Skip to main content
CVE-2022-28677 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-28676 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-28675 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-28674 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-28673 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-28672 HIGH POC This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2022-28671 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-28670 HIGH This Week

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-28669 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-34902 HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Parallels Access
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-34901 HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Parallels Access
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-34900 HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.3 (39313) Agent. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE OpenSSL Parallels Access
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-34899 HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Parallels Access
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-34892 HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Race Condition RCE Parallels Desktop
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-34891 HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Parallels Desktop
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-32387 HIGH PATCH This Week

In Kentico before 13.0.66, attackers can achieve Denial of Service via a crafted request to the GetResource handler. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Xperience
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-23745 HIGH This Week

A potential memory corruption issue was found in Capsule Workspace Android app (running on GrapheneOS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Capsule Workspace
NVD
CVSS 3.1
7.5
EPSS
14.9%
CVE-2022-30627 HIGH This Week

This vulnerability affects all of the company's products that also include the FW versions: update_i90_cv2.021_b20210104, update_i50_v1.0.55_b20200509, update_x6_v2.1.2_b202001127,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass P5E Gnss Firmware
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2022-30626 HIGH This Week

Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access point on the component, and a password in clear text. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure P5E Gnss Firmware
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2022-30624 HIGH This Week

Browsing the admin.html page allows the user to reset the admin password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass P5E Gnss Firmware
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2022-36127 HIGH PATCH This Week

A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Skywalking Nodejs Agent
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2021-42923 HIGH This Week

ShowMyPC 3606 on Windows suffers from a DLL hijack vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Showmypc
NVD VulDB
CVSS 3.1
7.3
EPSS
0.2%
CVE-2022-26118 MEDIUM PATCH This Month

A privilege chaining vulnerability [CWE-268] in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 through 6.4.7, 7.0.0 through 7.0.3 may allow a local and authenticated attacker with a restricted. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Fortianalyzer Fortimanager
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2022-2108 MEDIUM PATCH This Month

The plugin Wbcom Designs - BuddyPress Group Reviews for WordPress is vulnerable to unauthorized settings changes and review modification due to missing capability checks and improper nonce checks in. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Buddypress Group Reviews
NVD VulDB
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-22445 MEDIUM This Month

An attacker that gains service access to the FSP (POWER9 only) or gains admin authority to a partition can compromise partition firmware. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Powervm Hypervisor
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-30621 MEDIUM This Month

Allows a remote user to read files on the camera's OS "GetFileContent.cgi". Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cellinx Nvt Ip Ptz Camera Firmware
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-28681 MEDIUM This Month

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Pdf Editor Pdf Reader
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2022-23438 MEDIUM This Month

An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in FortiOS version 7.0.5 and prior and 6.4.9 and prior may allow an unauthenticated. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Fortinet XSS Fortios
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-22304 MEDIUM This Month

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAuthenticator OWA Agent for Microsoft version 2.2 and 2.1 may allow an unauthenticated attacker to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft XSS Fortiauthenticator Agent For Microsoft Outlook Web Access
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-2117 MEDIUM This Month

The GiveWP plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to, and including, 2.20.2 via the /donor-wall REST-API endpoint which provides unauthenticated users. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure WordPress Givewp
NVD VulDB
CVSS 3.1
5.3
EPSS
0.8%
CVE-2022-2224 MEDIUM PATCH This Month

The WordPress plugin Gallery for Social Photo is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.0.0.27 due to failure to properly check for the existence of a nonce in. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Gallery For Social Photo
NVD VulDB
CVSS 3.1
5.4
EPSS
0.1%
CVE-2022-2223 MEDIUM PATCH This Month

The WordPress plugin Image Slider is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1.121 due to failure to properly check for the existence of a nonce in the function. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Image Slider
NVD VulDB
CVSS 3.1
5.4
EPSS
0.1%
CVE-2022-23142 MEDIUM This Month

ZXEN CG200 has a DoS vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zxen Cg200 Firmware
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-30625 MEDIUM This Month

Directory listing is a web server function that displays the directory contents when there is no index file in a specific website directory. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure P5E Gnss Firmware
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2022-34875 LOW Monitor

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Pdf Editor Pdf Reader
NVD
CVSS 3.1
3.3
EPSS
0.8%
CVE-2022-34874 LOW Monitor

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.2.53575. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Pdf Editor Pdf Reader
NVD
CVSS 3.1
3.3
EPSS
0.9%
CVE-2022-34873 LOW Monitor

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Pdf Editor Pdf Reader
NVD
CVSS 3.1
3.3
EPSS
0.9%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy