Application) - versions 420, 430, allows an authenticated attacker who has access to BI admin console to send crafted queries and. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi SAP Business Objects Business Intelligence Platform
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2022-31592 MEDIUM This Month

The application SAP Enterprise Extension Defense Forces & Public Security - versions 605, 606, 616,617,618, 802, 803, 804, 805, 806, does not perform necessary authorization checks for an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP Enterprise Extension Defense Forces Public Security
NVD
CVSS 3.1
4.3
EPSS
0.5%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy