Skip to main content
CVE-2022-2813 HIGH This Week

A vulnerability, which was classified as problematic, was found in SourceCodester Guest Management System. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Guest Management System
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-36007 LOW POC PATCH Monitor

Venice is a Clojure inspired sandboxed Lisp dialect with excellent Java interoperability. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Path Traversal Java Venice
NVD GitHub
CVSS 3.1
3.3
EPSS
0.4%
CVE-2022-35822 HIGH This Week

Windows Defender Credential Guard Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Windows 10 Windows 11 Windows Server 2016 +2
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2022-35961 MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-38190 MEDIUM This Month

A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS configurable apps may allow a remote, unauthenticated attacker to pass and store malicious strings via crafted queries. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Portal For Arcgis
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-38188 MEDIUM This Month

There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1 which may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Portal For Arcgis
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-38186 MEDIUM This Month

There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.8.1 and below which may allow a remote attacker able to convince a user to click on a crafted link which could potentially. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Portal For Arcgis
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-38191 MEDIUM This Month

There is an HTML injection issue in Esri Portal for ArcGIS versions 10.9.0 and below which may allow a remote, authenticated attacker to inject HTML into some locations in the home application. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Portal For Arcgis
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-33993 MEDIUM This Month

Misinterpretation of special domain name characters in DNRD (aka Domain Name Relay Daemon) 2.20.3 leads to cache poisoning because domain names and their associated IP addresses are cached in their. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Domain Name Relay Daemon
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-35954 MEDIUM PATCH This Month

The GitHub Actions ToolKit provides a set of packages to make creating actions easier. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Toolkit
NVD GitHub
CVSS 3.1
5.0
EPSS
0.6%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy