Skip to main content
CVE-2022-37393 HIGH POC Act Now

Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Collaboration
NVD GitHub
CVSS 3.1
7.8
EPSS
1.7%
CVE-2022-2847 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in SourceCodester Guest Management System.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Guest Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-36599 CRITICAL POC Act Now

Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Mcms
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-36273 CRITICAL POC Act Now

Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac9 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.4%
CVE-2022-36272 CRITICAL POC Act Now

Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Mcms
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-35011 HIGH POC This Week

PNGDec commit 8abf6be was discovered to contain a global buffer overflow via inflate_fast at /src/inffast.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Pngdec
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-36310 HIGH POC This Week

Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker with SNMP write abilities to execute commands as root on. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Airvelocity 1500 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.3%
CVE-2022-36309 HIGH POC THREAT This Week

Airspan AirVelocity 1500 software versions prior to 15.18.00.2511 have a root command injection vulnerability in the ActiveBank parameter of the recoverySubmit.cgi script running on the eNodeB's web. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Airvelocity 1500 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
24.1%
CVE-2022-38238 HIGH POC This Week

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::lookChar() at /xpdf/Stream.cc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Xpdf
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-38237 HIGH POC This Week

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readScan() at /xpdf/Stream.cc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Xpdf
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-38236 HIGH POC This Week

XPDF commit ffaf11c was discovered to contain a global-buffer overflow via Lexer::getObj(Object*) at /xpdf/Lexer.cc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Xpdf
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-38231 HIGH POC This Week

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::getChar() at /xpdf/Stream.cc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Xpdf
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-38229 HIGH POC This Week

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Xpdf
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-38228 HIGH POC This Week

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Xpdf
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-38227 HIGH POC This Week

XPDF commit ffaf11c was discovered to contain a stack overflow via __asan_memcpy at asan_interceptors_memintrinsics.cpp. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Xpdf
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37781 HIGH POC This Week

fdkaac v1.0.3 was discovered to contain a heap buffer overflow via __interceptor_memcpy.part.46 at /sanitizer_common/sanitizer_common_interceptors.inc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Fdkaac
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36144 HIGH POC This Week

SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via base64_encode. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Swfmill
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36143 HIGH POC This Week

SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via __interceptor_strlen.part at /sanitizer_common/sanitizer_common_interceptors.inc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Swfmill
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36142 HIGH POC This Week

SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via SWF::Reader::getU30(). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Swfmill
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36139 HIGH POC This Week

SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via SWF::Writer::writeByte(unsigned char). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Swfmill
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-35003 HIGH POC This Week

JPEGDEC commit be4843c was discovered to contain a global buffer overflow via ucDitherBuffer at /src/jpeg.inl. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Jpegdec
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-34998 HIGH POC This Week

JPEGDEC commit be4843c was discovered to contain a global buffer overflow via JPEGDecodeMCU at /src/jpeg.inl. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Jpegdec
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-2833 HIGH POC PATCH This Week

Endless Infinite loop in Blender-thumnailing due to logical bugs. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Blender
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-2832 HIGH POC PATCH This Week

A flaw was found in Blender 3.3.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Blender
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-2831 HIGH POC PATCH This Week

A flaw was found in Blender 3.3.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Blender
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-24950 HIGH POC PATCH This Week

A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.

Race Condition Information Disclosure Eternal Terminal
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-24949 HIGH POC PATCH This Week

A privilege escalation to root exists in Eternal Terminal prior to version 6.2.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.

Race Condition Privilege Escalation Buffer Overflow Eternal Terminal
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-24951 HIGH POC This Week

A race condition exists in Eternal Terminal prior to version 6.2.0 which allows a local attacker to hijack Eternal Terminal's IPC socket, enabling access to Eternal Terminal clients which attempt to. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Eternal Terminal
NVD GitHub
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-35486 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6badae. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35485 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x703969. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35484 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35483 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x5266a8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35482 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x65f724. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35481 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35479 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbbb6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35478 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6babea. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35477 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe954. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35476 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbc0b. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35475 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41a8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35474 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b544e. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35473 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe9a7. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35472 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a global overflow via /release-x64/otfccdump+0x718693. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35471 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41b0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35470 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x65fc97. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35469 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a segmentation violation via /x86_64-linux-gnu/libc.so.6+0xbb384. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35468 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e420d. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35467 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41b8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35466 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0473. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35465 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0414. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35464 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6171b2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy