Skip to main content
CVE-2022-33925 MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Wyse Management Suite
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-29090 MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains a Sensitive Data Exposure vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Wyse Management Suite
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-22411 MEDIUM PATCH This Month

IBM Spectrum Scale Data Access Services (DAS) 5.1.3.1 could allow an authenticated user to insert code which could allow the attacker to manipulate cluster resources due to excessive permissions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure IBM Spectrum Scale Data Access Services
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-20852 MEDIUM This Month

Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Webex Meetings
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-33929 MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in EndUserSummary page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell XSS Wyse Management Suite
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-20713 MEDIUM This Month

A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Cisco XSS Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
6.1
EPSS
1.3%
CVE-2022-20869 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Broadworks
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-36801 MEDIUM This Month

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting (RXSS) vulnerability in the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Atlassian XSS Jira Data Center Jira Server
NVD
CVSS 3.1
6.1
EPSS
64.9%
CVE-2022-22983 MEDIUM PATCH This Month

VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Information Disclosure VMware Workstation
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2022-2719 MEDIUM PATCH This Month

In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Extra Packages For Enterprise Linux Imagemagick Fedora
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-20357 MEDIUM PATCH This Month

In writeToParcel of SurfaceControl.cpp, there is a possible information disclosure due to uninitialized data. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20355 MEDIUM PATCH This Month

In get of PacProxyService.java, there is a possible system service crash due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Google Denial Of Service Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20353 MEDIUM PATCH This Month

In onSaveRingtone of DefaultRingtonePreference.java, there is a possible inappropriate file read due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20352 MEDIUM PATCH This Month

In addProviderRequestListener of LocationManagerService.java, there is a possible way to learn which packages request location information due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20350 MEDIUM PATCH This Month

In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to trick the victim to grant notification access to the wrong app due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-35697 MEDIUM PATCH This Month

Adobe Experience Manager Core Components version 2.20.6 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Adobe Web Content Management Core Components
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-20820 MEDIUM This Month

Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Webex Meetings
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-33931 MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Dell Wyse Management Suite
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2022-33924 MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to create rules could potentially exploit this vulnerability and. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Dell Wyse Management Suite
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2022-38133 MEDIUM This Month

In JetBrains TeamCity before 2022.04.3 the private SSH key could be written to the server log in some cases. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Teamcity
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2022-22490 MEDIUM PATCH This Month

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to obtain sensitive Azure bot credential information. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure IBM Path Traversal Robotic Process Automation +2
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2022-20914 MEDIUM This Month

A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to obtain sensitive information. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Identity Services Engine
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2022-31674 MEDIUM PATCH This Month

VMware vRealize Operations contains an information disclosure vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure VMware Vrealize Operations
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-20358 LOW PATCH Monitor

In startSync of AbstractThreadedSyncAdapter.java, there is a possible way to access protected content of content providers due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.2%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy