Skip to main content
CVE-2022-32119 HIGH POC This Week

Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP School Erp Pro
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
2.0%
CVE-2022-2420 HIGH POC This Week

A vulnerability was found in URVE Web Manager. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Urve Web Manager
NVD GitHub VulDB
CVSS 3.1
8.0
EPSS
1.1%
CVE-2022-2419 HIGH POC THREAT This Week

A vulnerability was found in URVE Web Manager. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Urve Web Manager
NVD GitHub VulDB
CVSS 3.1
8.0
EPSS
12.8%
CVE-2022-2418 HIGH POC This Week

A vulnerability was found in URVE Web Manager. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Urve Web Manager
NVD GitHub VulDB
CVSS 3.1
8.0
EPSS
1.1%
CVE-2022-32434 HIGH POC This Week

EIPStackGroup OpENer v2.3.0 was discovered to contain a stack overflow via /bin/posix/src/ports/POSIX/OpENer+0x56073d. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Opener
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-30634 HIGH POC PATCH This Week

Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Microsoft Go Cloud Insights Telegraf Agent
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2022-25891 HIGH POC PATCH This Week

The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are vulnerable to Denial of Service (DoS) via the util.PartitionMessage function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Shoutrrr
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-25858 HIGH POC PATCH This Week

The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Terser
NVD GitHub
CVSS 3.1
7.5
EPSS
3.0%
CVE-2022-30243 HIGH This Week

Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Alterton Visual Logic Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.7%
CVE-2022-31097 HIGH PATCH This Week

Grafana is an open-source platform for monitoring and observability. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Grafana E Series Performance Analyzer
NVD GitHub
CVSS 3.1
8.7
EPSS
68.6%
CVE-2022-30244 HIGH This Week

Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Alerton Ascent Control Module Firmware
NVD GitHub
CVSS 3.1
8.0
EPSS
1.4%
CVE-2022-34251 HIGH This Week

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Memory Corruption RCE Buffer Overflow Incopy
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-34250 HIGH This Week

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Buffer Overflow Heap Overflow Incopy
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-34249 HIGH This Week

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Buffer Overflow Heap Overflow Incopy
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-34247 HIGH This Week

Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Memory Corruption RCE Buffer Overflow Indesign
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-34246 HIGH This Week

Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Buffer Overflow Heap Overflow Indesign
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-34245 HIGH This Week

Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Buffer Overflow Heap Overflow Indesign
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-34243 HIGH This Week

Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Denial Of Service +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-34242 HIGH PATCH This Week

Adobe Character Animator version 4.4.7 (and earlier) and 22.4 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe Buffer Overflow Information Disclosure Character Animator
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-34241 HIGH PATCH This Week

Adobe Character Animator version 4.4.7 (and earlier) and 22.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe RCE Buffer Overflow Heap Overflow Character Animator
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-34230 HIGH This Week

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2022-34229 HIGH This Week

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
7.8
EPSS
3.5%
CVE-2022-34228 HIGH This Week

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Adobe Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2022-34226 HIGH This Week

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Buffer Overflow Information Disclosure Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
7.8
EPSS
4.9%
CVE-2022-34225 HIGH This Week

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2022-34223 HIGH This Week

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
7.8
EPSS
3.5%
CVE-2022-34222 HIGH This Week

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Buffer Overflow Information Disclosure Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2022-34221 HIGH This Week

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Resource Using Incompatible Type ('Type Confusion'). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Adobe Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
7.8
EPSS
10.8%
CVE-2022-34220 HIGH This Week

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
7.8
EPSS
4.2%
CVE-2022-34219 HIGH This Week

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
7.8
EPSS
6.1%
CVE-2022-34217 HIGH This Week

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Memory Corruption RCE Buffer Overflow Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2022-34216 HIGH This Week

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
7.8
EPSS
6.1%
CVE-2022-34215 HIGH This Week

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Buffer Overflow Information Disclosure Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2022-31158 HIGH PATCH This Week

LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Lti 1 3 Tool Library
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-31157 HIGH PATCH This Week

LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Lti 1 3 Tool Library
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-23141 HIGH This Week

ZXMP M721 has an information leak vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zxmp M721 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-31107 HIGH PATCH This Week

Grafana is an open-source platform for monitoring and observability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Grafana E Series Performance Analyzer
NVD GitHub
CVSS 3.1
7.5
EPSS
2.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy