Skip to main content
CVE-2022-2160 MEDIUM POC This Month

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Information Disclosure Microsoft Race Condition Chrome +1
NVD VulDB
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-36752 MEDIUM POC PATCH This Month

png2webp v1.0.4 was discovered to contain an out-of-bounds write via the function w2p. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Png2Webp
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-34556 MEDIUM POC This Month

PicoC v3.2.2 was discovered to contain a NULL pointer dereference at variable.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Picoc
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-34009 MEDIUM POC This Month

Fossil 2.18 on Windows allows attackers to cause a denial of service (daemon crash) via an XSS payload in a ticket. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft XSS Denial Of Service Fossil
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-29360 MEDIUM POC This Month

The Email Viewer in RainLoop through 1.6.0 allows XSS via a crafted email message. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Webmail
NVD
CVSS 3.1
5.4
EPSS
1.1%
CVE-2022-34140 MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Feehi Cms
NVD GitHub Exploit-DB
CVSS 3.1
5.4
EPSS
3.6%
CVE-2022-34580 MEDIUM POC This Month

Advanced School Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the address parameter at ip/school/index.php. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced School Management System
NVD GitHub
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-30316 MEDIUM This Month

Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Honeywell Denial Of Service Safety Manager Firmware
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2022-2553 MEDIUM PATCH This Month

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Booth Debian Linux Fedora
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-37000 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36999 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36998 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Denial Of Service Buffer Overflow Flex Appliance Flex Scale +2
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36996 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-36994 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-36991 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36990 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36987 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36984 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-2164 MEDIUM This Month

Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Chrome Fedora
NVD
CVSS 3.1
6.3
EPSS
0.5%
CVE-2022-27509 MEDIUM This Month

Unauthenticated redirection to a malicious website. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Gateway Application Delivery Controller Firmware
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-1948 MEDIUM This Month

An issue has been discovered in GitLab affecting all versions starting from 15.0 before 15.0.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab XSS
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2022-35882 MEDIUM This Month

Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in GS Plugins GS Testimonial Slider plugin <= 1.9.5 at WordPress. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Gs Testimonial Slider
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-30314 MEDIUM This Month

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Honeywell Safety Manager Firmware
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2022-30320 MEDIUM This Month

Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Saia Pg5 Controls Suite
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2022-2479 MEDIUM This Month

Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Chrome
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2022-36995 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2022-2165 MEDIUM This Month

Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Chrome Fedora
NVD
CVSS 3.1
4.3
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy