Skip to main content
CVE-2022-35463 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0478. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35462 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0bc3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35461 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0a32. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35460 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x61731f. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35459 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e412a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35458 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b05ce. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35456 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x617087. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35455 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0d63. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35454 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b05aa. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35453 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c08a6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35452 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0b2c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35451 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b03b5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35450 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b84b1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35449 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0466. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35448 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b55af. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35447 MEDIUM POC This Month

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b04de. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Otfcc
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35433 MEDIUM POC This Month

ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291 was discovered to contain a memory leak via /src/jfif.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ffjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-35100 MEDIUM POC This Month

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via gfxline_getbbox at /lib/gfxtools.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Swftools
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-35013 MEDIUM POC This Month

PNGDec commit 8abf6be was discovered to contain a FPE via SaveBMP at /linux/main.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Pngdec
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35012 MEDIUM POC This Month

PNGDec commit 8abf6be was discovered to contain a heap buffer overflow via SaveBMP at /linux/main.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Pngdec
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35010 MEDIUM POC This Month

PNGDec commit 8abf6be was discovered to contain a heap buffer overflow via asan_interceptors_memintrinsics.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Pngdec
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35009 MEDIUM POC This Month

PNGDec commit 8abf6be was discovered to contain a memory allocation problem via asan_malloc_linux.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Pngdec
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35008 MEDIUM POC This Month

PNGDec commit 8abf6be was discovered to contain a stack overflow via /linux/main.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Pngdec
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35007 MEDIUM POC This Month

PNGDec commit 8abf6be was discovered to contain a heap buffer overflow via __interceptor_fwrite.part.57 at sanitizer_common_interceptors.inc. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Pngdec
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-36306 MEDIUM POC This Month

An authenticated attacker can enumerate and download sensitive files, including the eNodeB's web management UI's TLS private key, the web server binary, and the web server configuration file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Airvelocity 1500 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-24952 MEDIUM POC This Month

Several denial of service vulnerabilities exist in Eternal Terminal prior to version 6.2.0, including a DoS triggered remotely by an invalid sequence number and a local bug triggered by invalid input. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Eternal Terminal
NVD GitHub
CVSS 3.1
6.5
EPSS
1.3%
CVE-2022-36530 MEDIUM POC This Month

An issue was discovered in rageframe2 2.6.37. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Rageframe
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-25799 MEDIUM POC This Month

An open redirect vulnerability exists in CERT/CC VINCE software prior to 1.50.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect Vince
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-37437 CRITICAL Act Now

When using Ingest Actions to configure a destination that resides on Amazon Simple Storage Service (S3) in Splunk Web, TLS certificate validation is not correctly performed and tested for the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Splunk
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-34256 CRITICAL PATCH Act Now

Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Authorization vulnerability that could result in Privilege escalation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Privilege Escalation Commerce Magento
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2022-2662 CRITICAL Act Now

Sequi PortBloque S has a improper authentication issues which may allow an attacker to bypass the authentication process and gain user-level access to the device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Portbloque S Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-36242 CRITICAL Act Now

Clinic's Patient Management System v1.0 is vulnerable to SQL Injection via /pms/update_medicine.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Clinic S Patient Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-30264 CRITICAL Act Now

The Emerson ROC and FloBoss RTU product lines through 2022-05-02 perform insecure filesystem operations. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Dl8000 Firmware Roc809 Firmware Roc800L Firmware Fb3000 Rtu Firmware +1
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-36344 CRITICAL Act Now

An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with multiple products for corporate users as in Ichitaro through Pro5 and others. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Atok Medical 2 Atok Medical 3 Atok Pro 3 +57
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-38193 CRITICAL Act Now

There is a code injection vulnerability in Esri Portal for ArcGIS versions 10.8.1 and below that may allow a remote, unauthenticated attacker to pass strings which could potentially cause arbitrary. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Portal For Arcgis
NVD
CVSS 3.1
9.6
EPSS
0.7%
CVE-2022-38235 MEDIUM POC This Month

XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::getChar() at /xpdf/Stream.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Xpdf
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-38234 MEDIUM POC This Month

XPDF commit ffaf11c was discovered to contain a segmentation violation via Lexer::getObj(Object*) at /xpdf/Lexer.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Xpdf
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-38233 MEDIUM POC This Month

XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::readMCURow() at /xpdf/Stream.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Xpdf
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-38230 MEDIUM POC This Month

XPDF commit ffaf11c was discovered to contain a floating point exception (FPE) via DCTStream::decodeImage() at /xpdf/Stream.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Xpdf
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-36155 MEDIUM POC This Month

tifig v0.2.2 was discovered to contain a resource allocation issue via operator new(unsigned long) at asan_new_delete.cpp. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Tifig
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-36153 MEDIUM POC This Month

tifig v0.2.2 was discovered to contain a segmentation violation via std::vector<unsigned int, std::allocator<unsigned int> >::size() const at /bits/stl_vector.h. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Tifig
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-36152 MEDIUM POC This Month

tifig v0.2.2 was discovered to contain a memory leak via operator new[](unsigned long) at /asan/asan_new_delete.cpp. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tifig
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-36151 MEDIUM POC This Month

tifig v0.2.2 was discovered to contain a segmentation violation via getType() at /common/bbox.cpp. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Tifig
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-36150 MEDIUM POC This Month

tifig v0.2.2 was discovered to contain a heap-buffer overflow via __asan_memmove at /asan/asan_interceptors_memintrinsics.cpp. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tifig
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-36149 MEDIUM POC This Month

tifig v0.2.2 was discovered to contain a heap-use-after-free via temInfoEntry(). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Information Disclosure Use After Free Tifig
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-36148 MEDIUM POC This Month

fdkaac commit 53fe239 was discovered to contain a floating point exception (FPE) via wav_open at /src/wav_reader.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Fdkaac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-36146 MEDIUM POC This Month

SWFMill commit 53d7690 was discovered to contain a memory allocation issue via operator new[](unsigned long) at asan_new_delete.cpp. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Swfmill
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-36145 MEDIUM POC This Month

SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::Reader::getWord(). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Swfmill
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-36141 MEDIUM POC This Month

SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::MethodBody::write(SWF::Writer*, SWF::Context*). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Swfmill
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-36140 MEDIUM POC This Month

SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::DeclareFunction2::write(SWF::Writer*, SWF::Context*). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Swfmill
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy