Skip to main content
CVE-2022-2334 HIGH POC Act Now

The application searches for a library dll that is not found. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Edgeaggregator Edgeconnector Opc Opc Ua C Software Development Kit +2
NVD GitHub
CVSS 3.1
7.2
EPSS
9.5%
CVE-2022-1373 HIGH POC THREAT Act Now

The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Edgeaggregator Edgeconnector Opc Opc Ua C Software Development Kit +2
NVD GitHub
CVSS 3.1
7.2
EPSS
10.2%
CVE-2022-2862 HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 9.0.0221. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free Vim Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-2849 HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Heap Overflow Buffer Overflow Vim Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-31262 HIGH POC This Week

An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Privilege Escalation Galaxy
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-2845 HIGH POC PATCH This Week

Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Vim Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-36186 HIGH POC This Week

A Null Pointer dereference vulnerability exists in GPAC 2.1-DEV-revUNKNOWN-master via the function gf_filter_pid_set_property_full () at filter_core/filter_pid.c:5250,which causes a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gpac
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-36216 HIGH POC This Week

DedeCMS v5.7.94 - v5.7.97 was discovered to contain a remote code execution vulnerability in member_toadmin.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Code Injection Dedecms
NVD GitHub
CVSS 3.1
7.2
EPSS
1.7%
CVE-2022-36215 HIGH POC This Week

DedeBIZ v6 was discovered to contain a remote code execution vulnerability in sys_info.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Dedecmsv6
NVD GitHub
CVSS 3.1
7.2
EPSS
1.7%
CVE-2022-23765 HIGH This Week

This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Nas1Dual Firmware Nas2Dual Firmware Nas4Dual Firmware
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-1410 HIGH This Week

OS Command Injection vulnerability in the db_optimize component of Device42 Asset Management Appliance allows an authenticated attacker to execute remote code on the device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Cmdb
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-28752 HIGH This Week

Zoom Rooms for Conference Rooms for Windows versions before 5.11.0 are susceptible to a Local Privilege Escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Jwt Attack Privilege Escalation Rooms
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-28751 HIGH This Week

The Zoom Client for Meetings for MacOS (Standard and for IT Admin) before version 5.11.3 contains a vulnerability in the package signature validation during the update process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Apple Privilege Escalation Meetings
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-30262 HIGH This Week

The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Controlwave Pac Firmware Controlwave Micro Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-37459 HIGH This Week

Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Ampere Altra Firmware Ampere Altra Max Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-2547 HIGH This Week

A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Edgeaggregator Edgeconnector Opc +3
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-2337 HIGH This Week

A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Edgeaggregator Edgeconnector Opc +3
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-2335 HIGH This Week

A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Edgeaggregator Edgeconnector Opc +3
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-1748 HIGH This Week

Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Edgeaggregator Edgeconnector Opc +3
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-1069 HIGH This Week

A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Edgeaggregator Edgeconnector Opc +3
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-38149 HIGH PATCH This Week

HashiCorp Consul Template up to 0.27.2, 0.28.2, and 0.29.1 may expose the contents of Vault secrets in the error returned by the *template.Template.Execute method, when given a template using Vault. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Information Disclosure Consul Template
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-1401 HIGH This Week

Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an unauthenticated attacker to read sensitive server files with. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cmdb
NVD
CVSS 3.1
7.5
EPSS
18.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy