Skip to main content
CVE-2022-1919 HIGH This Week

Use after free in Codecs in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2022-30319 HIGH This Week

Saia Burgess Controls (SBC) PCD through 2022-05-06 allows Authentication bypass. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Saia Pg5 Controls Suite
NVD
CVSS 3.1
8.1
EPSS
0.7%
CVE-2022-1805 HIGH PATCH This Week

When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Tera2 Pcoip Zero Client Firmware
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2022-27611 HIGH This Week

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology Audio Station before 6.5.4-3367 allows remote authenticated users to. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Synology Audio Station
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2022-22685 HIGH This Week

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology WebDAV Server before 2.4.0-0062 allows remote authenticated users to. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Synology Webdav Server
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2022-27615 HIGH This Week

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology DNS Server before 2.2.2-5027 allows remote authenticated users to delete. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Synology Dns Server
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2022-37009 HIGH This Week

In JetBrains IntelliJ IDEA before 2022.2 local code execution via a Vagrant executable was possible. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Code Injection Intellij Idea
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-36985 HIGH PATCH This Week

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Privilege Escalation Flex Appliance Flex Scale Netbackup +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-30313 HIGH This Week

Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a Critical Function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Honeywell Safety Manager Firmware
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-27614 HIGH This Week

Exposure of sensitive information to an unauthorized actor vulnerability in web server in Synology Media Server before 1.8.1-2876 allows remote attackers to obtain sensitive information via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Synology Media Server
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-30316 MEDIUM This Month

Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Honeywell Denial Of Service Safety Manager Firmware
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2022-2553 MEDIUM PATCH This Month

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Booth Debian Linux Fedora
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-37000 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36999 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36998 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Denial Of Service Buffer Overflow Flex Appliance Flex Scale +2
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36996 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-36994 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-36991 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36990 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36987 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36984 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-2164 MEDIUM This Month

Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Chrome Fedora
NVD
CVSS 3.1
6.3
EPSS
0.5%
CVE-2022-27509 MEDIUM This Month

Unauthenticated redirection to a malicious website. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Gateway Application Delivery Controller Firmware
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-1948 MEDIUM This Month

An issue has been discovered in GitLab affecting all versions starting from 15.0 before 15.0.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab XSS
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2022-35882 MEDIUM This Month

Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in GS Plugins GS Testimonial Slider plugin <= 1.9.5 at WordPress. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Gs Testimonial Slider
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-30314 MEDIUM This Month

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Honeywell Safety Manager Firmware
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2022-30320 MEDIUM This Month

Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Saia Pg5 Controls Suite
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2022-2479 MEDIUM This Month

Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Chrome
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2022-36995 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2022-2165 MEDIUM This Month

Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Chrome Fedora
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2022-37010 LOW Monitor

In JetBrains IntelliJ IDEA before 2022.2 email address validation in the "Git User Name Is Not Defined" dialog was missed. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intellij Idea
NVD
CVSS 3.1
3.3
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy