Skip to main content
CVE-2022-34114 HIGH POC PATCH This Week

Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Dataease
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-0980 HIGH POC This Week

Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-0979 HIGH POC This Week

Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-0978 HIGH POC This Week

Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-31163 HIGH POC PATCH This Week

TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Path Traversal Tzinfo Debian Linux
NVD GitHub
CVSS 3.1
8.1
EPSS
1.8%
CVE-2022-2493 HIGH POC PATCH This Week

Data Access from Outside Expected Data Manager Component in GitHub repository openemr/openemr prior to 7.0.0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Openemr
NVD GitHub
CVSS 3.1
8.1
EPSS
0.9%
CVE-2022-33901 HIGH POC This Week

Unauthenticated Arbitrary File Read vulnerability in MultiSafepay plugin for WooCommerce plugin <= 4.13.1 at WordPress. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure WordPress Path Traversal Multisafepay Plugin For Woocommerce
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2022-34037 HIGH POC This Week

An out-of-bounds read in the rewrite function at /modules/caddyhttp/rewrite/rewrite.go in Caddy v2.5.1 allows attackers to cause a Denial of Service (DoS) via a crafted URI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Denial Of Service Buffer Overflow Caddy
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-33960 HIGH PATCH This Week

Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

WordPress SQLi Social Share Buttons
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-30998 HIGH This Week

Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress SQLi Homepage Product Organizer For Woocommerce
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-27235 HIGH PATCH This Week

Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

WordPress Privilege Escalation Social Share Buttons
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-31168 HIGH PATCH This Week

Zulip is an open source team chat tool. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Zulip
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-2327 HIGH PATCH This Week

io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Information Disclosure Use After Free Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-28879 HIGH This Week

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aepack.dll component can crash the scanning engine. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Elements Endpoint Protection Atlant Cloud Protection For Salesforce Elements Collaboration Protection +3
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-28878 HIGH This Week

A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed APK file it is possible that can crash the scanning engine. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Elements Endpoint Protection Atlant Cloud Protection For Salesforce Elements Collaboration Protection +3
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-2138 HIGH This Week

The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Authentication Bypass Information Disclosure Iview
NVD
CVSS 3.1
7.5
EPSS
10.9%
CVE-2022-2135 HIGH This Week

The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Iview
NVD
CVSS 3.1
7.5
EPSS
10.1%
CVE-2022-31172 HIGH PATCH This Week

OpenZeppelin Contracts is a library for smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-31170 HIGH PATCH This Week

OpenZeppelin Contracts is a library for smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-31169 HIGH PATCH This Week

Wasmtime is a standalone runtime for WebAssembly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Cranelift Codegen Wasmtime
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-31164 HIGH PATCH This Week

Tovy is a a staff management system for Roblox groups. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Tovy
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-31162 HIGH PATCH This Week

Slack Morphism is an async client library for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Slack Morphism
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-20912 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20911 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20910 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +4
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20904 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20903 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20902 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20901 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20900 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20899 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20898 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20897 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20896 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20895 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20894 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20893 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20892 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Rv215W Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy