Skip to main content
CVE-2022-2728 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Gym Management System. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Gym Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-2727 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Gym Management System. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Gym Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-2724 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Employee Management System. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Employee Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-2723 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Employee Management System. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Employee Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-2722 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Simple Student Information System and classified as critical.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple Student Information System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-2715 CRITICAL POC Act Now

A vulnerability has been found in SourceCodester Employee Management System and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Employee Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-25907 CRITICAL POC PATCH Act Now

The package ts-deepmerge before 2.0.2 are vulnerable to Prototype Pollution due to missing sanitization of the merge function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Prototype Pollution Typescript Deep Merge
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-2732 HIGH POC PATCH This Week

Missing Authorization in GitHub repository openemr/openemr prior to 7.0.0.1. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Openemr
NVD GitHub
CVSS 3.1
8.3
EPSS
0.7%
CVE-2022-2730 MEDIUM POC PATCH This Month

Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Openemr
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-2733 MEDIUM POC PATCH THREAT This Month

Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Openemr
NVD GitHub
CVSS 3.1
6.1
EPSS
95.8%
CVE-2022-2731 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Openemr
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-34715 CRITICAL Act Now

Windows Network File System Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Code Injection Windows Server 2022
NVD
CVSS 3.1
9.8
EPSS
80.1%
CVE-2022-30133 CRITICAL Act Now

Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Windows 10 Windows 11 Windows 7 +6
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2022-2726 CRITICAL Act Now

A vulnerability classified as critical has been found in SEMCMS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Semcms
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2022-33649 CRITICAL Act Now

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Google Edge Chromium
NVD
CVSS 3.1
9.6
EPSS
1.9%
CVE-2022-2734 MEDIUM POC PATCH This Month

Improper Restriction of Rendered UI Layers or Frames in GitHub repository openemr/openemr prior to 7.0.0.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Openemr
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-2729 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - DOM in GitHub repository openemr/openemr prior to 7.0.0.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Openemr
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-35827 HIGH This Week

Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Visual Studio Visual Studio 2017 Visual Studio 2019 Visual Studio 2022
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2022-35826 HIGH This Week

Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Visual Studio Visual Studio 2017 Visual Studio 2019 Visual Studio 2022
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2022-35825 HIGH This Week

Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Visual Studio Visual Studio 2017 Visual Studio 2019 Visual Studio 2022
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2022-35804 HIGH This Week

SMB Client and Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Windows 11
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2022-35777 HIGH This Week

Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Visual Studio Visual Studio 2017 Visual Studio 2019 +1
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2022-34717 HIGH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE 365 Apps Office Office Long Term Servicing Channel
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2022-34691 HIGH This Week

Active Directory Domain Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Windows 10 Windows 11 Windows 7 Windows 8 1 +6
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2022-30573 HIGH This Week

The ftlserver component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, TIBCO FTL - Enterprise Edition, and TIBCO FTL - Enterprise Edition contains an easily. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Ftl
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-33636 HIGH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Race Condition Google RCE Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.1%
CVE-2022-35802 HIGH This Week

Azure Site Recovery Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure Site Recovery
NVD
CVSS 3.1
8.1
EPSS
1.6%
CVE-2022-35794 HIGH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft RCE Windows 10 Windows 11 Windows Server 2016 +2
NVD
CVSS 3.1
8.1
EPSS
1.5%
CVE-2022-35767 HIGH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Code Injection Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.4%
CVE-2022-35766 HIGH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Code Injection Windows 10 Windows 11 +3
NVD
CVSS 3.1
8.1
EPSS
1.4%
CVE-2022-34714 HIGH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Code Injection Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.6%
CVE-2022-34702 HIGH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Race Condition RCE Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2022-24516 HIGH This Week

Microsoft Exchange Server Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Exchange Server
NVD
CVSS 3.1
8.0
EPSS
1.8%
CVE-2022-24477 HIGH This Week

Microsoft Exchange Server Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Exchange Server
NVD
CVSS 3.1
8.0
EPSS
1.7%
CVE-2022-21980 HIGH This Week

Microsoft Exchange Server Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Exchange Server
NVD
CVSS 3.1
8.0
EPSS
2.0%
CVE-2022-35820 HIGH This Week

Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-35806 HIGH This Week

Azure RTOS GUIX Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Azure Real Time Operating System Guix Studio
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-35795 HIGH This Week

Windows Error Reporting Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-35792 HIGH This Week

Storage Spaces Direct Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Windows 10 Windows 11 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-35779 HIGH This Week

Azure RTOS GUIX Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Code Injection Azure Real Time Operating System Guix Studio
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-35773 HIGH This Week

Azure RTOS GUIX Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Azure Real Time Operating System Guix Studio
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-35771 HIGH This Week

Windows Defender Credential Guard Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows 11 Windows Server 2016 +2
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-35768 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-35765 HIGH This Week

Storage Spaces Direct Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Windows 10 Windows Server 2016 Windows Server 2019 Windows Server 2022
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-35764 HIGH This Week

Storage Spaces Direct Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Windows 10 Windows Server 2016 Windows Server 2019 Windows Server 2022
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-35763 HIGH This Week

Storage Spaces Direct Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Windows 10 Windows Server 2016 Windows Server 2019 Windows Server 2022
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-35762 HIGH This Week

Storage Spaces Direct Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Windows 10 Windows Server 2016 Windows Server 2019 Windows Server 2022
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-35761 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows 11 Windows Server 2016 +2
NVD
CVSS 3.1
7.8
EPSS
4.0%
CVE-2022-35760 HIGH This Week

Microsoft ATA Port Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-34713 HIGH KEV PATCH THREAT This Week

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
68.0%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy