Skip to main content
CVE-2022-2767 MEDIUM POC This Month

A vulnerability classified as problematic has been found in SourceCodester Online Admission System. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Online Admission System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-2777 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Microweber
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-20382 MEDIUM This Month

In (TBD) of (TBD), there is a possible out of bounds write due to kernel stack overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-20379 MEDIUM This Month

In lwis_buffer_alloc of lwis_buffer.c, there is a possible arbitrary code execution due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Google Privilege Escalation Memory Corruption RCE +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-20377 MEDIUM This Month

In TBD of keymaster_ipc.cpp, there is a possible to force gatekeeper, fingerprint, and faceauth to use a known HMAC key. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-20376 MEDIUM This Month

In trusty_log_seq_start of trusty-log.c, there is a possible use after free due to improper locking. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Denial Of Service Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-20372 MEDIUM This Month

In exynos5_i2c_irq of (TBD), there is a possible out of bounds write due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Google Privilege Escalation Memory Corruption Buffer Overflow +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-20369 MEDIUM PATCH This Month

In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Google Privilege Escalation Buffer Overflow Android +1
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20367 MEDIUM This Month

In construct_transaction of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-20366 MEDIUM This Month

In ioctl_dpm_clk_update of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-20158 MEDIUM PATCH This Month

In bdi_put and bdi_unregister of backing-dev.c, there is a possible memory corruption due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Denial Of Service Google Privilege Escalation Memory Corruption Buffer Overflow +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-20373 MEDIUM This Month

In st21nfc_loc_set_polaritymode of fc/st21nfc.c, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Race Condition Denial Of Service Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-20371 MEDIUM This Month

In dm_bow_dtr and related functions of dm-bow.c, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Denial Of Service Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-28755 MEDIUM This Month

The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptible to a URL parsing vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Google Apple RCE Virtual Desktop Infrastructure +1
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-2773 MEDIUM This Month

A vulnerability was found in SourceCodester Apartment Visitor Management System. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Apartment Visitors Management System
NVD VulDB
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-2768 MEDIUM This Month

A vulnerability classified as problematic was found in SourceCodester Library Management System. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Library Management System
NVD VulDB
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-2748 MEDIUM This Month

A vulnerability was found in SourceCodester Simple Online Book Store System. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Simple Online Book Store System
NVD VulDB
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-35678 MEDIUM This Month

Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Adobe Buffer Overflow Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
5.5
EPSS
2.5%
CVE-2022-35671 MEDIUM This Month

Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Adobe Buffer Overflow Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
5.5
EPSS
2.5%
CVE-2022-35670 MEDIUM This Month

Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Adobe Use After Free Acrobat Dc +3
NVD
CVSS 3.1
5.5
EPSS
2.4%
CVE-2022-35668 MEDIUM This Month

Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an Improper Input Validation vulnerability that could lead to. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Adobe Acrobat Dc Acrobat Reader Dc Acrobat +1
NVD
CVSS 3.1
5.5
EPSS
4.1%
CVE-2022-34264 MEDIUM PATCH This Month

Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Adobe Buffer Overflow Framemaker
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-34262 MEDIUM PATCH This Month

Adobe Illustrator versions 26.3.1 (and earlier) and 25.4.6 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Adobe Buffer Overflow Illustrator
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-34261 MEDIUM PATCH This Month

Adobe Illustrator versions 26.3.1 (and earlier) and 25.4.6 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Adobe Buffer Overflow Illustrator
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-20242 MEDIUM This Month

In Telephony, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-28754 MEDIUM This Month

Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 contains an improper access control vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Meeting Connector
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-28753 MEDIUM This Month

Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 contains an improper access control vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Meeting Connector
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-2769 MEDIUM This Month

A vulnerability, which was classified as problematic, has been found in SourceCodester Company Website CMS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Company Website Cms
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-2776 MEDIUM This Month

A vulnerability classified as problematic has been found in SourceCodester Gym Management System. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service PHP Gym Management System
NVD VulDB
CVSS 3.1
5.3
EPSS
0.5%
CVE-2022-20243 MEDIUM This Month

In Core Utilities, there is a possible log information disclosure. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy