Skip to main content
CVE-2022-33138 HIGH PATCH This Week

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3),. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Simatic Mv540 H Firmware Simatic Mv540 S Firmware Simatic Mv550 H Firmware Simatic Mv550 S Firmware +2
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-31257 HIGH PATCH This Week

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Mendix
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-30938 HIGH PATCH This Week

A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow En100 Ethernet Module Dnp3 Ip Firmware En100 Ethernet Module Iec 104 Firmware En100 Ethernet Module Iec 61850 Firmware +2
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-29884 HIGH PATCH This Week

A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < CPC80 V16.30), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions < CPC80 V16.30), CP-8021 MASTER. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Sicam A8000 Cp 8000 Firmware Sicam A8000 Cp 8021 Firmware Sicam A8000 Cp 8022 Firmware
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-30209 HIGH This Week

Windows IIS Server Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.4
EPSS
2.4%
CVE-2022-30203 HIGH This Week

Windows Boot Manager Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.4
EPSS
1.5%
CVE-2022-22040 HIGH This Week

Internet Information Services Dynamic Compression Module Denial of Service Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Windows 10 Windows 11 Windows 7 Windows 8 1 +6
NVD
CVSS 3.1
7.3
EPSS
1.4%
CVE-2022-31012 HIGH This Week

Git for Windows is a fork of Git that contains Windows-specific patches. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Git
NVD GitHub
CVSS 3.1
7.3
EPSS
0.4%
CVE-2022-33678 HIGH This Week

Azure Site Recovery Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Azure Site Recovery
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2022-33677 HIGH This Week

Azure Site Recovery Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2022-33676 HIGH This Week

Azure Site Recovery Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Azure Site Recovery
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2022-33633 HIGH This Week

Skype for Business and Lync Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Lync Server Skype For Business
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2022-29560 HIGH PATCH This Week

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < 2.15.1), RUGGEDCOM ROX MX5000RE (All versions < 2.15.1), RUGGEDCOM ROX RX1400 (All versions < 2.15.1), RUGGEDCOM ROX RX1500. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Ruggedcom Rox Rx1500 Firmware Ruggedcom Rox Rx1501 Firmware Ruggedcom Rox Rx1510 Firmware Ruggedcom Rox Rx1511 Firmware +7
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2022-30226 HIGH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.1
EPSS
0.7%
CVE-2022-30225 HIGH This Week

Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.1
EPSS
0.6%
CVE-2022-22022 HIGH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2022-33644 HIGH This Week

Xbox Live Save Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Windows 10
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-30224 HIGH This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2022-30202 HIGH This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.0
EPSS
4.4%
CVE-2022-22036 HIGH This Week

Performance Counters for Windows Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2022-22041 MEDIUM This Month

Windows Print Spooler Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 8 1 +5
NVD
CVSS 3.1
6.8
EPSS
2.3%
CVE-2022-30214 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
6.6
EPSS
1.0%
CVE-2022-30205 MEDIUM This Month

Windows Group Policy Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +8
NVD
CVSS 3.1
6.6
EPSS
1.1%
CVE-2022-22023 MEDIUM This Month

Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
6.6
EPSS
0.6%
CVE-2022-33673 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2022-33672 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2022-33667 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2022-33666 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2022-33665 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2022-33663 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2022-33662 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2022-33661 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2022-33657 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2022-33656 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2022-33655 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
6.5
EPSS
1.9%
CVE-2022-33643 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2022-33641 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery Vmware To Azure
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2022-33637 MEDIUM This Month

Microsoft Defender for Endpoint Tampering Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Defender For Endpoint
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2022-30208 MEDIUM This Month

Windows Security Account Manager (SAM) Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
6.5
EPSS
2.4%
CVE-2022-30181 MEDIUM This Month

Azure Site Recovery Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2022-22042 MEDIUM This Month

Windows Hyper-V Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +6
NVD
CVSS 3.1
6.5
EPSS
2.5%
CVE-2022-2211 MEDIUM This Month

A vulnerability was found in libguestfs. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Libguestfs Enterprise Linux
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-29619 MEDIUM This Month

Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x - versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn't own and which would. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP Businessobjects Business Intelligence Platform
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-29901 MEDIUM This Month

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

RCE Intel Information Disclosure Core I7 6500U Firmware Core I7 6510U Firmware +127
NVD
CVSS 3.1
6.5
EPSS
4.9%
CVE-2022-29900 MEDIUM This Month

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

RCE Debian Linux Fedora Xen Athlon X4 750 Firmware +122
NVD
CVSS 3.1
6.5
EPSS
3.8%
CVE-2022-34741 MEDIUM This Month

The NFC module has a buffer overflow vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Emui Harmonyos Magic Ui
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-34740 MEDIUM This Month

The NFC module has a buffer overflow vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Emui Harmonyos Magic Ui
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-34467 MEDIUM PATCH This Month

A vulnerability has been identified in Mendix Excel Importer Module (Mendix 8 compatible) (All versions < V9.2.2), Mendix Excel Importer Module (Mendix 9 compatible) (All versions < V10.1.2). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Code Injection Excel Importer
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-34466 MEDIUM PATCH This Month

A vulnerability has been identified in Mendix Applications using Mendix 9 (All versions >= V9.11 < V9.15), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.3). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Mendix
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-31904 MEDIUM This Month

EGT-Kommunikationstechnik UG Mediacenter before v2.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Online_Update.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Mediacenter
NVD VulDB
CVSS 3.1
6.1
EPSS
0.6%
Prev Page 3 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy