Skip to main content
CVE-2022-26481 HIGH POC This Week

An issue was discovered in Poly Studio before 3.7.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Studio X30 Firmware Studio X70 Firmware G7500 Firmware Studio X50 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2022-1672 HIGH POC This Week

The Insights from Google PageSpeed WordPress plugin before 4.0.7 does not verify for CSRF before doing various actions such as deleting Custom URLs, which could allow attackers to make a logged in. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google CSRF WordPress Insights From Google Pagespeed
NVD WPScan
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-31213 HIGH POC PATCH This Week

An issue was discovered in dbus-broker before 31. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Dbus Broker
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2022-31212 HIGH POC PATCH This Week

An issue was discovered in dbus-broker before 31. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Dbus Broker
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2022-26482 HIGH POC THREAT This Week

An issue was discovered in Poly EagleEye Director II before 2.2.2.1. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Eagleeye Director Ii Firmware
NVD
CVSS 3.1
7.2
EPSS
22.3%
CVE-2022-31208 HIGH This Week

An issue was discovered in Infiray IRAY-A8Z3 1.0.957. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Iray A8Z3 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2022-30981 HIGH This Week

An issue was discovered in Gentics CMS before 5.43.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Java RCE Gentics Cms
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2022-30550 HIGH PATCH This Week

An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Privilege Escalation Authentication Bypass Dovecot Debian Linux
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2022-32320 HIGH This Week

A Cross-Site Request Forgery (CSRF) in Ferdi through 5.8.1 and Ferdium through 6.0.0-nightly.98 allows attackers to read files via an uploaded file such as a settings/preferences file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Ferdium Ferdi
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-27933 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
8.2
EPSS
0.9%
CVE-2022-26656 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
8.2
EPSS
1.0%
CVE-2022-28809 HIGH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Buffer Overflow Drawings Sdk
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-28808 HIGH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Drawings Sdk
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-28807 HIGH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2023.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Drawings Sdk
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-35861 HIGH PATCH This Week

pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the current working directory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Python Path Traversal Pyenv
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-33903 HIGH PATCH This Week

Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the wedging of RTT estimation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Tor
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-32263 HIGH This Week

Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-29286 HIGH This Week

Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27937 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27936 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27935 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27934 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27932 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27931 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27929 HIGH This Week

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27928 HIGH This Week

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-26657 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-26655 HIGH This Week

Pexip Infinity 27.x before 27.3 has Improper Input Validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-26654 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-30622 HIGH This Week

Disclosure of information - the system allows you to view usernames and passwords without permissions, thus it will be possible to enter the system. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass P5E Gnss Firmware
NVD
CVSS 3.1
7.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy