Skip to main content
CVE-2022-20900 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20899 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20898 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20897 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20896 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20895 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20894 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20893 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20892 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20909 MEDIUM This Month

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20908 MEDIUM This Month

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20907 MEDIUM This Month

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20906 MEDIUM This Month

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-2136 MEDIUM This Month

The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Iview
NVD
CVSS 3.1
6.5
EPSS
9.0%
CVE-2022-1655 MEDIUM This Month

An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Red Hat Openstack
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-20913 MEDIUM This Month

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2022-2511 MEDIUM This Month

Cross-site Scripting (XSS) vulnerability in the "commonuserinterface" component of BlueSpice allows an attacker to inject arbitrary HTML into a page using the title parameter of the call URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Bluespice
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-2510 MEDIUM This Month

Cross-site Scripting (XSS) vulnerability in "Extension:ExtendedSearch" of Hallo Welt!. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Bluespice
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-20916 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco IoT Control Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Iot Control Center
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-2142 MEDIUM This Month

The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

SQLi Iview
NVD
CVSS 3.1
5.9
EPSS
0.8%
CVE-2022-34853 MEDIUM This Month

Multiple Authenticated (contributor or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Team
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-34650 MEDIUM This Month

Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Team
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-33191 MEDIUM This Month

Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Chinmoy Paul's Testimonials plugin <= 3.0.1 at WordPress. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Testimonials
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-2137 MEDIUM This Month

The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Iview
NVD
CVSS 3.1
4.9
EPSS
0.8%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy