Skip to main content
CVE-2022-21225 HIGH POC This Week

Improper neutralization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Intel Privilege Escalation Data Center Manager
NVD
CVSS 3.1
8.0
EPSS
1.5%
CVE-2022-37049 HIGH POC This Week

The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tcpreplay Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-37048 HIGH POC This Week

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tcpreplay Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-37047 HIGH POC This Week

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tcpreplay Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-37768 HIGH POC This Week

libjpeg commit 281daa9 was discovered to contain an infinite loop via the component Frame::ParseTrailer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libjpeg
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-37062 HIGH POC This Week

All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Flir Ax8 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
2.6%
CVE-2022-37060 HIGH POC THREAT This Week

FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Flir Ax8 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
15.2%
CVE-2022-35198 HIGH POC This Week

Contract Management System v2.0 contains a weak default password which gives attackers to access database connection information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Contract Managment System
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-35173 HIGH POC PATCH This Week

An issue was discovered in Nginx NJS v0.7.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Nginx Information Disclosure Njs
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-23182 HIGH This Week

Improper access control in the Intel(R) Data Center Manager software before version 4.1 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Privilege Escalation Data Center Manager
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-21139 HIGH PATCH This Week

Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Intel Privilege Escalation Wireless Ac 9560 Firmware Wireless Ac 9462 Firmware Wireless Ac 9461 Firmware +6
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2022-26017 HIGH PATCH This Week

Improper access control in the Intel(R) DSA software for before version 22.2.14 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity.

Intel Privilege Escalation Driver Support Assistant
NVD
CVSS 3.1
8.0
EPSS
0.4%
CVE-2022-2625 HIGH This Week

A vulnerability was found in PostgreSQL. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE PostgreSQL Fedora Enterprise Linux
NVD
CVSS 3.1
8.0
EPSS
1.5%
CVE-2022-34488 HIGH PATCH This Week

Improper buffer restrictions in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Privilege Escalation Intel Buffer Overflow Lapbc510 Firmware Lapbc710 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-33209 HIGH PATCH This Week

Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Privilege Escalation Lapbc510 Firmware Lapbc710 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-28858 HIGH PATCH This Week

Improper buffer restriction in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Privilege Escalation Intel Buffer Overflow Lapbc510 Firmware Lapbc710 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-27493 HIGH PATCH This Week

Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable an escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Privilege Escalation Lapbc510 Firmware Lapbc710 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-28757 HIGH This Week

The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.6 contains a vulnerability in the auto update process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Privilege Escalation Meetings
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-28696 HIGH PATCH This Week

Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Python Intel Privilege Escalation Distribution For Python
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-26844 HIGH This Week

Insufficiently protected credentials in the installation binaries for Intel(R) SEAPI in all versions may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Single Event Api
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-26374 HIGH This Week

Uncontrolled search path in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Single Event Api
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-26344 HIGH This Week

Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Single Event Api
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-25999 HIGH This Week

Uncontrolled search path element in the Intel(R) Enpirion(R) Digital Power Configurator GUI software, all versions may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Enpirion Digital Power Configurator Gui
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-25966 HIGH This Week

Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Edge Insights For Industrial
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-25841 HIGH This Week

Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Intel Privilege Escalation Datacenter Group Event
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-21812 HIGH This Week

Improper access control in the Intel(R) HAXM software before version 7.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Hardware Accelerated Execution Manager
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-21807 HIGH PATCH This Week

Uncontrolled search path elements in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Privilege Escalation Vtune Profiler
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-21229 HIGH This Week

Improper buffer restrictions for some Intel(R) NUC 9 Extreme Laptop Kit drivers before version 2.2.0.22 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Control Center
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-21181 HIGH PATCH This Week

Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Privilege Escalation Wireless Ac 9560 Firmware Wireless Ac 9462 Firmware Wireless Ac 9461 Firmware +4
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-21148 HIGH This Week

Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Edge Insights For Industrial
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-37025 HIGH PATCH This Week

An improper privilege management vulnerability in McAfee Security Scan Plus (MSS+) before 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Privilege Escalation Security Scan Plus
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-30296 HIGH This Week

Insufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all versions, may allow an unauthenticated user to potentially enable information disclosure via network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Intel Datacenter Group Event
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-21197 HIGH PATCH This Week

Improper input validation for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Intel Denial Of Service Wireless Ac 9560 Firmware Wireless Ac 9462 Firmware Wireless Ac 9461 Firmware +6
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-21160 HIGH PATCH This Week

Improper buffer restrictions for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Intel Denial Of Service Buffer Overflow Wireless Ac 9560 Firmware Wireless Ac 9462 Firmware +7
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-37422 HIGH PATCH This Week

Payara through 5.2022.2 allows directory traversal without authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Payara
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-29549 HIGH This Week

An issue was discovered in Qualys Cloud Agent 4.8.0-49. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cloud Agent For Linux
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2022-32579 HIGH PATCH This Week

Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via physical access. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Intel Privilege Escalation Lapbc510 Firmware Lapbc710 Firmware
NVD
CVSS 3.1
7.2
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy